RubyGems - mechanize - Versions diffs - 2.7.6 → 2.8.2 - Mend

mechanize 2.7.6 → 2.8.2

Potentially problematic release.

This version of mechanize might be problematic. Click here for more details.

Files changed (119) hide show

checksums.yaml +5 -5
data/.github/dependabot.yml +11 -0
data/.github/workflows/ci-test.yml +53 -0
data/.yardopts +8 -0
data/{CHANGELOG.rdoc → CHANGELOG.md} +136 -87
data/EXAMPLES.rdoc +1 -24
data/Gemfile +1 -4
data/{LICENSE.rdoc → LICENSE.txt} +4 -0
data/README.md +77 -0
data/Rakefile +18 -3
data/examples/rubygems.rb +2 -2
data/lib/mechanize.rb +3 -2
data/lib/mechanize/chunked_termination_error.rb +1 -0
data/lib/mechanize/content_type_error.rb +1 -0
data/lib/mechanize/cookie.rb +1 -13
data/lib/mechanize/cookie_jar.rb +4 -12
data/lib/mechanize/directory_saver.rb +1 -0
data/lib/mechanize/download.rb +2 -1
data/lib/mechanize/element_matcher.rb +1 -0
data/lib/mechanize/element_not_found_error.rb +1 -0
data/lib/mechanize/file.rb +2 -1
data/lib/mechanize/file_connection.rb +5 -3
data/lib/mechanize/file_request.rb +1 -0
data/lib/mechanize/file_response.rb +4 -1
data/lib/mechanize/file_saver.rb +1 -0
data/lib/mechanize/form.rb +2 -10
data/lib/mechanize/form/button.rb +1 -0
data/lib/mechanize/form/check_box.rb +1 -0
data/lib/mechanize/form/field.rb +1 -0
data/lib/mechanize/form/file_upload.rb +1 -0
data/lib/mechanize/form/hidden.rb +1 -0
data/lib/mechanize/form/image_button.rb +1 -0
data/lib/mechanize/form/keygen.rb +1 -0
data/lib/mechanize/form/multi_select_list.rb +1 -0
data/lib/mechanize/form/option.rb +1 -0
data/lib/mechanize/form/radio_button.rb +1 -0
data/lib/mechanize/form/reset.rb +1 -0
data/lib/mechanize/form/select_list.rb +1 -0
data/lib/mechanize/form/submit.rb +1 -0
data/lib/mechanize/form/text.rb +1 -0
data/lib/mechanize/form/textarea.rb +1 -0
data/lib/mechanize/headers.rb +1 -0
data/lib/mechanize/history.rb +1 -0
data/lib/mechanize/http.rb +1 -0
data/lib/mechanize/http/agent.rb +16 -8
data/lib/mechanize/http/auth_challenge.rb +1 -0
data/lib/mechanize/http/auth_realm.rb +1 -0
data/lib/mechanize/http/auth_store.rb +1 -0
data/lib/mechanize/http/content_disposition_parser.rb +14 -2
data/lib/mechanize/http/www_authenticate_parser.rb +3 -3
data/lib/mechanize/image.rb +1 -0
data/lib/mechanize/page.rb +4 -3
data/lib/mechanize/page/base.rb +1 -0
data/lib/mechanize/page/frame.rb +1 -0
data/lib/mechanize/page/image.rb +1 -0
data/lib/mechanize/page/label.rb +1 -0
data/lib/mechanize/page/link.rb +8 -1
data/lib/mechanize/page/meta_refresh.rb +1 -0
data/lib/mechanize/parser.rb +1 -0
data/lib/mechanize/pluggable_parsers.rb +1 -0
data/lib/mechanize/prependable.rb +1 -0
data/lib/mechanize/redirect_limit_reached_error.rb +1 -0
data/lib/mechanize/redirect_not_get_or_head_error.rb +1 -0
data/lib/mechanize/response_code_error.rb +2 -1
data/lib/mechanize/response_read_error.rb +1 -0
data/lib/mechanize/robots_disallowed_error.rb +1 -0
data/lib/mechanize/test_case.rb +34 -29
data/lib/mechanize/test_case/bad_chunking_servlet.rb +1 -0
data/lib/mechanize/test_case/basic_auth_servlet.rb +1 -0
data/lib/mechanize/test_case/content_type_servlet.rb +1 -0
data/lib/mechanize/test_case/digest_auth_servlet.rb +1 -0
data/lib/mechanize/test_case/file_upload_servlet.rb +1 -0
data/lib/mechanize/test_case/form_servlet.rb +1 -0
data/lib/mechanize/test_case/gzip_servlet.rb +4 -3
data/lib/mechanize/test_case/header_servlet.rb +1 -0
data/lib/mechanize/test_case/http_refresh_servlet.rb +1 -0
data/lib/mechanize/test_case/infinite_redirect_servlet.rb +1 -0
data/lib/mechanize/test_case/infinite_refresh_servlet.rb +1 -0
data/lib/mechanize/test_case/many_cookies_as_string_servlet.rb +1 -0
data/lib/mechanize/test_case/many_cookies_servlet.rb +1 -0
data/lib/mechanize/test_case/modified_since_servlet.rb +1 -0
data/lib/mechanize/test_case/ntlm_servlet.rb +1 -0
data/lib/mechanize/test_case/one_cookie_no_spaces_servlet.rb +1 -0
data/lib/mechanize/test_case/one_cookie_servlet.rb +1 -0
data/lib/mechanize/test_case/quoted_value_cookie_servlet.rb +1 -0
data/lib/mechanize/test_case/redirect_servlet.rb +1 -0
data/lib/mechanize/test_case/referer_servlet.rb +1 -0
data/lib/mechanize/test_case/refresh_with_empty_url.rb +1 -0
data/lib/mechanize/test_case/refresh_without_url.rb +1 -0
data/lib/mechanize/test_case/response_code_servlet.rb +1 -0
data/lib/mechanize/test_case/robots_txt_servlet.rb +1 -0
data/lib/mechanize/test_case/send_cookies_servlet.rb +1 -0
data/lib/mechanize/test_case/server.rb +1 -0
data/lib/mechanize/test_case/servlets.rb +1 -0
data/lib/mechanize/test_case/verb_servlet.rb +5 -6
data/lib/mechanize/unauthorized_error.rb +1 -0
data/lib/mechanize/unsupported_scheme_error.rb +1 -0
data/lib/mechanize/util.rb +2 -1
data/lib/mechanize/version.rb +2 -1
data/lib/mechanize/xml_file.rb +1 -0
data/mechanize.gemspec +45 -35
data/test/htdocs/dir with spaces/foo.html +1 -0
data/test/htdocs/tc_links.html +1 -1
data/test/test_mechanize.rb +19 -7
data/test/test_mechanize_cookie.rb +19 -19
data/test/test_mechanize_cookie_jar.rb +85 -53
data/test/test_mechanize_download.rb +13 -1
data/test/test_mechanize_file.rb +10 -0
data/test/test_mechanize_file_connection.rb +21 -3
data/test/test_mechanize_file_response.rb +25 -1
data/test/test_mechanize_form.rb +12 -0
data/test/test_mechanize_form_keygen.rb +1 -0
data/test/test_mechanize_http_agent.rb +53 -8
data/test/test_mechanize_http_content_disposition_parser.rb +27 -0
data/test/test_mechanize_link.rb +24 -0
data/test/test_mechanize_page_encoding.rb +28 -1
metadata +117 -71
data/.travis.yml +0 -36
data/README.rdoc +0 -77

data/lib/mechanize/test_case/bad_chunking_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class BadChunkingServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET req, res
     res.keep_alive = false if res.respond_to? :keep_alive=

data/lib/mechanize/test_case/basic_auth_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class BasicAuthServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req,res)
     htpd = nil

data/lib/mechanize/test_case/content_type_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class ContentTypeServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     ct = req.query['ct'] || "text/html; charset=utf-8"

data/lib/mechanize/test_case/digest_auth_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'logger'
 class DigestAuthServlet < WEBrick::HTTPServlet::AbstractServlet

data/lib/mechanize/test_case/file_upload_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class FileUploadServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_POST req, res
     res.body = req.body

data/lib/mechanize/test_case/form_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class FormServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     res.content_type = 'text/html'

data/lib/mechanize/test_case/gzip_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'stringio'
 require 'zlib'
@@ -13,8 +14,8 @@ class GzipServlet < WEBrick::HTTPServlet::AbstractServlet
     end
     if name = req.query['file'] then
-      open "#{TEST_DIR}/htdocs/#{name}" do |io|
-        string = ""
+      ::File.open("#{TEST_DIR}/htdocs/#{name}") do |io|
+        string = String.new
         zipped = StringIO.new string, 'w'
         Zlib::GzipWriter.wrap zipped do |gz|
           gz.write io.read
@@ -22,7 +23,7 @@ class GzipServlet < WEBrick::HTTPServlet::AbstractServlet
         res.body = string
       end
     else
-      res.body = ''
+      res.body = String.new
     end
     res['Content-Encoding'] = req['X-ResponseContentEncoding'] || 'gzip'

data/lib/mechanize/test_case/header_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class HeaderServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     res.content_type = "text/plain"

data/lib/mechanize/test_case/http_refresh_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class HttpRefreshServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     res['Content-Type'] = req.query['ct'] || "text/html"

data/lib/mechanize/test_case/infinite_redirect_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class InfiniteRedirectServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     res['Content-Type'] = req.query['ct'] || "text/html"

data/lib/mechanize/test_case/infinite_refresh_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class InfiniteRefreshServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     address = "#{req.host}:#{req.port}"

data/lib/mechanize/test_case/many_cookies_as_string_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class ManyCookiesAsStringServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     cookies = []

data/lib/mechanize/test_case/many_cookies_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class ManyCookiesServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     name_cookie = WEBrick::Cookie.new("name", "Aaron")

data/lib/mechanize/test_case/modified_since_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class ModifiedSinceServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     s_time = 'Fri, 04 May 2001 00:00:38 GMT'

data/lib/mechanize/test_case/ntlm_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class NTLMServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)

data/lib/mechanize/test_case/one_cookie_no_spaces_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class OneCookieNoSpacesServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     cookie = WEBrick::Cookie.new("foo", "bar")

data/lib/mechanize/test_case/one_cookie_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class OneCookieServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     cookie = WEBrick::Cookie.new("foo", "bar")

data/lib/mechanize/test_case/quoted_value_cookie_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class QuotedValueCookieServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     cookie = WEBrick::Cookie.new("quoted", "\"value\"")

data/lib/mechanize/test_case/redirect_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class RedirectServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     res['Content-Type'] = req.query['ct'] || 'text/html'

data/lib/mechanize/test_case/referer_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class RefererServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     res['Content-Type'] = "text/html"

data/lib/mechanize/test_case/refresh_with_empty_url.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class RefreshWithEmptyUrl < WEBrick::HTTPServlet::AbstractServlet
   @@count = 0
   def do_GET(req, res)

data/lib/mechanize/test_case/refresh_without_url.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class RefreshWithoutUrl < WEBrick::HTTPServlet::AbstractServlet
   @@count = 0
   def do_GET(req, res)

data/lib/mechanize/test_case/response_code_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class ResponseCodeServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     res['Content-Type'] = req.query['ct'] || "text/html"

data/lib/mechanize/test_case/robots_txt_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class RobotsTxtServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     if /301/ === req['Host'] && req.path == '/robots.txt'

data/lib/mechanize/test_case/send_cookies_servlet.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class SendCookiesServlet < WEBrick::HTTPServlet::AbstractServlet
   def do_GET(req, res)
     res.content_type = 'text/html'

data/lib/mechanize/test_case/server.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'webrick'
 require 'mechanize/test_case/servlets'

data/lib/mechanize/test_case/servlets.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'mechanize/test_case/bad_chunking_servlet'
 require 'mechanize/test_case/basic_auth_servlet'
 require 'mechanize/test_case/content_type_servlet'

data/lib/mechanize/test_case/verb_servlet.rb CHANGED Viewed

@@ -1,11 +1,10 @@
+# frozen_string_literal: true
 class VerbServlet < WEBrick::HTTPServlet::AbstractServlet
   %w[HEAD GET POST PUT DELETE].each do |verb|
-    eval <<-METHOD
-      def do_#{verb}(req, res)
-        res.header['X-Request-Method'] = #{verb.dump}
-        res.body = #{verb.dump}
-      end
-    METHOD
+    define_method "do_#{verb}" do |req, res|
+      res.header['X-Request-Method'] = verb
+      res.body = verb
+    end
   end
 end

data/lib/mechanize/unauthorized_error.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::UnauthorizedError < Mechanize::ResponseCodeError
   attr_reader :challenges

data/lib/mechanize/unsupported_scheme_error.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::UnsupportedSchemeError < Mechanize::Error
   attr_accessor :scheme, :uri

data/lib/mechanize/util.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'cgi'
 require 'nkf'
@@ -15,7 +16,7 @@ class Mechanize::Util
     def build_query_string(parameters, enc = nil)
       each_parameter(parameters).inject(nil) { |s, (k, v)|
         # WEBrick::HTTP.escape* has some problems about m17n on ruby-1.9.*.
-        (s.nil? ? '' : s << '&') << [CGI.escape(k.to_s), CGI.escape(v.to_s)].join('=')
+        (s.nil? ? String.new : s << '&') << [CGI.escape(k.to_s), CGI.escape(v.to_s)].join('=')
       } || ''
     end

data/lib/mechanize/version.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize
-  VERSION = "2.7.6"
+  VERSION = "2.8.2"
 end

data/lib/mechanize/xml_file.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class encapsulates an XML file. If Mechanize finds a content-type
 # of 'text/xml' or 'application/xml' this class will be instantiated and

data/mechanize.gemspec CHANGED Viewed

@@ -1,20 +1,19 @@
 # coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'mechanize/version'
+# frozen_string_literal: true
+require_relative 'lib/mechanize/version'
 Gem::Specification.new do |spec|
-  spec.name          = "mechanize"
-  spec.version       = Mechanize::VERSION
-  spec.homepage      = "http://docs.seattlerb.org/mechanize/"
-  spec.summary       = %q{The Mechanize library is used for automating interaction with websites}
-  spec.description   =
+  spec.name = "mechanize"
+  spec.version = Mechanize::VERSION
+  spec.homepage = "https://github.com/sparklemotion/mechanize"
+  spec.summary = 'The Mechanize library is used for automating interaction with websites'
+  spec.description =
     [
       "The Mechanize library is used for automating interaction with websites.",
       "Mechanize automatically stores and sends cookies, follows redirects,",
       "and can follow links and submit forms.  Form fields can be populated and",
       "submitted.  Mechanize also keeps track of the sites that you have visited as",
-      "a history."
+      "a history.",
     ].join("\n")
   spec.authors =
@@ -23,44 +22,55 @@ Gem::Specification.new do |spec|
       'Aaron Patterson',
       'Mike Dalessio',
       'Akinori MUSHA',
-      'Lee Jarvis'
+      'Lee Jarvis',
     ]
   spec.email =
     [
       'drbrain@segment7.net',
-      'aaronp@rubyforge.org',
+      'aaron.patterson@gmail.com',
       'mike.dalessio@gmail.com',
       'knu@idaemons.org',
-      'ljjarvis@gmail.com'
+      'ljjarvis@gmail.com',
     ]
-  spec.license           = "MIT"
+  spec.metadata = {
+    'yard.run'          => 'yard',
+    'bug_tracker_uri'   => 'https://github.com/sparklemotion/mechanize/issues',
+    'changelog_uri'     => 'https://github.com/sparklemotion/mechanize/blob/main/CHANGELOG.md',
+    'documentation_uri' => 'https://www.rubydoc.info/gems/mechanize',
+    'homepage_uri'      => 'https://github.com/sparklemotion/mechanize',
+    'source_code_uri'   => 'https://github.com/sparklemotion/mechanize'
+  }
+  spec.license = "MIT"
   spec.require_paths = ["lib"]
-  spec.files         = `git ls-files`.split($/)
-  spec.test_files    = spec.files.grep(%r{^test/})
+  spec.files = %x(git ls-files).split($/)
+  spec.test_files = spec.files.grep(%r{^test/})
+  spec.extra_rdoc_files += Dir['*.rdoc', '*.md']
+  spec.rdoc_options = ["--main", "README.md"]
+  spec.required_ruby_version = ">= 2.5.0"
-  spec.extra_rdoc_files += Dir['*.rdoc']
-  spec.rdoc_options     = ["--main", "README.rdoc"]
+  spec.add_runtime_dependency("addressable", "~> 2.8")
+  spec.add_runtime_dependency("domain_name", ">= 0.5.20190701", "~> 0.5")
+  spec.add_runtime_dependency("http-cookie", ">= 1.0.3", "~> 1.0")
+  spec.add_runtime_dependency("mime-types", "~> 3.0")
+  spec.add_runtime_dependency("net-http-digest_auth", ">= 1.4.1", "~> 1.4")
-  spec.required_ruby_version = ">= 1.9.2"
+  # careful! some folks are relying on older versions of net-http-persistent
+  # - see the socks proxy patch in use at #507 and #464
+  # - see use of retry_change_requests that was removed at #558
+  spec.add_runtime_dependency("net-http-persistent", ">= 2.5.2", "< 5.0.dev")
-  spec.add_runtime_dependency "net-http-digest_auth", [ ">= 1.1.1", "~> 1.1" ]
-  if RUBY_VERSION >= "2.0"
-    spec.add_runtime_dependency "mime-types", [ ">= 1.17.2" ]
-    spec.add_runtime_dependency "net-http-persistent", [ ">= 2.5.2"]
-  else
-    spec.add_runtime_dependency "mime-types", [ ">= 1.17.2", "< 3" ]
-    spec.add_runtime_dependency "net-http-persistent", [ ">= 2.5.2", "~> 2.5" ]
-  end
-  spec.add_runtime_dependency "http-cookie",          [ "~> 1.0" ]
-  spec.add_runtime_dependency "nokogiri",             [ "~> 1.6" ]
-  spec.add_runtime_dependency "ntlm-http",            [ ">= 0.1.1", "~> 0.1"   ]
-  spec.add_runtime_dependency "webrobots",            [ "< 0.2",    ">= 0.0.9" ]
-  spec.add_runtime_dependency "domain_name",          [ ">= 0.5.1", "~> 0.5"   ]
+  spec.add_runtime_dependency("nokogiri", ">= 1.11.2", "~> 1.11")
+  spec.add_runtime_dependency("rubyntlm", ">= 0.6.3", "~> 0.6")
+  spec.add_runtime_dependency("webrick", "~> 1.7")
+  spec.add_runtime_dependency("webrobots", "~> 0.1.2")
-  spec.add_development_dependency "rake"
-  spec.add_development_dependency "bundler",  "~> 1.3"
-  spec.add_development_dependency "rdoc",     "~> 4.0"
-  spec.add_development_dependency "minitest", "~> 5.0"
+  spec.add_development_dependency("minitest", "~> 5.14")
+  spec.add_development_dependency("rake", "~> 13.0")
+  spec.add_development_dependency("rdoc", "~> 6.3")
+  spec.add_development_dependency("rubocop", "~> 1.12")
 end

data/test/htdocs/dir with spaces/foo.html CHANGED Viewed

	@@ -1 +1,2 @@
1 1	HELLO
2	+

data/test/htdocs/tc_links.html CHANGED Viewed

@@ -7,7 +7,7 @@
     <a href="thing.html" class="thing_link">Thing!</a>
     <a href="thing.html">Ruby <b>Rocks!</b></a>
     <!-- Testing a bug with escaped stuff in links:
-      http://rubyforge.org/pipermail/mechanize-users/2006-September/000002.html
+      http://rubygems.org/pipermail/mechanize-users/2006-September/000002.html
     -->
     <a href="link%20with%20space.html">encoded space</a>
     <a href="link with space.html">not encoded space</a>

data/test/test_mechanize.rb CHANGED Viewed

@@ -345,6 +345,15 @@ but not <a href="/" rel="me nofollow">this</a>!
     end
   end
+  def test_download_does_not_allow_command_injection
+    skip if windows?
+    in_tmpdir do
+      @mech.download('http://example', '| ruby -rfileutils -e \'FileUtils.touch("vul.txt")\'')
+      refute_operator(File, :exist?, "vul.txt")
+    end
+  end
   def test_get
     uri = URI 'http://localhost'
@@ -689,9 +698,7 @@ but not <a href="/" rel="me nofollow">this</a>!
   end
   def test_get_space
-    page = nil
-    page = @mech.get("http://localhost/tc_bad_links.html ")
+    @mech.get("http://localhost/tc_bad_links.html ")
     assert_match(/tc_bad_links.html$/, @mech.history.last.uri.to_s)
@@ -943,7 +950,7 @@ but not <a href="/" rel="me nofollow">this</a>!
       "Content-Disposition: form-data; name=\"userfile1\"; filename=\"#{name}\"",
       page.body
     )
-    assert_operator page.body.bytesize, :>, File.size(__FILE__)
+    assert_operator page.body.bytesize, :>, file_contents_without_cr(__FILE__).length
   end
   def test_post_file_upload_nonascii
@@ -962,7 +969,7 @@ but not <a href="/" rel="me nofollow">this</a>!
       page.body
     )
     assert_match("Content-Type: application/zip", page.body)
-    assert_operator page.body.bytesize, :>, File.size(__FILE__)
+    assert_operator page.body.bytesize, :>, file_contents_without_cr(__FILE__).length
   end
   def test_post_file_upload
@@ -981,7 +988,7 @@ but not <a href="/" rel="me nofollow">this</a>!
       page.body
     )
     assert_match("Content-Type: application/zip", page.body)
-    assert_operator page.body.bytesize, :>, File.size(__FILE__)
+    assert_operator page.body.bytesize, :>, file_contents_without_cr(__FILE__).length
   end
   def test_post_redirect
@@ -1056,6 +1063,11 @@ but not <a href="/" rel="me nofollow">this</a>!
   end
   def test_retry_change_requests_equals
+    unless Gem::Requirement.new("< 4.0.0").satisfied_by?(Gem::Version.new(Net::HTTP::Persistent::VERSION))
+      # see https://github.com/drbrain/net-http-persistent/pull/100
+      skip("net-http-persistent 4.0.0 and later does not support retry_change_requests")
+    end
     refute @mech.retry_change_requests
     @mech.retry_change_requests = true
@@ -1171,7 +1183,7 @@ but not <a href="/" rel="me nofollow">this</a>!
     page = @mech.submit(form)
-    contents = File.binread __FILE__
+    contents = File.binread(__FILE__).gsub(/\r\n/, "\n")
     basename = File.basename __FILE__
     assert_match(

data/test/test_mechanize_cookie.rb CHANGED Viewed

@@ -141,7 +141,7 @@ class TestMechanizeCookie < Mechanize::TestCase
   def test_parse_date_fail
     url = URI.parse('http://localhost/')
-    dates = [
+    dates = [
               "20/06/95 21:07",
     ]
@@ -290,16 +290,16 @@ class TestMechanizeCookie < Mechanize::TestCase
   end
   def test_parse_valid_cookie
-    url = URI.parse('http://rubyforge.org/')
+    url = URI.parse('http://rubygems.org/')
     cookie_params = {}
     cookie_params['expires']   = 'expires=Sun, 27-Sep-2037 00:00:00 GMT'
     cookie_params['path']      = 'path=/'
-    cookie_params['domain']    = 'domain=.rubyforge.org'
+    cookie_params['domain']    = 'domain=.rubygems.org'
     cookie_params['httponly']  = 'HttpOnly'
     cookie_value = '12345%7D=ASDFWEE345%3DASda'
     expires = Time.parse('Sun, 27-Sep-2037 00:00:00 GMT')
     cookie_params.keys.combine.each do |c|
       cookie_text = "#{cookie_value}; "
       c.each_with_index do |key, idx|
@@ -325,16 +325,16 @@ class TestMechanizeCookie < Mechanize::TestCase
   end
   def test_parse_valid_cookie_empty_value
-    url = URI.parse('http://rubyforge.org/')
+    url = URI.parse('http://rubygems.org/')
     cookie_params = {}
     cookie_params['expires']   = 'expires=Sun, 27-Sep-2037 00:00:00 GMT'
     cookie_params['path']      = 'path=/'
-    cookie_params['domain']    = 'domain=.rubyforge.org'
+    cookie_params['domain']    = 'domain=.rubygems.org'
     cookie_params['httponly']  = 'HttpOnly'
     cookie_value = '12345%7D='
     expires = Time.parse('Sun, 27-Sep-2037 00:00:00 GMT')
     cookie_params.keys.combine.each do |c|
       cookie_text = "#{cookie_value}; "
       c.each_with_index do |key, idx|
@@ -361,16 +361,16 @@ class TestMechanizeCookie < Mechanize::TestCase
   # If no path was given, use the one from the URL
   def test_cookie_using_url_path
-    url = URI.parse('http://rubyforge.org/login.php')
+    url = URI.parse('http://rubygems.org/login.php')
     cookie_params = {}
     cookie_params['expires']   = 'expires=Sun, 27-Sep-2037 00:00:00 GMT'
     cookie_params['path']      = 'path=/'
-    cookie_params['domain']    = 'domain=.rubyforge.org'
+    cookie_params['domain']    = 'domain=.rubygems.org'
     cookie_params['httponly']  = 'HttpOnly'
     cookie_value = '12345%7D=ASDFWEE345%3DASda'
     expires = Time.parse('Sun, 27-Sep-2037 00:00:00 GMT')
     cookie_params.keys.combine.each do |c|
       next if c.find { |k| k == 'path' }
       cookie_text = "#{cookie_value}; "
@@ -398,16 +398,16 @@ class TestMechanizeCookie < Mechanize::TestCase
   # Test using secure cookies
   def test_cookie_with_secure
-    url = URI.parse('http://rubyforge.org/')
+    url = URI.parse('http://rubygems.org/')
     cookie_params = {}
     cookie_params['expires']   = 'expires=Sun, 27-Sep-2037 00:00:00 GMT'
     cookie_params['path']      = 'path=/'
-    cookie_params['domain']    = 'domain=.rubyforge.org'
+    cookie_params['domain']    = 'domain=.rubygems.org'
     cookie_params['secure']    = 'secure'
     cookie_value = '12345%7D=ASDFWEE345%3DASda'
     expires = Time.parse('Sun, 27-Sep-2037 00:00:00 GMT')
     cookie_params.keys.combine.each do |c|
       next unless c.find { |k| k == 'secure' }
       cookie_text = "#{cookie_value}; "
@@ -435,16 +435,16 @@ class TestMechanizeCookie < Mechanize::TestCase
   end
   def test_parse_cookie_no_spaces
-    url = URI.parse('http://rubyforge.org/')
+    url = URI.parse('http://rubygems.org/')
     cookie_params = {}
     cookie_params['expires']   = 'expires=Sun, 27-Sep-2037 00:00:00 GMT'
     cookie_params['path']      = 'path=/'
-    cookie_params['domain']    = 'domain=.rubyforge.org'
+    cookie_params['domain']    = 'domain=.rubygems.org'
     cookie_params['httponly']  = 'HttpOnly'
     cookie_value = '12345%7D=ASDFWEE345%3DASda'
     expires = Time.parse('Sun, 27-Sep-2037 00:00:00 GMT')
     cookie_params.keys.combine.each do |c|
       cookie_text = "#{cookie_value};"
       c.each_with_index do |key, idx|
@@ -511,13 +511,13 @@ class TestMechanizeCookie < Mechanize::TestCase
   end
   def test_cookie_httponly
-    url = URI.parse('http://rubyforge.org/')
+    url = URI.parse('http://rubygems.org/')
     cookie_params = {}
     cookie_params['httponly']  = 'HttpOnly'
     cookie_value = '12345%7D=ASDFWEE345%3DASda'
     expires = Time.parse('Sun, 27-Sep-2037 00:00:00 GMT')
     cookie_params.keys.combine.each do |c|
       cookie_text = "#{cookie_value}; "
       c.each_with_index do |key, idx|
@@ -532,7 +532,7 @@ class TestMechanizeCookie < Mechanize::TestCase
       assert_equal(true, cookie.httponly)
       # if expires was set, make sure we parsed it
       if c.find { |k| k == 'expires' }
         assert_equal(expires, cookie.expires)