iodine 0.1.0 → 0.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 9451f837296bd4fecf60df42fd3cfee80d80ef0f
-  data.tar.gz: af0d8bf95137d229b23ee74aef4825f50a9aafa0
+  metadata.gz: 08fe1f8f8ebb9d46760123f8ca97f9811e350190
+  data.tar.gz: bccdc5e606be4dcb98a27f81b39f115d6ee3c37e
 SHA512:
-  metadata.gz: 6039e844f9b6658326a70fbadc12ebd61007b466a546100670382ce119d2d0bbf193497fc2c40a4fc36945352ad94e2f83f3a1c4f5f1a6a3c88f6c0719bf3dd1
-  data.tar.gz: 608df34266557cb59300dd08321c3dcef74a67c7f7f0eec343ae77ac823f440d2108b40008e8c744fd753199ca73b0dffdfb96fc9bad4a2ce1aaac362319d093
+  metadata.gz: b203fafc5965ae514600798dac5ac96ed61f9a54e5ef55b32bad1335c79844dbf1a967e0603530f68d48fadd919c4f4d81257917cdea0934c9d8ee9232573186
+  data.tar.gz: cb90e413302e828682192bc349c2cadcd1e817b9b3a5c3cb41139153deddcd08ea259e561d6b8c75a30742afb4536b9d74bf41e0ecf27f57b35c970ac0e9e7c7

data/CHANGELOG.md

@@ -0,0 +1,48 @@
+# Iodine
+[![Gem Version](https://badge.fury.io/rb/iodine.svg)](https://badge.fury.io/rb/iodine)
+[![Inline docs](http://inch-ci.org/github/boazsegev/iodine.svg?branch=master)](http://www.rubydoc.info/github/boazsegev/iodine/master/frames)
+
+Please notice that this change log contains changes for upcoming releases as well. Please refer to the current gem version to review the current release.
+
+## Changes:
+
+***
+
+Change log v.0.1.1
+
+**Fix**: Fixed an issue where slow processing of Http/1 requests could cause timeout disconnections to occur while the request is being processed.
+
+**Change/Security**: Uploads now use temporary files. Aceessing the data for file uploads should be done throught the `:file` property of the params hash (i.e. `params[:upload_field_name][:file]`). Using the `:data` property (old API) would cause the whole file to be dumped to the memory and the file's content will be returned as a String.
+
+**Change/Security**: Http upload limits are now enforced. The current default limit is about ~0.5GB.
+
+**Feature**: WebsocketClient now supports both an auto-connection-renewal and a polling machanism built in to the `WebsocketClient.connect` API. The polling feature is mostly a handy helper for testing, as it is assumed that connection renewal and pub/sub offer a better design than polling.
+
+**Logging**: Better Http error logging and recognition.
+
+***
+
+Change log v.0.1.0
+
+**First actual release**:
+
+We learn, we evolve, we change... but we remember our past and do our best to help with the transition and make it worth the toll it takes on our resources.
+
+I took much of the code used for GRHttp and GReactor, changed it, morphed it and united it into the singular Iodine gem. This includes Major API changes, refactoring of code, bug fixes and changes to the core approach of how a task/io based application should behave or be constructed.
+
+For example, Iodine kicks in automatically when the setup script is done, so that all code is run from within tasks and IO connections and no code is run in parallel to the Iodine engine.
+
+Another example, Iodine now favors Object Oriented code, so that some actions - such as writing a network service - require classes of objects to be declared or inherited (i.e. the Protocol class).
+
+This allows objects to manage their data as if they were in a single thread environment, unless the objects themselves are calling asynchronous code. For example, the Protocol class makes sure that the `on_open` and `on_message(data)` callbacks are excecuted within a Mutex (`on_close` is an exception to the rule since it is assumed that objects should be prepared to loose network connection at any moment).
+
+Another example is that real-life deployemnt preferences were favored over adjustability or features. This means that some command-line arguments are automatically recognized (such as the `-p <port>` argument) and thet Iodine assumes a single web service per script/process (whereas GReactor and GRHttp allowed multiple listening sockets).
+
+I tested this new gem during the 0.0.x version releases, and I feel that version 0.1.0 is stable enough to work with. For instance, I left the Iodine server running all night under stress (repeatedly benchmarking it)... millions of requests later, under heavey load, a restart wasn't required and memory consumption didn't show any increase after the warmup period.
+
+
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
+

data/README.md

@@ -127,6 +127,24 @@ end
 Iodine::Http.on_websocket WSChatServer
 ```
 
+### Security and limits
+
+Nobody wants their server to crash... Security measures are a fact of life as an internet entety. It is not only the theoretical malicious attacker from which a server must protect itself, but also from the unaware user or client.
+
+Mostly, it is assumed that Iodine will run behind a proxy (i.e. within a Heroku Dyno or viaduct.io process), as such it is assumed that the proxy will protect the Iodine Http server from undue stress.
+
+Having said that, Iodine is built with certain security measures in mind:
+
+- Iodine will not accept IO data (neither from new connections nor form existing ones) while still answering existing requests and performing tasks. This safeguards against task overloading and DoS attacks causing a global crash, allowing the server to resume normal operation once a DoS attack had run it's course (and potentially allowing legitimate requests to be answered while the attack is still underway).
+
+- Iodine will limit the query length (Http/1), header count and header data size as well as well as react to header overloading by immediate disconnections. Iodine's limits are hardcoded to be slightly more than double those of the common Proxies, so this counter-measure will only take effect should an attacker manage to bypass the Proxy.
+
+- Iodine limits every Http request body-size (file upload data, form data, etc') to ~0.5GB. This setting can be changed using `Iodine::Http.max_http_buffer`. This safeguard is meant to prevent Ruby from crashing due to insufficient memory (an error Iodine cannot, and should not, recover from).
+
+   It is recommended that this number will be lowered substantially whenever possible, by using `Iodine::Http.max_http_buffer = new_value`
+
+   Do be aware that, at the moment, file uploads are passed through the memory when parsed. The parser's memory consumption will hopefully decrese in future releases, however, it is always recomended that large data be avoided when possible or handled using download/upload management protocols and services.
+
 ## Server Usage: Plug in your network protocol
 
 Iodine is designed to help write network services (Servers) where each script is intended to implement a single server.

data/bin/hello_world

@@ -17,7 +17,7 @@ require "iodine/http"
 
 # Iodine.processes = 4
 
-Iodine.protocol.on_http { "Hello World!" }
+Iodine::Http.on_http { "Hello World!" }
 
 
 class WSChatServer < Iodine::Http::WebsocketHandler
@@ -46,7 +46,7 @@ Process.fork do
 
   Iodine.ssl = true
 	Iodine.port = 3030
-	Iodine.protocol.on_http do |req, res|
+	Iodine::Http.on_http do |req, res|
 		res.session[:count] ||= 0
 		res.session[:count] += 1
     res['content-type'] = 'text/plain'

data/lib/iodine/http.rb

@@ -7,6 +7,7 @@ require 'uri'
 require 'tmpdir'
 require 'zlib'
 require 'securerandom'
+require 'tempfile.rb'
 
 require 'iodine/http/request'
 require 'iodine/http/response'
@@ -94,11 +95,20 @@ module Iodine
 		def session_token= token
 			@session_token = token
 		end
-		# Sets the session token for the Http server (String). Defaults to the name of the script.
+		# Gets the session token for the Http server (String). Defaults to the name of the script.
 		def session_token
 			@session_token
 		end
 
+		# Sets the maximum bytes allowed for an HTTP's body request (file upload data). Defaults to the command line `-limit` argument, or ~0.25GB.
+		def max_http_buffer= size
+			@max_http_buffer = size
+		end
+		# Gets the maximum bytes allowed for an HTTP's body request (file upload data). Defaults to the command line `-limit` argument, or ~0.25GB.
+		def max_http_buffer
+			@max_http_buffer
+		end
+
 		# Sets whether Iodine will allow connections to the experiemntal Http2 protocol. Defaults to false unless the `http2` command line flag is present.
 		def http2= allow
 			@http2 = allow && true
@@ -149,6 +159,7 @@ module Iodine
 		protected
 
 		@http2 = (ARGV.index('http2') && true)
+		@max_http_buffer = ((ARGV.index('-limit') && ARGV[ARGV.index('-limit') + 1]) || 536_870_912).to_i
 
 		@websocket_app = @http_app = NOT_IMPLEMENTED = Proc.new { |i,o| false }
 		@session_token = "#{File.basename($0, '.*')}_uuid"

data/lib/iodine/http/http1.rb

@@ -16,9 +16,14 @@ module Iodine
 						request = (@request ||= ::Iodine::Http::Request.new(self))
 						unless request[:method]
 							l = data.gets.strip
+							if l.bytesize > 16_384
+								write "HTTP/1.0 414 Request-URI Too Long\r\ncontent-length: 20\r\n\r\nRequest URI too Long"
+								Iodine.warn "Http/1 URI too long, closing connection."
+								return close
+							end
 							next if l.empty?
 							request[:method], request[:query], request[:version] = l.split(/[\s]+/, 3)
-							return (Iodine.warn('Protocol Error, closing connection.') && close) unless request[:method] =~ HTTP_METHODS_REGEXP
+							return (Iodine.warn('Htt1 Protocol Error, closing connection.') && close) unless request[:method] =~ HTTP_METHODS_REGEXP
 							request[:version] = (request[:version] || '1.1'.freeze).match(/[\d\.]+/)[0]
 							request[:time_recieved] = Time.now
 						end
@@ -27,6 +32,8 @@ module Iodine
 								# n = l.slice!(0, l.index(':')); l.slice! 0
 								# n.strip! ; n.downcase!; n.freeze
 								# request[n] ? (request[n].is_a?(Array) ? (request[n] << l) : request[n] = [request[n], l ]) : (request[n] = l)
+								request[:headers_size] ||= 0
+								request[:headers_size] += l.bytesize
 								l = l.strip.split(/:[\s]?/, 2)
 								l[0].strip! ; l[0].downcase!;
 								request[l[0]] ? (request[l[0]].is_a?(Array) ? (request[l[0]] << l[1]) : request[l[0]] = [request[l[0]], l[1] ]) : (request[l[0]] = l[1])
@@ -37,6 +44,10 @@ module Iodine
 								Iodine.warn 'Protocol Error, closing connection.'
 								return close
 							end
+							if request.length > 2096 || request[:headers_size] > 262_144
+								write "HTTP/1.0 431 Request Header Fields Too Large\r\ncontent-length: 31\r\n\r\nRequest Header Fields Too Large"
+								return (Iodine.warn('Http1 header overloading, closing connection.') && close)
+							end
 						end
 						until request[:body_complete] && request[:headers_complete]
 							if request['transfer-coding'.freeze] == 'chunked'.freeze
@@ -48,7 +59,7 @@ module Iodine
 									return (Iodine.warn('Protocol Error, closing connection.') && close) unless @parser[:length]
 									request[:body_complete] = true && break if @parser[:length] == 0
 									@parser[:act_length] = 0
-									request[:body] ||= ''
+									request[:body] ||= Tempfile.new('iodine'.freeze, :encoding => 'binary'.freeze)
 								end
 								chunk = data.read(@parser[:length] - @parser[:act_length])
 								return false unless chunk
@@ -56,21 +67,27 @@ module Iodine
 								@parser[:act_length] += chunk.bytesize
 								(@parser[:act_length] = @parser[:length] = 0) && (data.gets) if @parser[:act_length] >= @parser[:length]
 							elsif request['content-length'.freeze] && request['content-length'.freeze].to_i != 0
-								request[:body] ||= ''
-								packet = data.read(request['content-length'.freeze].to_i - request[:body].bytesize)
+								request[:body] ||= Tempfile.new('iodine'.freeze, :encoding => 'binary'.freeze)
+								packet = data.read(request['content-length'.freeze].to_i - request[:body].size)
 								return false unless packet
 								request[:body] << packet
-								request[:body_complete] = true if request['content-length'.freeze].to_i - request[:body].bytesize <= 0
+								request[:body_complete] = true if request['content-length'.freeze].to_i - request[:body].size <= 0
 							elsif request['content-type'.freeze]
 								Iodine.warn 'Body type protocol error.' unless request[:body]
 								line = data.gets
 								return false unless line
-								(request[:body] ||= '') << line
+								(request[:body] ||= Tempfile.new('iodine'.freeze, :encoding => 'binary'.freeze) ) << line
 								request[:body_complete] = true if line =~ EOHEADERS
 							else
 								request[:body_complete] = true
 							end
 						end
+						if request[:body] && request[:body].size > ::Iodine::Http.max_http_buffer
+							Iodine.warn("Http1 message body too big, closing connection (Iodine::Http.max_http_buffer == #{::Iodine::Http.max_http_buffer} bytes) - #{request[:body].size} bytes.")
+							request.delete(:body).tap {|f| f.close unless f.closed? } rescue false
+							write "HTTP/1.0 413 Payload Too Large\r\ncontent-length: 17\r\n\r\nPayload Too Large"
+							return close
+						end
 						(@request = ::Iodine::Http::Request.new(self)) && ( (::Iodine::Http.http2 && ::Iodine::Http::Http2.handshake(request, self, data)) || dispatch(request, data) ) if request.delete :body_complete
 					end
 			end
@@ -95,7 +112,12 @@ module Iodine
 
 				send_headers response
 				return log_finished(response) if request.head?
-				(response.bytes_written += (write(body) || 0)) && (body.frozen? || body.clear) if body
+				if body
+					written = write(body)
+					return Iodine.warn "Http/1 couldn't send response because connection was lost." unless written
+					response.bytes_written += written
+					(body.frozen? || body.clear)
+				end
 				close unless keep_alive
 				log_finished response
 			end
@@ -108,9 +130,13 @@ module Iodine
 				end
 				return if response.request.head?
 				body = response.extract_body
-				response.bytes_written += stream_data(body) if body || finish
+				if body
+					written = stream_data(body)
+					return Iodine.warn "Http/1 couldn't send response because connection was lost." unless written
+					response.bytes_written += written
+				end
 				if finish
-					response.bytes_written += stream_data('') unless body.nil?
+					response.bytes_written += stream_data('')
 					log_finished response
 					close unless response.keep_alive
 				end
@@ -183,7 +209,7 @@ module Iodine
 				response.raw_cookies.freeze
 			end
 			def stream_data data = nil
-				 write("#{data.to_s.bytesize.to_s(16)}\r\n#{data.to_s}\r\n") || 0
+				 write("#{data.to_s.bytesize.to_s(16)}\r\n#{data.to_s}\r\n")
 			end
 
 			def log_finished response

data/lib/iodine/http/http2.rb

@@ -290,9 +290,15 @@ module Iodine
 
 				@header_buffer << frame[:body]
 
+				frame[:stream][:headers_size] ||= 0
+				frame[:stream][:headers_size] += frame[:body].bytesize
+
+				return (Iodine.warn('Http2 header overloading, closing connection.') && connection_error( ENHANCE_YOUR_CALM ) ) if frame[:stream][:headers_size] >  262_144
+
 				return unless frame[:flags][2] == 1 # fin
 
 				frame[:stream].update @hpack.decode(@header_buffer) # this is where HPACK comes in
+				return (Iodine.warn('Http2 header overloading, closing connection.') && connection_error( ENHANCE_YOUR_CALM ) ) if frame[:stream].length > 2096
 				frame[:stream][:time_recieved] ||= Time.now
 				frame[:stream][:version] ||= '2'.freeze
 
@@ -312,7 +318,13 @@ module Iodine
 					frame[:body] = frame[:body][1...(0 - frame[:body][0].ord)]
 				end
 
-				frame[:stream][:body] ? (frame[:stream][:body] << frame[:body]) : (frame[:stream][:body] = frame[:body])
+				(frame[:stream][:body] ||= Tempfile.new('iodine'.freeze, :encoding => 'binary'.freeze) ) << frame[:body]
+
+				# check request size
+				if frame[:stream][:body].size > ::Iodine::Http.max_http_buffer
+					Iodine.warn("Http2 payload (message size) too big (Iodine::Http.max_http_buffer == #{::Iodine::Http.max_http_buffer} bytes) - #{frame[:stream][:body].size} bytes.")
+					return connection_error( ENHANCE_YOUR_CALM )
+				end
 
 				process_request(@open_streams.delete frame[:sid]) if frame[:flags][0] == 1
 			end

data/lib/iodine/http/rack_support.rb

@@ -41,7 +41,7 @@ module Iodine
 				# env.each {|k, v| env[k] = @request[v] if v.is_a?(Symbol)}
 				RACK_ADDON.each {|k, v| env[k] = (request[v].is_a?(String) ? ( request[v].frozen? ? request[v].dup.force_encoding('ASCII-8BIT') : request[v].force_encoding('ASCII-8BIT') ): request[v])}
 				request.each {|k, v| env["HTTP_#{k.upcase.tr('-', '_')}"] = v if k.is_a?(String) }
-				env['rack.input'.freeze] ||= StringIO.new(''.force_encoding('ASCII-8BIT'.freeze))
+				env['rack.input'.freeze] ||= request[:body] || StringIO.new(''.force_encoding('ASCII-8BIT'.freeze))
 				env['CONTENT_LENGTH'.freeze] = env.delete 'HTTP_CONTENT_LENGTH'.freeze if env['HTTP_CONTENT_LENGTH'.freeze]
 				env['CONTENT_TYPE'.freeze] = env.delete 'HTTP_CONTENT_TYPE'.freeze if env['HTTP_CONTENT_TYPE'.freeze]
 				env['HTTP_VERSION'.freeze] = "HTTP/#{request[:version].to_s}"
@@ -64,7 +64,7 @@ module Iodine
 				# 'gr.cookies'		=> :cookies,
 				'REQUEST_METHOD'	=> :method,
 				'rack.url_scheme'	=> :scheme,
-				'rack.input'		=> :rack_input
+				'rack.input'		=> :body
 			}
 
 			RACK_DICTIONARY = {

data/lib/iodine/http/request.rb

@@ -206,6 +206,9 @@ module Iodine
 					# end
 				# end
 				return request if request[:client_ip]
+
+				request.delete :headers_size
+
 				request[:client_ip] = request['x-forwarded-for'.freeze].to_s.split(/,[\s]?/)[0] || (request[:io].io.to_io.remote_address.ip_address) rescue 'unknown IP'.freeze
 				request[:version] ||= '1'
 
@@ -262,7 +265,7 @@ module Iodine
 			end
 
 			# Adds paramaters to a Hash object, according to the Iodine's server conventions.
-			def self.add_param_to_hash name, value, target
+			def self.add_param_to_hash name, value, target, &block
 				begin
 					c = target
 					val = rubyfy! value
@@ -284,6 +287,7 @@ module Iodine
 						else
 							c[n] = val
 						end
+						c.default_proc = block if block
 					else
 						if c[n]
 							c[n].is_a?(Array) ? (c[n] << val) : (c[n] = [c[n], val])
@@ -340,80 +344,105 @@ module Iodine
 			# read the body's data and parse any incoming data.
 			def self.read_body request
 				# save body for Rack, if applicable
-				request[:rack_input] = StringIO.new(request[:body].dup.force_encoding(::Encoding::ASCII_8BIT)) if ::Iodine::Http.on_http == ::Iodine::Http::Rack
+				# request[:rack_input] = request[:body]  if ::Iodine::Http.on_http == ::Iodine::Http::Rack
 				# parse content
+				request[:body].rewind
 				case request['content-type'.freeze].to_s
 				when /x-www-form-urlencoded/
-					extract_params request.delete(:body).split(/[&;]/), request[:params] #, :form # :uri
+					extract_params request[:body].read.split(/[&;]/), request[:params] #, :form # :uri
 				when /multipart\/form-data/
-					read_multipart request, request, request.delete(:body)
+					read_multipart request, request
 				when /text\/xml/
 					# to-do support xml?
-					make_utf8! request[:body]
+					# request[:xml] = make_utf8! request[:body].read
 					nil
 				when /application\/json/
-					JSON.parse(make_utf8! request[:body]).each {|k, v| add_param_to_hash k, v, request[:params]} rescue true
+					JSON.parse(make_utf8! request[:body].read).each {|k, v| add_param_to_hash k, v, request[:params]} rescue true
 				end
+				request[:body].rewind if request[:body]
 			end
 
 			# parse a mime/multipart body or part.
-			def self.read_multipart request, headers, part, name_prefix = ''
-				if headers['content-type'].to_s =~ /multipart/i
-					tmp = {}
-					extract_header headers['content-type'].split(/[;,][\s]?/), tmp
-					boundry = tmp[:boundary]
-					if tmp[:name]
-						if name_prefix.empty?
-							name_prefix << tmp[:name]
-						else
-							name_prefix << "[#{tmp[:name]}]"
-						end
+			def self.read_multipart request, headers = {}, boundary = [], name_prefix = ''
+				body = request[:body]
+				return unless headers['content-type'].to_s =~ /multipart/i
+				part_headers = {}
+				extract_header headers['content-type'].split(/[;,][\s]?/), part_headers
+				boundary << part_headers[:boundary]
+				if part_headers[:name]
+					if name_prefix.empty?
+						name_prefix << part_headers[:name]
+					else
+						name_prefix << "[#{part_headers[:name]}]"
+					end
+				end
+				part_headers.delete :name
+				part_headers.clear
+				line = nil
+				boundary_length = nil
+				true until ( (line = body.gets) ) && line =~ /\A--(#{boundary.join '|'})(--)?[\r]?\n/
+				until body.eof?
+					return if line =~ /--[\r]?\n/
+					return boundary.pop if boundary.count > 1 && line.match(/--(#{boundary.join '|'})/)[1] != boundary.last
+					boundary_length = line.bytesize
+					line = body.gets until line.nil? || line =~ /\:/
+					until line.nil? || line =~ /^[\r]?\n/
+						tmp = line.strip.split ':', 2
+						return Iodine.error "Http multipart parsing error (multipart header data malformed): #{line}" unless tmp && tmp.count == 2
+						tmp[0].strip!; tmp[0].downcase!; tmp[1].strip!; 
+						part_headers[tmp[0]] = tmp[1]
+						line = body.gets
+					end
+					return if line.nil?
+					if !part_headers['content-disposition'.freeze]
+						Iodine.error "Wrong multipart format with headers: #{part_headers}"
+						return
+					end
+					extract_header part_headers['content-disposition'.freeze].split(/[;,][\s]?/), part_headers
+					if name_prefix.empty?
+						name = part_headers[:name][1..-2]
+					else
+						name = "#{name_prefix}[part_headers[:name][1..-2]}]"
 					end
-					part.split(/([\r]?\n)?--#{boundry}(--)?[\r]?\n/).each do |p|
-						unless p.strip.empty? || p=='--'.freeze
-							# read headers
-							h = {}
-							m = p.slice! /\A[^\r\n]*[\r]?\n/
-							while m
-								break if m =~ /\A[\r]?\n/
-								m = m.match(/^([^:]+):[\s]?([^\r\n]+)/)
-								h[m[1].downcase] = m[2] if m
-								m = p.slice! /\A[^\r\n]*[\r]?\n/
+					part_headers.delete :name
+
+					start_part_pos = body.pos
+					tmp = /\A--(#{boundary.join '|'})(--)?[\r]?\n/
+					line.clear until ( (line = body.gets) &&  line =~ tmp)
+					end_part_pos = (body.pos - line.bytesize) - 2
+					new_part_pos = body.pos 
+					body.pos = end_part_pos
+					end_part_pos += 1 unless body.getc == "\r"
+
+					if part_headers['content-type'.freeze]
+						if part_headers['content-type'.freeze] =~ /multipart/i
+							body.pos = start_part_pos
+							read_multipart request, part_headers, boundary, name_prefix
+						else
+							part_headers.delete 'content-disposition'.freeze
+							add_param_to_hash "#{name}[type]", make_utf8!(part_headers['content-type'.freeze]), request[:params]
+							part_headers.each {|k,v|  add_param_to_hash "#{name}[#{k.to_s}]", make_utf8!(v[0] == '"' ? v[1..-2].to_s : v), request[:params] if v}
+
+							tmp = Tempfile.new 'upload', encoding: 'binary'
+							body.pos = start_part_pos
+							((end_part_pos - start_part_pos)/65_536).to_i.times {tmp << body.read(65_536)} 
+							tmp << body.read(end_part_pos - body.pos)
+							add_param_to_hash "#{name}[size]", tmp.size, request[:params]
+							add_param_to_hash "#{name}[file]", tmp, request[:params] do |hash, key|
+								if key == :data || key == "data" && hash.has_key?(:file) && hash[:file].is_a?(::Tempfile)
+									hash[:file].rewind
+									(hash[:data] = hash[:file].read)
+								end
 							end
-							# send headers and body to be read
-							read_multipart request, h, p, name_prefix
+							tmp.rewind
 						end
+					else
+						body.pos = start_part_pos
+						add_param_to_hash name, uri_decode!( body.read(end_part_pos - start_part_pos) ), request[:params] 
 					end
-					return
-				end
-
-				# require a part body to exist (data exists) for parsing
-				return true if part.to_s.empty?
-
-				# convert part to `charset` if charset is defined?
-
-				if !headers['content-disposition'.freeze]
-					Iodine.error "Wrong multipart format with headers: #{headers} and body: #{part}"
-					return
+					body.pos = new_part_pos
 				end
 
-				cd = {}
-
-				extract_header headers['content-disposition'.freeze].split(/[;,][\s]?/), cd
-
-				if name_prefix.empty?
-					name = cd[:name][1..-2]
-				else
-					name = "#{name_prefix}[cd[:name][1..-2]}]"
-				end
-				if headers['content-type'.freeze]
-					add_param_to_hash "#{name}[data]", part, request[:params]
-					add_param_to_hash "#{name}[type]", make_utf8!(headers['content-type'.freeze]), request[:params]
-					cd.each {|k,v|  add_param_to_hash "#{name}[#{k.to_s}]", make_utf8!(v[1..-2].to_s), request[:params] unless k == :name || !v}
-				else
-					add_param_to_hash name, uri_decode!(part), request[:params]
-				end
-				true
 			end
 
 		end

data/lib/iodine/http/response.rb

@@ -238,6 +238,7 @@ module Iodine
 			# attempts to write a non-streaming response to the IO. This can be done only once and will quitely fail subsequently.
 			def finish
 				request[:io].send_response self
+				request.delete(:body).tap {|f| f.close unless f.respond_to?(:close) && f.closed? rescue false } if request[:body] && @http_sblocks_count.to_i == 0
 			end
 
 			# Returns the connection's UUID.
@@ -347,9 +348,9 @@ module Iodine
 					# response.cookies.set_response nil
 					@flash.freeze
 				end
-				[].tap do |arr|
-					@cookies.each {|k, v| arr << "#{k.to_s}=#{v.to_s}"}
-				end
+				arr = []
+				@cookies.each {|k, v| arr << "#{k.to_s}=#{v.to_s}"}
+				arr
 			end
 
 			protected
@@ -373,6 +374,7 @@ module Iodine
 			def finish_streaming
 				return unless @http_sblocks_count == 0
 				request[:io].stream_response self, true
+				request.delete(:body).tap {|f| f.close unless f.respond_to?(:close) && f.closed? rescue false } if request[:body]
 			end
 		end
 	end

data/lib/iodine/http/websocket_client.rb

@@ -8,16 +8,17 @@ module Iodine
 		# Use {Iodine::Http::WebsocketClient.connect} to initialize a client with all the callbacks needed.
 		class WebsocketClient
 		
-			attr_accessor :response, :request
+			attr_accessor :response, :request, :params
 
 			def initialize request
 				@response = nil
 				@request = request
-				params = request[:ws_client_params]
-				@on_message = params[:on_message]
+				@params = request[:ws_client_params]
+				@on_message = @params[:on_message]
 				raise "Websocket client must have an #on_message Proc or handler." unless @on_message && @on_message.respond_to?(:call)
-				@on_open = params[:on_open]
-				@on_close = params[:on_close]
+				@on_open = @params[:on_open]
+				@on_close = @params[:on_close]
+				@renew = @params[:renew].to_i
 			end
 
 			def on event_name, &block
@@ -41,16 +42,49 @@ module Iodine
 				instance_exec( data, &@on_message) 
 			end
 
-			def on_open(&block)
-				raise 'The on_open even is invalid at this point.' if block
+			def on_open
+				raise 'The on_open even is invalid at this point.' if block_given?
 				@io = @request[:io]
 				Iodine::Http::Request.parse @request
 				instance_exec(&@on_open) if @on_open
+				if request[:ws_client_params][:every] && @params[:send]
+					raise TypeError, "Websocket Client `:send` should be either a String or a Proc object." unless @params[:send].is_a?(String) || @params[:send].is_a?(Proc)
+					Iodine.run_every @params[:every], self, @params do |ws, client_params, timer|
+						if ws.closed?
+							timer.stop!
+							next
+						end
+						if client_params[:send].is_a?(String)
+							ws.write client_params[:send]
+						elsif client_params[:send].is_a?(Proc)
+							ws.instance_exec(&client_params[:send])
+						end
+					end
+				end
 			end
 
 			def on_close(&block)
-				@on_close = block if block
-				instance_exec(&@on_close) if @on_close
+				return @on_close = block if block
+				if @renew > 0
+					renew_proc = Proc.new do
+						begin
+							Iodine::Http::WebsocketClient.connect(@params[:url], @params)
+						rescue
+							@renew -= 1
+							if @renew <= 0
+								Iodine.fatal "WebsocketClient renewal FAILED for #{@params[:url]}"
+								instance_exec(&@on_close) if @on_close
+							else
+								Iodine.run_after 2, &renew_proc
+								Iodine.warn "WebsocketClient renewal failed for #{@params[:url]}, #{@renew} attempts left"
+							end
+							false
+						end
+					end
+					renew_proc.call
+				else
+					instance_exec(&@on_close) if @on_close
+				end
 			end
 
 			# Sends data through the socket. a shortcut for ws_client.response <<
@@ -96,13 +130,23 @@ module Iodine
 			# Acceptable options are:
 			# on_open:: the on_open callback. Must be an objects that answers `call(ws)`, usually a Proc.
 			# on_message:: the on_message callback. Must be an objects that answers `call(ws)`, usually a Proc.
-			# on_close:: the on_close callback. Must be an objects that answers `call(ws)`, usually a Proc.
+			# on_close:: the on_close callback - this will ONLY be called if the connection WASN'T renewed. Must be an objects that answers `call(ws)`, usually a Proc.
 			# headers:: a Hash of custom HTTP headers to be sent with the request. Header data, including cookie headers, should be correctly encoded.
 			# cookies:: a Hash of cookies to be sent with the request. cookie data will be encoded before being sent.
 			# timeout:: the number of seconds to wait before the connection is established. Defaults to 5 seconds.
+			# every:: this option, together with `:send` and `:renew`, implements a polling websocket. :every is the number of seconds between each polling event. without `:send`, this option will be ignored. defaults to nil.
+			# send:: a String to be sent or a Proc to be performed each polling interval. This option, together with `:every` and `:renew`, implements a polling websocket. without `:every`, this option will be ignored. defaults to nil. If `:send` is a Proc, it will be executed within the context of the websocket client object, with acess to the websocket client's instance variables and methods.
+			# renew:: the number of times to attempt to renew the connection if the connection is terminated by the remote server. Attempts are made in 2 seconds interval. The default for a polling websocket is 5 attempts to renew. For all other clients, the default is 0 (no renewal).
 			#
 			# The method will block until the connection is established or until 5 seconds have passed (the timeout). The method will either return a WebsocketClient instance object or raise an exception it the connection was unsuccessful.
 			#
+			# Use Iodine::Http.ws_connect for a non-blocking initialization.
+			#
+			# An #on_close callback will only be called if the connection isn't or cannot be renewed. If the connection is renewed,
+			# the #on_open callback will be called again for a new Websocket client instance - but the #on_close callback will NOT be called.
+			#
+			# Due to this design, the #on_open and #on_close methods should NOT be used for opening IO resources (i.e. file handles) nor for cleanup IF the `:renew` option is enabled.
+			#
 			# An on_message Proc must be defined, or the method will fail.
 			#
 			# The on_message Proc can be defined using the optional block:
@@ -136,6 +180,8 @@ module Iodine
 				options[:on_message] ||= block
 				raise "No #on_message handler defined! please pass a block or define an #on_message handler!" unless options[:on_message]
 				url = URI.parse(url) unless url.is_a?(URI)
+				options[:url] = url
+				options[:renew] ||= 5 if options[:every] && options[:send]
 
 				ssl = url.scheme == "https" || url.scheme == "wss"
 

data/lib/iodine/protocol.rb

@@ -49,9 +49,9 @@ module Iodine
 		end
 
 		# This method is called whenever a timeout has occurred. Either implement a ping or close the connection.
-		# The default implementation closes the connection.
+		# The default implementation closes the connection unless the protocol is still processing information received before timeout occurred.
 		def ping
-			close
+			close unless @locker.locked?
 		end
 
 		#############
@@ -98,6 +98,7 @@ module Iodine
 					r
 				end
 			rescue => e
+				# Iodine.info e.message
 				close
 			end
 		end

data/lib/iodine/version.rb

@@ -1,3 +1,3 @@
 module Iodine
-  VERSION = "0.1.0"
+  VERSION = "0.1.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: iodine
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Boaz Segev
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2015-10-23 00:00:00.000000000 Z
+date: 2015-10-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -61,6 +61,7 @@ extra_rdoc_files: []
 files:
 - ".gitignore"
 - ".travis.yml"
+- CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md