mechanize 2.7.6 → 2.8.2

data/lib/mechanize/form/hidden.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Form::Hidden < Mechanize::Form::Field
 end
 

data/lib/mechanize/form/image_button.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class represents an image button in a form.  Use the x and y methods to
 # set the x and y positions for where the mouse "clicked".

data/lib/mechanize/form/keygen.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class represents a keygen (public / private key generator) found in a
 # Form. The field will automatically generate a key pair and compute its own

data/lib/mechanize/form/multi_select_list.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class represents a select list where multiple values can be selected.
 # MultiSelectList#value= accepts an array, and those values are used as

data/lib/mechanize/form/option.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class contains an option found within SelectList.  A SelectList can
 # have many Option classes associated with it.  An option can be selected by

data/lib/mechanize/form/radio_button.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class represents a radio button found in a Form.  To activate the
 # RadioButton in the Form, set the checked method to true.

data/lib/mechanize/form/reset.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Form::Reset < Mechanize::Form::Button
 end
 

data/lib/mechanize/form/select_list.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # This class represents a select list or drop down box in a Form.  Set the
 # value for the list by calling SelectList#value=.  SelectList contains a list
 # of Option that were found.  After finding the correct option, set the select

data/lib/mechanize/form/submit.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Form::Submit < Mechanize::Form::Button
 end
 

data/lib/mechanize/form/text.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Form::Text < Mechanize::Form::Field
 end
 

data/lib/mechanize/form/textarea.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Form::Textarea < Mechanize::Form::Field
 end
 

data/lib/mechanize/headers.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Headers < Hash
   def [](key)
     super(key.downcase)

data/lib/mechanize/history.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class manages history for your mechanize object.
 

data/lib/mechanize/http.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # Mechanize::HTTP contains classes for communicated with HTTP servers.  All
 # API under this namespace is considered private and is subject to change at

data/lib/mechanize/http/agent.rb

@@ -1,6 +1,6 @@
+# frozen_string_literal: true
 require 'tempfile'
 require 'net/ntlm'
-require 'kconv'
 require 'webrobots'
 
 ##
@@ -9,6 +9,9 @@ require 'webrobots'
 
 class Mechanize::HTTP::Agent
 
+  CREDENTIAL_HEADERS = ['Authorization', 'Cookie']
+  POST_HEADERS = ['Content-Length', 'Content-MD5', 'Content-Type']
+
   # :section: Headers
 
   # Disables If-Modified-Since conditional requests (enabled by default)
@@ -838,7 +841,7 @@ class Mechanize::HTTP::Agent
 
     out_io
   rescue Zlib::Error => e
-    message = "error handling content-encoding #{response['Content-Encoding']}:"
+    message = String.new("error handling content-encoding #{response['Content-Encoding']}:")
     message << " #{e.message} (#{e.class})"
     raise Mechanize::Error, message
   ensure
@@ -986,14 +989,20 @@ class Mechanize::HTTP::Agent
 
     redirect_method = method == :head ? :head : :get
 
+    new_uri = secure_resolve!(response['Location'].to_s, page)
+    @history.push(page, page.uri)
+
     # Make sure we are not copying over the POST headers from the original request
-    ['Content-Length', 'Content-MD5', 'Content-Type'].each do |key|
-      headers.delete key
+    POST_HEADERS.each do |key|
+      headers.delete_if { |h| h.casecmp?(key) }
     end
 
-    new_uri = secure_resolve! response['Location'].to_s, page
-
-    @history.push(page, page.uri)
+    # Make sure we clear credential headers if being redirected to another site
+    if new_uri.host != page.uri.host
+      CREDENTIAL_HEADERS.each do |ch|
+        headers.delete_if { |h| h.casecmp?(ch) }
+      end
+    end
 
     fetch new_uri, redirect_method, headers, [], referer, redirects + 1
   end
@@ -1278,4 +1287,3 @@ class Mechanize::HTTP::Agent
 end
 
 require 'mechanize/http/auth_store'
-

data/lib/mechanize/http/auth_challenge.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::HTTP
 
   AuthChallenge = Struct.new :scheme, :params, :raw

data/lib/mechanize/http/auth_realm.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::HTTP::AuthRealm
 
   attr_reader :scheme

data/lib/mechanize/http/auth_store.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # A credential store for HTTP authentication.
 #

data/lib/mechanize/http/content_disposition_parser.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # coding: BINARY
 
 require 'strscan'
@@ -16,6 +17,7 @@ end
 # * Missing disposition-type
 # * Multiple semicolons
 # * Whitespace around semicolons
+# * Dates in ISO 8601 format
 
 class Mechanize::HTTP::ContentDispositionParser
 
@@ -93,7 +95,17 @@ class Mechanize::HTTP::ContentDispositionParser
               when /^filename$/ then
                 rfc_2045_value
               when /^(creation|modification|read)-date$/ then
-                Time.rfc822 rfc_2045_quoted_string
+                date = rfc_2045_quoted_string
+
+                begin
+                  Time.rfc822 date
+                rescue ArgumentError
+                  begin
+                    Time.iso8601 date
+                  rescue ArgumentError
+                    nil
+                  end
+                end
               when /^size$/ then
                 rfc_2045_value.to_i(10)
               else
@@ -125,7 +137,7 @@ class Mechanize::HTTP::ContentDispositionParser
   def rfc_2045_quoted_string
     return nil unless @scanner.scan(/"/)
 
-    text = ''
+    text = String.new
 
     while true do
       chunk = @scanner.scan(/[\000-\014\016-\041\043-\133\135-\177]+/) # not \r "

data/lib/mechanize/http/www_authenticate_parser.rb

@@ -1,4 +1,4 @@
-# coding: BINARY
+# frozen_string_literal: true
 
 require 'strscan'
 
@@ -151,10 +151,10 @@ class Mechanize::HTTP::WWWAuthenticateParser
   def quoted_string
     return nil unless @scanner.scan(/"/)
 
-    text = ''
+    text = String.new
 
     while true do
-      chunk = @scanner.scan(/[\r\n \t\041\043-\176\200-\377]+/) # not "
+      chunk = @scanner.scan(/[\r\n \t\x21\x23-\x7e\u0080-\u00ff]+/) # not " which is \x22
 
       if chunk then
         text << chunk

data/lib/mechanize/image.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # An Image holds downloaded data for an image/* response.
 

data/lib/mechanize/page.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class encapsulates an HTML page.  If Mechanize finds a content
 # type of 'text/html', this class will be instantiated and returned.
@@ -103,9 +104,9 @@ class Mechanize::Page < Mechanize::File
     parser = self.parser unless parser
     return false if parser.errors.empty?
     parser.errors.any? do |error|
-      error.message =~ /(indicate\ encoding)|
-                        (Invalid\ char)|
-                        (input\ conversion\ failed)/x
+      error.message.scrub =~ /(indicate\ encoding)|
+                              (Invalid\ char)|
+                              (input\ conversion\ failed)/x
     end
   end
 

data/lib/mechanize/page/base.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # A base element on an HTML page.  Mechanize treats base tags just like 'a'
 # tags.  Base objects will contain links, but most likely will have no text.

data/lib/mechanize/page/frame.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # A Frame object wraps a frame HTML element.  Frame objects can be treated
 # just like Link objects.  They contain #src, the #link they refer to and a
 # #name, the name of the frame they refer to.  #src and #name are aliased to

data/lib/mechanize/page/image.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # An image element on an HTML page
 

data/lib/mechanize/page/label.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # A form label on an HTML page
 

data/lib/mechanize/page/link.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class encapsulates links.  It contains the text and the URI for
 # 'a' tags parsed out of an HTML page.  If the link contains an image,
@@ -8,6 +9,8 @@
 #   <a href="http://example">Hello World</a>
 #   <a href="http://example"><img src="test.jpg" alt="Hello World"></a>
 
+require 'addressable/uri'
+
 class Mechanize::Page::Link
   attr_reader :node
   attr_reader :href
@@ -94,7 +97,11 @@ class Mechanize::Page::Link
                begin
                  URI.parse @href
                rescue URI::InvalidURIError
-                 URI.parse WEBrick::HTTPUtils.escape @href
+                 begin
+                   URI.parse(Addressable::URI.escape(@href))
+                 rescue Addressable::URI::InvalidURIError
+                   raise URI::InvalidURIError
+                 end
                end
              end
   end

data/lib/mechanize/page/meta_refresh.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class encapsulates a meta element with a refresh http-equiv.  Mechanize
 # treats meta refresh elements just like 'a' tags.  MetaRefresh objects will

data/lib/mechanize/parser.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # The parser module provides standard methods for accessing the headers and
 # content of a response that are shared across pluggable parsers.

data/lib/mechanize/pluggable_parsers.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'mechanize/file'
 require 'mechanize/file_saver'
 require 'mechanize/page'

data/lib/mechanize/prependable.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # Fake implementation of prepend(), which does not support overriding
 # inherited methods nor methods that are formerly overridden by
 # another invocation of prepend().

data/lib/mechanize/redirect_limit_reached_error.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # Raised when too many redirects are sent
 

data/lib/mechanize/redirect_not_get_or_head_error.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # Raised when a POST, PUT, or DELETE request results in a redirect
 # see RFC 2616 10.3.2, 10.3.3 http://www.ietf.org/rfc/rfc2616.txt

data/lib/mechanize/response_code_error.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # This error is raised when Mechanize encounters a response code it does not
 # know how to handle.  Currently, this exception will be thrown if Mechanize
 # encounters response codes other than 200, 301, or 302.  Any other response
@@ -16,7 +17,7 @@ class Mechanize::ResponseCodeError < Mechanize::Error
 
   def to_s
     response_class = Net::HTTPResponse::CODE_TO_OBJ[@response_code]
-    out = "#{@response_code} => #{response_class} "
+    out = String.new("#{@response_code} => #{response_class} ")
     out << "for #{@page.uri} " if @page.respond_to? :uri # may be HTTPResponse
     out << "-- #{super}"
   end

data/lib/mechanize/response_read_error.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # Raised when Mechanize encounters an error while reading the response body
 # from the server.  Contains the response headers and the response body up to

data/lib/mechanize/robots_disallowed_error.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # Exception that is raised when an access to a resource is disallowed by
 # robots.txt or by HTML document itself.
 

data/lib/mechanize/test_case.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'mechanize'
 require 'logger'
 require 'tempfile'
@@ -57,12 +58,12 @@ class Mechanize::TestCase < Minitest::Test
 
   def fake_page agent = @mech
     uri = URI 'http://fake.example/'
-    html = <<-END
-<html>
-<body>
-<form><input type="submit" value="submit" /></form>
-</body>
-</html>
+    html = String.new(<<~END)
+      <html>
+      <body>
+      <form><input type="submit" value="submit" /></form>
+      </body>
+      </html>
     END
 
     Mechanize::Page.new uri, nil, html, 200, agent
@@ -87,11 +88,9 @@ class Mechanize::TestCase < Minitest::Test
   # Creates a Mechanize::CookieJar by parsing the given +str+
 
   def cookie_jar str, uri = URI('http://example')
-    jar = Mechanize::CookieJar.new
-
-    jar.parse str, uri
-
-    jar
+    Mechanize::CookieJar.new.tap do |jar|
+      jar.parse str, uri
+    end
   end
 
   ##
@@ -109,22 +108,18 @@ class Mechanize::TestCase < Minitest::Test
   # Creates a Nokogiri Node +element+ with the given +attributes+
 
   def node element, attributes = {}
-    doc = Nokogiri::HTML::Document.new
-
-    node = Nokogiri::XML::Node.new element, doc
-
-    attributes.each do |name, value|
-      node[name] = value
+    Nokogiri::XML::Node.new(element, Nokogiri::HTML::Document.new).tap do |node|
+      attributes.each do |name, value|
+        node[name] = value
+      end
     end
-
-    node
   end
 
   ##
   # Creates a Mechanize::Page for the given +uri+ with the given
   # +content_type+, response +body+ and HTTP status +code+
 
-  def page uri, content_type = 'text/html', body = '', code = 200
+  def page uri, content_type = 'text/html', body = String.new, code = 200
     uri = URI uri unless URI::Generic === uri
 
     Mechanize::Page.new(uri, { 'content-type' => content_type }, body, code,
@@ -173,15 +168,25 @@ UQIBATANBgkqhkiG9w0BAQUFAANBAAAB////////////////////////////////
   # Creates a Tempfile with +content+ that is immediately unlinked
 
   def tempfile content
-    body_io = Tempfile.new @NAME
-    body_io.unlink
-    body_io.write content
-    body_io.flush
-    body_io.rewind
+    Tempfile.new(@NAME).tap do |body_io|
+      body_io.unlink
+      body_io.write content
+      body_io.flush
+      body_io.rewind
+    end
+  end
 
-    body_io
+  ##
+  # Returns true if the current platform is a Windows platform
+  def windows?
+    ::RUBY_PLATFORM =~ /mingw|mswin/
   end
 
+  ##
+  # Return the contents of the file without Windows carriage returns
+  def file_contents_without_cr(path)
+    File.read(path).gsub(/\r\n/, "\n")
+  end
 end
 
 require 'mechanize/test_case/servlets'
@@ -230,9 +235,9 @@ class Net::HTTP # :nodoc:
     else
       filename = "htdocs#{path.gsub(/[^\/\\.\w\s]/, '_')}"
       unless PAGE_CACHE[filename]
-        open("#{Mechanize::TestCase::TEST_DIR}/#{filename}", 'rb') { |io|
+        ::File.open("#{Mechanize::TestCase::TEST_DIR}/#{filename}", 'rb') do |io|
           PAGE_CACHE[filename] = io.read
-        }
+        end
       end
 
       res.body = PAGE_CACHE[filename]
@@ -312,7 +317,7 @@ class Response # :nodoc:
 
     def initialize
       @header = {}
-      @body = ''
+      @body = String.new
       @code = nil
       @query = nil
       @cookies = []