mechanize 2.7.7 → 2.8.0

data/Gemfile

@@ -1,8 +1,3 @@
-source 'https://rubygems.org'
-
-gem "rake"
-gem "bundler"
-gem "rdoc"
-gem "minitest"
+source "https://rubygems.org"
 
 gemspec

data/{LICENSE.rdoc → LICENSE.txt}

@@ -1,5 +1,9 @@
 (The MIT License)
 
+Copyright (c) 2005 by Michael Neumann (mneumann@ntecs.de)
+
+Copyright (c) 2006-2021 by Eric Hodel, Akinori MUSHA, Aaron Patterson, Lee Jarvis, Mike Dalessio
+
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the
 'Software'), to deal in the Software without restriction, including

data/README.md

@@ -0,0 +1,79 @@
+# Mechanize
+
+* https://www.rubydoc.info/gems/mechanize/
+* https://github.com/sparklemotion/mechanize
+
+[![Test suite](https://github.com/sparklemotion/mechanize/actions/workflows/ci-test.yml/badge.svg)](https://github.com/sparklemotion/mechanize/actions/workflows/ci-test.yml)
+
+
+## Description
+
+The Mechanize library is used for automating interaction with websites. Mechanize automatically stores and sends cookies, follows redirects, and can follow links and submit forms.  Form fields can be populated and submitted. Mechanize also keeps track of the sites that you have visited as a history.
+
+
+## Dependencies
+
+* Ruby >= 2.5
+* Gems:
+  * `addressable`
+  * `domain_name`
+  * `http-cookie`
+  * `mime-types`
+  * `net-http-digest_auth`
+  * `net-http-persistent`
+  * `nokogiri`
+  * `rubyntlm`
+  * `webrick`
+  * `webrobots`
+
+
+## Support:
+
+The bug tracker is available here:
+
+* https://github.com/sparklemotion/mechanize/issues
+
+
+## Examples
+
+If you are just starting, check out [GUIDE.rdoc](https://github.com/sparklemotion/mechanize/blob/main/GUIDE.rdoc) or [EXAMPLES.rdoc](https://github.com/sparklemotion/mechanize/blob/main/EXAMPLES.rdoc).
+
+
+## Developers
+
+Use bundler to install dependencies:
+
+```
+bundle install
+```
+
+Run all tests with:
+
+```
+bundle exec rake test
+```
+
+See also Mechanize::TestCase to read about the built-in testing infrastructure.
+
+
+## Authors
+
+* Eric Hodel
+* Akinori MUSHA
+* Aaron Patterson
+* Lee Jarvis
+* Mike Dalessio
+
+
+## Acknowledgments
+
+This library was heavily influenced by its namesake in the Perl world.  A big
+thanks goes to [Andy Lester](http://petdance.com), the author of the original Perl module WWW::Mechanize which is available [here](http://search.cpan.org/dist/WWW-Mechanize/). Ruby Mechanize would not be around without you!
+
+Thank you to Michael Neumann for starting the Ruby version. Thanks to everyone who's helped out in various ways. Finally, thank you to the people using this library!
+
+## License
+
+This library is distributed under the MIT license. Please see the [LICENSE](http://docs.seattlerb.org/mechanize/LICENSE_rdoc.html) file.
+
+

data/Rakefile

@@ -23,9 +23,9 @@ task('ssl_cert') do |p|
 end
 
 RDoc::Task.new do |rdoc|
-  rdoc.main = "README.rdoc"
+  rdoc.main = "README.md"
   rdoc.rdoc_dir = 'doc'
-  rdoc.rdoc_files.include( "CHANGELOG.rdoc", "EXAMPLES.rdoc", "GUIDE.rdoc", "LICENSE.rdoc", "README.rdoc", "lib/**/*.rb")
+  rdoc.rdoc_files.include( "CHANGELOG.md", "EXAMPLES.rdoc", "GUIDE.rdoc", "LICENSE.txt", "README.md", "lib/**/*.rb")
 end
 
 desc "Run tests"
@@ -38,4 +38,19 @@ task publish_docs: %w[rdoc] do
   sh 'rsync', '-avzO', '--delete', 'doc/', 'docs-push.seattlerb.org:/data/www/docs.seattlerb.org/mechanize/'
 end
 
-task default: :test
+desc "Run rubocop checks"
+task :rubocop => ["rubocop:security", "rubocop:frozen_string_literals"]
+
+namespace "rubocop" do
+  desc "Run rubocop security check"
+  task :security do
+    sh "rubocop lib --only Security"
+  end
+
+  desc "Run rubocop string literals check"
+  task :frozen_string_literals do
+    sh "rubocop lib --auto-correct-all --only Style/FrozenStringLiteralComment"
+  end
+end
+
+task default: [:rubocop, :test]

data/lib/mechanize.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'mechanize/version'
 require 'fileutils'
 require 'forwardable'

data/lib/mechanize/chunked_termination_error.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # Raised when Mechanize detects the chunked transfer-encoding may be
 # incorrectly terminated.

data/lib/mechanize/content_type_error.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This error is raised when a pluggable parser tries to parse a content type
 # that it does not know how to handle.  For example if Mechanize::Page were to

data/lib/mechanize/cookie.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 warn 'mechanize/cookie will be deprecated.  Please migrate to the http-cookie APIs.' if $VERBOSE
 
 require 'http/cookie'
@@ -50,19 +51,6 @@ class Mechanize
 
   Cookie = ::HTTP::Cookie
 
-  # Compatibility for Ruby 1.8/1.9
-  unless Cookie.respond_to?(:prepend, true)
-    require 'mechanize/prependable'
-
-    class Cookie
-      extend Prependable
-
-      class << self
-        extend Prependable
-      end
-    end
-  end
-
   class Cookie
     prepend CookieIMethods
 

data/lib/mechanize/cookie_jar.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 warn 'mechanize/cookie_jar will be deprecated.  Please migrate to the http-cookie APIs.' if $VERBOSE
 
 require 'http/cookie_jar'
@@ -148,7 +149,7 @@ class Mechanize
       return super(input, opthash) if opthash[:format] != :yaml
 
       begin
-        data = YAML.load(input)
+        data = YAML.load(input) # rubocop:disable Security/YAMLLoad
       rescue ArgumentError
         @logger.warn "unloadable YAML cookie data discarded" if @logger
         return self
@@ -175,15 +176,6 @@ class Mechanize
     end
   end
 
-  # Compatibility for Ruby 1.8/1.9
-  unless ::HTTP::CookieJar.respond_to?(:prepend, true)
-    require 'mechanize/prependable'
-
-    class ::HTTP::CookieJar
-      extend Prependable
-    end
-  end
-
   class ::HTTP::CookieJar
     prepend CookieJarIMethods
   end

data/lib/mechanize/directory_saver.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # Unlike Mechanize::FileSaver, the directory saver places all downloaded files
 # in a single pre-specified directory.

data/lib/mechanize/download.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # Download is a pluggable parser for downloading files without loading them
 # into memory first.  You may subclass this class to handle content types you

data/lib/mechanize/element_matcher.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 module Mechanize::ElementMatcher
 
   def elements_with singular, plural = "#{singular}s"

data/lib/mechanize/element_not_found_error.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # Raised when an an element was not found on the Page
 

data/lib/mechanize/file.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This is the base class for the Pluggable Parsers.  If Mechanize cannot find
 # an appropriate class to use for the content type, this class will be used.

data/lib/mechanize/file_connection.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # Wrapper to make a file URI work like an http URI
 
@@ -10,8 +11,9 @@ class Mechanize::FileConnection
   end
 
   def request uri, request
-    yield Mechanize::FileResponse.new Mechanize::Util.uri_unescape uri.path
+    file_path = uri.select(:host, :path)
+                  .select { |part| part && (part.length > 0) }
+                  .join(":")
+    yield Mechanize::FileResponse.new(Mechanize::Util.uri_unescape(file_path))
   end
-
 end
-

data/lib/mechanize/file_request.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # A wrapper for a file URI that makes a request that works like a
 # Net::HTTPRequest

data/lib/mechanize/file_response.rb

@@ -1,8 +1,11 @@
+# frozen_string_literal: true
 ##
 # Fake response for dealing with file:/// requests
 
 class Mechanize::FileResponse
 
+  attr_reader :file_path
+
   def initialize(file_path)
     @file_path = file_path
     @uri       = nil

data/lib/mechanize/file_saver.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This is a pluggable parser that automatically saves every file it
 # encounters.  Unlike Mechanize::DirectorySaver, the file saver saves the

data/lib/mechanize/form.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require 'mechanize/element_matcher'
 
 # This class encapsulates a form parsed out of an HTML page.  Each type of
@@ -643,15 +644,6 @@ class Mechanize::Form
     end
   end
 
-  unless ::String.method_defined?(:b)
-    # Define String#b for Ruby < 2.0
-    class ::String
-      def b
-        dup.force_encoding(Encoding::ASCII_8BIT)
-      end
-    end
-  end
-
   def rand_string(len = 10)
     chars = ("a".."z").to_a + ("A".."Z").to_a
     string = ::String.new

data/lib/mechanize/form/button.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # A Submit button in a Form
 

data/lib/mechanize/form/check_box.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class represents a check box found in a Form.  To activate the CheckBox
 # in the Form, set the checked method to true.

data/lib/mechanize/form/field.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class represents a field in a form.  It handles the following input
 # tags found in a form:

data/lib/mechanize/form/file_upload.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # This class represents a file upload field found in a form.  To use this
 # class, set FileUpload#file_data= to the data of the file you want to upload
 # and FileUpload#mime_type= to the appropriate mime type of the file.

data/lib/mechanize/form/hidden.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Form::Hidden < Mechanize::Form::Field
 end
 

data/lib/mechanize/form/image_button.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class represents an image button in a form.  Use the x and y methods to
 # set the x and y positions for where the mouse "clicked".

data/lib/mechanize/form/keygen.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class represents a keygen (public / private key generator) found in a
 # Form. The field will automatically generate a key pair and compute its own

data/lib/mechanize/form/multi_select_list.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class represents a select list where multiple values can be selected.
 # MultiSelectList#value= accepts an array, and those values are used as

data/lib/mechanize/form/option.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class contains an option found within SelectList.  A SelectList can
 # have many Option classes associated with it.  An option can be selected by

data/lib/mechanize/form/radio_button.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class represents a radio button found in a Form.  To activate the
 # RadioButton in the Form, set the checked method to true.

data/lib/mechanize/form/reset.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Form::Reset < Mechanize::Form::Button
 end
 

data/lib/mechanize/form/select_list.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 # This class represents a select list or drop down box in a Form.  Set the
 # value for the list by calling SelectList#value=.  SelectList contains a list
 # of Option that were found.  After finding the correct option, set the select

data/lib/mechanize/form/submit.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Form::Submit < Mechanize::Form::Button
 end
 

data/lib/mechanize/form/text.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Form::Text < Mechanize::Form::Field
 end
 

data/lib/mechanize/form/textarea.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Form::Textarea < Mechanize::Form::Field
 end
 

data/lib/mechanize/headers.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 class Mechanize::Headers < Hash
   def [](key)
     super(key.downcase)

data/lib/mechanize/history.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # This class manages history for your mechanize object.
 

data/lib/mechanize/http.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 ##
 # Mechanize::HTTP contains classes for communicated with HTTP servers.  All
 # API under this namespace is considered private and is subject to change at

data/lib/mechanize/http/agent.rb

@@ -1,6 +1,6 @@
+# frozen_string_literal: true
 require 'tempfile'
 require 'net/ntlm'
-require 'kconv'
 require 'webrobots'
 
 ##
@@ -9,6 +9,9 @@ require 'webrobots'
 
 class Mechanize::HTTP::Agent
 
+  CREDENTIAL_HEADERS = ['Authorization', 'Cookie']
+  POST_HEADERS = ['Content-Length', 'Content-MD5', 'Content-Type']
+
   # :section: Headers
 
   # Disables If-Modified-Since conditional requests (enabled by default)
@@ -838,7 +841,7 @@ class Mechanize::HTTP::Agent
 
     out_io
   rescue Zlib::Error => e
-    message = "error handling content-encoding #{response['Content-Encoding']}:"
+    message = String.new("error handling content-encoding #{response['Content-Encoding']}:")
     message << " #{e.message} (#{e.class})"
     raise Mechanize::Error, message
   ensure
@@ -986,14 +989,20 @@ class Mechanize::HTTP::Agent
 
     redirect_method = method == :head ? :head : :get
 
+    new_uri = secure_resolve!(response['Location'].to_s, page)
+    @history.push(page, page.uri)
+
     # Make sure we are not copying over the POST headers from the original request
-    ['Content-Length', 'Content-MD5', 'Content-Type'].each do |key|
-      headers.delete key
+    POST_HEADERS.each do |key|
+      headers.delete_if { |h| h.casecmp?(key) }
     end
 
-    new_uri = secure_resolve! response['Location'].to_s, page
-
-    @history.push(page, page.uri)
+    # Make sure we clear credential headers if being redirected to another site
+    if new_uri.host != page.uri.host
+      CREDENTIAL_HEADERS.each do |ch|
+        headers.delete_if { |h| h.casecmp?(ch) }
+      end
+    end
 
     fetch new_uri, redirect_method, headers, [], referer, redirects + 1
   end
@@ -1278,4 +1287,3 @@ class Mechanize::HTTP::Agent
 end
 
 require 'mechanize/http/auth_store'
-