httparty 0.18.1 → 0.24.0

data/lib/httparty/request.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'erb'
 
 module HTTParty
@@ -44,6 +46,15 @@ module HTTParty
       end.flatten.join('&')
     end
 
+    def self._load(data)
+      http_method, path, options, last_response, last_uri, raw_request = Marshal.load(data)
+      instance = new(http_method, path, options)
+      instance.last_response = last_response
+      instance.last_uri = last_uri
+      instance.instance_variable_set("@raw_request", raw_request)
+      instance
+    end
+
     attr_accessor :http_method, :options, :last_response, :redirect, :last_uri
     attr_reader :path
 
@@ -87,11 +98,11 @@ module HTTParty
     end
 
     def uri
-      if redirect && path.relative? && path.path[0] != "/"
-        last_uri_host = @last_uri.path.gsub(/[^\/]+$/, "")
+      if redirect && path.relative? && path.path[0] != '/'
+        last_uri_host = @last_uri.path.gsub(/[^\/]+$/, '')
 
-        path.path = "/#{path.path}" if last_uri_host[-1] != "/"
-        path.path = last_uri_host + path.path
+        path.path = "/#{path.path}" if last_uri_host[-1] != '/'
+        path.path = "#{last_uri_host}#{path.path}"
       end
 
       if path.relative? && path.host
@@ -102,6 +113,8 @@ module HTTParty
         new_uri = path.clone
       end
 
+      validate_uri_safety!(new_uri) unless redirect
+
       # avoid double query string on redirects [#12]
       unless redirect
         new_uri.query = query_string(new_uri)
@@ -117,7 +130,7 @@ module HTTParty
     def base_uri
       if redirect
         base_uri = "#{@last_uri.scheme}://#{@last_uri.host}"
-        base_uri += ":#{@last_uri.port}" if @last_uri.port != 80
+        base_uri = "#{base_uri}:#{@last_uri.port}" if @last_uri.port != 80
         base_uri
       else
         options[:base_uri] && HTTParty.normalize_base_uri(options[:base_uri])
@@ -142,24 +155,28 @@ module HTTParty
       chunked_body = nil
       current_http = http
 
-      self.last_response = current_http.request(@raw_request) do |http_response|
-        if block
-          chunks = []
+      begin
+        self.last_response = current_http.request(@raw_request) do |http_response|
+          if block
+            chunks = []
 
-          http_response.read_body do |fragment|
-            encoded_fragment = encode_text(fragment, http_response['content-type'])
-            chunks << encoded_fragment if !options[:stream_body]
-            block.call ResponseFragment.new(encoded_fragment, http_response, current_http)
-          end
+            http_response.read_body do |fragment|
+              encoded_fragment = encode_text(fragment, http_response['content-type'])
+              chunks << encoded_fragment if !options[:stream_body]
+              block.call ResponseFragment.new(encoded_fragment, http_response, current_http)
+            end
 
-          chunked_body = chunks.join
+            chunked_body = chunks.join
+          end
         end
-      end
 
-      handle_host_redirection if response_redirects?
-      result = handle_unauthorized
-      result ||= handle_response(chunked_body, &block)
-      result
+        handle_host_redirection if response_redirects?
+        result = handle_unauthorized
+        result ||= handle_response(chunked_body, &block)
+        result
+      rescue *COMMON_NETWORK_ERRORS => e
+        raise options[:foul] ? HTTParty::NetworkError.new("#{e.class}: #{e.message}") : e
+      end
     end
 
     def handle_unauthorized(&block)
@@ -173,6 +190,13 @@ module HTTParty
       @raw_request.body
     end
 
+    def _dump(_level)
+      opts = options.dup
+      opts.delete(:logger)
+      opts.delete(:parser) if opts[:parser] && opts[:parser].is_a?(Proc)
+      Marshal.dump([http_method, path, opts, last_response, @last_uri, @raw_request])
+    end
+
     private
 
     def http
@@ -223,10 +247,21 @@ module HTTParty
         if body.multipart?
           content_type = "multipart/form-data; boundary=#{body.boundary}"
           @raw_request['Content-Type'] = content_type
+        elsif options[:body].respond_to?(:to_hash) && !@raw_request['Content-Type']
+          @raw_request['Content-Type'] = 'application/x-www-form-urlencoded'
+        end
+
+        if body.streaming? && options[:stream_body] != false
+          stream = body.to_stream
+          @raw_request.body_stream = stream
+          @raw_request['Content-Length'] = stream.size.to_s
+        else
+          @raw_request.body = body.call
         end
-        @raw_request.body = body.call
       end
 
+      @raw_request.instance_variable_set(:@decode_content, decompress_content?)
+
       if options[:basic_auth] && send_authorization_header?
         @raw_request.basic_auth(username, password)
         @credentials_sent = true
@@ -238,6 +273,10 @@ module HTTParty
       !!options[:digest_auth]
     end
 
+    def decompress_content?
+      !options[:skip_decompression]
+    end
+
     def response_unauthorized?
       !!last_response && last_response.code == '401'
     end
@@ -261,7 +300,7 @@ module HTTParty
         query_string_parts << options[:query] unless options[:query].nil?
       end
 
-      query_string_parts.reject!(&:empty?) unless query_string_parts == [""]
+      query_string_parts.reject!(&:empty?) unless query_string_parts == ['']
       query_string_parts.size > 0 ? query_string_parts.join('&') : nil
     end
 
@@ -269,37 +308,55 @@ module HTTParty
       options[:assume_utf16_is_big_endian]
     end
 
-    def handle_response(body, &block)
+    def handle_response(raw_body, &block)
       if response_redirects?
-        options[:limit] -= 1
-        if options[:logger]
-          logger = HTTParty::Logger.build(options[:logger], options[:log_level], options[:log_format])
-          logger.format(self, last_response)
-        end
-        self.path = last_response['location']
-        self.redirect = true
-        if last_response.class == Net::HTTPSeeOther
-          unless options[:maintain_method_across_redirects] && options[:resend_on_redirect]
-            self.http_method = Net::HTTP::Get
-          end
-        elsif last_response.code != '307' && last_response.code != '308'
-          unless options[:maintain_method_across_redirects]
-            self.http_method = Net::HTTP::Get
+        handle_redirection(&block)
+      else
+        raw_body ||= last_response.body
+
+        body = decompress(raw_body, last_response['content-encoding']) unless raw_body.nil?
+
+        unless body.nil?
+          body = encode_text(body, last_response['content-type'])
+
+          if decompress_content?
+            last_response.delete('content-encoding')
+            raw_body = body
           end
         end
-        capture_cookies(last_response)
-        perform(&block)
-      else
-        body ||= last_response.body
-        body = body.nil? ? body : encode_text(body, last_response['content-type'])
-        Response.new(self, last_response, lambda { parse_response(body) }, body: body)
+
+        Response.new(self, last_response, lambda { parse_response(body) }, body: raw_body)
+      end
+    end
+
+    def handle_redirection(&block)
+      options[:limit] -= 1
+      if options[:logger]
+        logger = HTTParty::Logger.build(options[:logger], options[:log_level], options[:log_format])
+        logger.format(self, last_response)
       end
+      self.path       = last_response['location']
+      self.redirect   = true
+      if last_response.class == Net::HTTPSeeOther
+        unless options[:maintain_method_across_redirects] && options[:resend_on_redirect]
+          self.http_method = Net::HTTP::Get
+        end
+      elsif last_response.code != '307' && last_response.code != '308'
+        unless options[:maintain_method_across_redirects]
+          self.http_method = Net::HTTP::Get
+        end
+      end
+      if http_method == Net::HTTP::Get
+        clear_body
+      end
+      capture_cookies(last_response)
+      perform(&block)
     end
 
     def handle_host_redirection
       check_duplicate_location_header
       redirect_path = options[:uri_adapter].parse(last_response['location']).normalize
-      return if redirect_path.relative? || path.host == redirect_path.host
+      return if redirect_path.relative? || path.host == redirect_path.host || uri.host == redirect_path.host
       @changed_hosts = true
     end
 
@@ -327,6 +384,14 @@ module HTTParty
       parser.call(body, format)
     end
 
+    # Some Web Application Firewalls reject incoming GET requests that have a body
+    # if we redirect, and the resulting verb is GET then we will clear the body that
+    # may be left behind from the initiating request
+    def clear_body
+      options[:body] = nil
+      @raw_request.body = nil
+    end
+
     def capture_cookies(response)
       return unless response['Set-Cookie']
       cookies_hash = HTTParty::CookieHash.new
@@ -368,6 +433,10 @@ module HTTParty
       end
     end
 
+    def decompress(body, encoding)
+      Decompressor.new(body, encoding).decompress
+    end
+
     def encode_text(text, content_type)
       TextEncoder.new(
         text,
@@ -375,5 +444,23 @@ module HTTParty
         assume_utf16_is_big_endian: assume_utf16_is_big_endian
       ).call
     end
+
+    def validate_uri_safety!(new_uri)
+      return if options[:skip_uri_validation]
+
+      configured_base_uri = options[:base_uri]
+      return unless configured_base_uri
+
+      normalized_base = options[:uri_adapter].parse(
+        HTTParty.normalize_base_uri(configured_base_uri)
+      )
+
+      return if new_uri.host == normalized_base.host
+
+      raise UnsafeURIError,
+        "Requested URI '#{new_uri}' has host '#{new_uri.host}' but the " \
+        "configured base_uri '#{normalized_base}' has host '#{normalized_base.host}'. " \
+        "This request could send credentials to an unintended server."
+    end
   end
 end

data/lib/httparty/response/headers.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'delegate'
 
 module HTTParty

data/lib/httparty/response.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module HTTParty
   class Response < Object
     def self.underscore(string)
@@ -49,14 +51,14 @@ module HTTParty
     end
 
     def inspect
-      inspect_id = ::Kernel::format "%x", (object_id * 2)
+      inspect_id = ::Kernel::format '%x', (object_id * 2)
       %(#<#{self.class}:0x#{inspect_id} parsed_response=#{parsed_response.inspect}, @response=#{response.inspect}, @headers=#{headers.inspect}>)
     end
 
     CODES_TO_OBJ = ::Net::HTTPResponse::CODE_CLASS_TO_OBJ.merge ::Net::HTTPResponse::CODE_TO_OBJ
 
     CODES_TO_OBJ.each do |response_code, klass|
-      name = klass.name.sub("Net::HTTP", '')
+      name = klass.name.sub('Net::HTTP', '')
       name = "#{underscore(name)}?".to_sym
 
       define_method(name) do
@@ -65,12 +67,12 @@ module HTTParty
     end
 
     # Support old multiple_choice? method from pre 2.0.0 era.
-    if ::RUBY_VERSION >= "2.0.0" && ::RUBY_PLATFORM != "java"
+    if ::RUBY_PLATFORM != 'java'
       alias_method :multiple_choice?, :multiple_choices?
     end
 
     # Support old status codes method from pre 2.6.0 era.
-    if ::RUBY_VERSION >= "2.6.0" && ::RUBY_PLATFORM != "java"
+    if ::RUBY_PLATFORM != 'java'
       alias_method :gateway_time_out?,                :gateway_timeout?
       alias_method :request_entity_too_large?,        :payload_too_large?
       alias_method :request_time_out?,                :request_timeout?
@@ -131,7 +133,7 @@ module HTTParty
     end
 
     def throw_exception
-      if @request.options[:raise_on] && @request.options[:raise_on].include?(code)
+      if @request.options[:raise_on].to_a.detect { |c| code.to_s.match(/#{c.to_s}/) }
         ::Kernel.raise ::HTTParty::ResponseError.new(@response), "Code #{code} - #{body}"
       end
     end

data/lib/httparty/response_fragment.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'delegate'
 
 module HTTParty

data/lib/httparty/text_encoder.rb

@@ -1,9 +1,11 @@
+# frozen_string_literal: true
+
 module HTTParty
   class TextEncoder
     attr_reader :text, :content_type, :assume_utf16_is_big_endian
 
     def initialize(text, assume_utf16_is_big_endian: true, content_type: nil)
-      @text = text.dup
+      @text = +text
       @content_type = content_type
       @assume_utf16_is_big_endian = assume_utf16_is_big_endian
     end
@@ -33,16 +35,16 @@ module HTTParty
     def encode_utf_16
       if text.bytesize >= 2
         if text.getbyte(0) == 0xFF && text.getbyte(1) == 0xFE
-          return text.force_encoding("UTF-16LE")
+          return text.force_encoding('UTF-16LE')
         elsif text.getbyte(0) == 0xFE && text.getbyte(1) == 0xFF
-          return text.force_encoding("UTF-16BE")
+          return text.force_encoding('UTF-16BE')
         end
       end
 
       if assume_utf16_is_big_endian # option
-        text.force_encoding("UTF-16BE")
+        text.force_encoding('UTF-16BE')
       else
-        text.force_encoding("UTF-16LE")
+        text.force_encoding('UTF-16LE')
       end
     end
 

data/lib/httparty/utils.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module HTTParty
   module Utils
     def self.stringify_keys(hash)

data/lib/httparty/version.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module HTTParty
-  VERSION = "0.18.1"
+  VERSION = '0.24.0'
 end

data/lib/httparty.rb

@@ -1,12 +1,8 @@
+# frozen_string_literal: true
+
 require 'pathname'
 require 'net/http'
-require 'net/https'
 require 'uri'
-require 'zlib'
-require 'multi_xml'
-require 'mime/types'
-require 'json'
-require 'csv'
 
 require 'httparty/module_inheritable_attributes'
 require 'httparty/cookie_hash'
@@ -16,6 +12,7 @@ require 'httparty/connection_adapter'
 require 'httparty/logger/logger'
 require 'httparty/request/body'
 require 'httparty/response_fragment'
+require 'httparty/decompressor'
 require 'httparty/text_encoder'
 require 'httparty/headers_processor'
 
@@ -26,8 +23,8 @@ module HTTParty
     base.send :include, ModuleInheritableAttributes
     base.send(:mattr_inheritable, :default_options)
     base.send(:mattr_inheritable, :default_cookies)
-    base.instance_variable_set("@default_options", {})
-    base.instance_variable_set("@default_cookies", CookieHash.new)
+    base.instance_variable_set(:@default_options, {})
+    base.instance_variable_set(:@default_cookies, CookieHash.new)
   end
 
   # == Common Request Options
@@ -65,6 +62,16 @@ module HTTParty
   # * :+ssl_ca_path+: see HTTParty::ClassMethods.ssl_ca_path.
 
   module ClassMethods
+    # Turns on or off the foul option.
+    #
+    #   class Foo
+    #     include HTTParty
+    #     foul true
+    #   end
+    def foul(bool)
+      default_options[:foul] = bool
+    end
+
     # Turns on logging
     #
     #   class Foo
@@ -81,7 +88,7 @@ module HTTParty
     #
     #   class Foo
     #     include HTTParty
-    #     raise_on [404, 500]
+    #     raise_on [404, 500, '5[0-9]*']
     #   end
     def raise_on(codes = [])
       default_options[:raise_on] = *codes
@@ -399,6 +406,22 @@ module HTTParty
       default_options[:ssl_version] = version
     end
 
+    # Deactivate automatic decompression of the response body.
+    # This will require you to explicitly handle body decompression
+    # by inspecting the Content-Encoding response header.
+    #
+    # Refer to docs/README.md "HTTP Compression" section for
+    # further details.
+    #
+    # @example
+    #   class Foo
+    #     include HTTParty
+    #     skip_decompression
+    #   end
+    def skip_decompression(value = true)
+      default_options[:skip_decompression] = !!value
+    end
+
     # Allows setting of SSL ciphers to use.  This only works in Ruby 1.9+.
     # You can get a list of valid specific ciphers from OpenSSL::Cipher.ciphers.
     # You also can specify a cipher suite here, listed here at openssl.org:
@@ -573,6 +596,13 @@ module HTTParty
       perform_request Net::HTTP::Unlock, path, options, &block
     end
 
+    def build_request(http_method, path, options = {})
+      options = ModuleInheritableAttributes.hash_deep_dup(default_options).merge(options)
+      HeadersProcessor.new(headers, options).call
+      process_cookies(options)
+      Request.new(http_method, path, options)
+    end
+
     attr_reader :default_options
 
     private
@@ -588,16 +618,13 @@ module HTTParty
     end
 
     def perform_request(http_method, path, options, &block) #:nodoc:
-      options = ModuleInheritableAttributes.hash_deep_dup(default_options).merge(options)
-      HeadersProcessor.new(headers, options).call
-      process_cookies(options)
-      Request.new(http_method, path, options).perform(&block)
+      build_request(http_method, path, options).perform(&block)
     end
 
     def process_cookies(options) #:nodoc:
       return unless options[:cookies] || default_cookies.any?
       options[:headers] ||= headers.dup
-      options[:headers]["cookie"] = cookies.merge(options.delete(:cookies) || {}).to_cookie_string
+      options[:headers]['cookie'] = cookies.merge(options.delete(:cookies) || {}).to_cookie_string
     end
 
     def validate_format
@@ -658,6 +685,10 @@ module HTTParty
   def self.options(*args, &block)
     Basement.options(*args, &block)
   end
+
+  def self.build_request(*args, &block)
+    Basement.build_request(*args, &block)
+  end
 end
 
 require 'httparty/hash_conversions'

data/script/release

@@ -18,9 +18,9 @@ gem_name=httparty
 rm -rf $gem_name-*.gem
 gem build -q $gem_name.gemspec
 
-# Make sure we're on the master branch.
-(git branch | grep -q '* master') || {
-  echo "Only release from the master branch."
+# Make sure we're on the main branch.
+(git branch | grep -q '* main') || {
+  echo "Only release from the main branch."
   exit 1
 }
 
@@ -39,4 +39,4 @@ git fetch -t origin
 
 # Tag it and bag it.
 gem push $gem_name-*.gem && git tag "$tag" &&
-  git push origin master && git push origin "$tag"
+  git push origin main && git push origin "$tag"

metadata

@@ -1,16 +1,30 @@
 --- !ruby/object:Gem::Specification
 name: httparty
 version: !ruby/object:Gem::Version
-  version: 0.18.1
+  version: 0.24.0
 platform: ruby
 authors:
 - John Nunemaker
 - Sandro Turriate
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-06-10 00:00:00.000000000 Z
+date: 2025-12-28 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: csv
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: multi_xml
   requirement: !ruby/object:Gem::Requirement
@@ -26,19 +40,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.5.2
 - !ruby/object:Gem::Dependency
-  name: mime-types
+  name: mini_mime
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 1.0.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: 1.0.0
 description: Makes http fun! Also, makes consuming restful web services dead easy.
 email:
 - nunemaker@gmail.com
@@ -48,11 +62,11 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".editorconfig"
+- ".github/dependabot.yml"
+- ".github/workflows/ci.yml"
 - ".gitignore"
 - ".rubocop.yml"
 - ".rubocop_todo.yml"
-- ".simplecov"
-- ".travis.yml"
 - CONTRIBUTING.md
 - Changelog.md
 - Gemfile
@@ -72,10 +86,12 @@ files:
 - examples/delicious.rb
 - examples/google.rb
 - examples/headers_and_user_agents.rb
+- examples/idn.rb
 - examples/logging.rb
 - examples/microsoft_graph.rb
 - examples/multipart.rb
 - examples/nokogiri_html_parser.rb
+- examples/party_foul_mode.rb
 - examples/peer_cert.rb
 - examples/rescue_json.rb
 - examples/rubyurl.rb
@@ -88,6 +104,7 @@ files:
 - lib/httparty.rb
 - lib/httparty/connection_adapter.rb
 - lib/httparty/cookie_hash.rb
+- lib/httparty/decompressor.rb
 - lib/httparty/exceptions.rb
 - lib/httparty/hash_conversions.rb
 - lib/httparty/headers_processor.rb
@@ -101,6 +118,7 @@ files:
 - lib/httparty/request.rb
 - lib/httparty/request/body.rb
 - lib/httparty/request/multipart_boundary.rb
+- lib/httparty/request/streaming_multipart_body.rb
 - lib/httparty/response.rb
 - lib/httparty/response/headers.rb
 - lib/httparty/response_fragment.rb
@@ -113,7 +131,8 @@ files:
 homepage: https://github.com/jnunemaker/httparty
 licenses:
 - MIT
-metadata: {}
+metadata:
+  changelog_uri: https://github.com/jnunemaker/httparty/releases
 post_install_message: When you HTTParty, you must party hard!
 rdoc_options: []
 require_paths:
@@ -122,15 +141,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.0.0
+      version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
-signing_key: 
+rubygems_version: 3.3.7
+signing_key:
 specification_version: 4
 summary: Makes http fun! Also, makes consuming restful web services dead easy.
 test_files: []

data/.simplecov

@@ -1 +0,0 @@
-SimpleCov.start "test_frameworks"

data/.travis.yml

@@ -1,11 +0,0 @@
-language: ruby
-rvm:
-  - 2.0.0
-  - 2.1.10
-  - 2.2.10
-  - 2.3.8
-  - 2.4.5
-  - 2.5.3
-  - 2.6.1
-bundler_args: --without development
-before_install: gem install bundler -v '< 2'