mechanize 2.7.7 → 2.8.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +11 -0
- data/.github/workflows/ci-test.yml +36 -8
- data/.yardopts +8 -0
- data/{CHANGELOG.rdoc → CHANGELOG.md} +117 -88
- data/Gemfile +1 -6
- data/{LICENSE.rdoc → LICENSE.txt} +4 -0
- data/README.md +77 -0
- data/Rakefile +18 -3
- data/lib/mechanize/chunked_termination_error.rb +1 -0
- data/lib/mechanize/content_type_error.rb +1 -0
- data/lib/mechanize/cookie.rb +1 -13
- data/lib/mechanize/cookie_jar.rb +2 -10
- data/lib/mechanize/directory_saver.rb +1 -0
- data/lib/mechanize/download.rb +1 -0
- data/lib/mechanize/element_matcher.rb +1 -0
- data/lib/mechanize/element_not_found_error.rb +1 -0
- data/lib/mechanize/file.rb +1 -0
- data/lib/mechanize/file_connection.rb +5 -3
- data/lib/mechanize/file_request.rb +1 -0
- data/lib/mechanize/file_response.rb +3 -0
- data/lib/mechanize/file_saver.rb +1 -0
- data/lib/mechanize/form/button.rb +1 -0
- data/lib/mechanize/form/check_box.rb +1 -0
- data/lib/mechanize/form/field.rb +1 -0
- data/lib/mechanize/form/file_upload.rb +1 -0
- data/lib/mechanize/form/hidden.rb +1 -0
- data/lib/mechanize/form/image_button.rb +1 -0
- data/lib/mechanize/form/keygen.rb +1 -0
- data/lib/mechanize/form/multi_select_list.rb +1 -0
- data/lib/mechanize/form/option.rb +1 -0
- data/lib/mechanize/form/radio_button.rb +1 -0
- data/lib/mechanize/form/reset.rb +1 -0
- data/lib/mechanize/form/select_list.rb +1 -0
- data/lib/mechanize/form/submit.rb +1 -0
- data/lib/mechanize/form/text.rb +1 -0
- data/lib/mechanize/form/textarea.rb +1 -0
- data/lib/mechanize/form.rb +1 -9
- data/lib/mechanize/headers.rb +1 -0
- data/lib/mechanize/history.rb +1 -0
- data/lib/mechanize/http/agent.rb +16 -8
- data/lib/mechanize/http/auth_challenge.rb +1 -0
- data/lib/mechanize/http/auth_realm.rb +1 -0
- data/lib/mechanize/http/auth_store.rb +1 -0
- data/lib/mechanize/http/content_disposition_parser.rb +14 -2
- data/lib/mechanize/http/www_authenticate_parser.rb +3 -3
- data/lib/mechanize/http.rb +1 -0
- data/lib/mechanize/image.rb +1 -0
- data/lib/mechanize/page/base.rb +1 -0
- data/lib/mechanize/page/frame.rb +1 -0
- data/lib/mechanize/page/image.rb +1 -0
- data/lib/mechanize/page/label.rb +1 -0
- data/lib/mechanize/page/link.rb +8 -1
- data/lib/mechanize/page/meta_refresh.rb +1 -0
- data/lib/mechanize/page.rb +4 -3
- data/lib/mechanize/parser.rb +1 -0
- data/lib/mechanize/pluggable_parsers.rb +1 -0
- data/lib/mechanize/prependable.rb +1 -0
- data/lib/mechanize/redirect_limit_reached_error.rb +1 -0
- data/lib/mechanize/redirect_not_get_or_head_error.rb +1 -0
- data/lib/mechanize/response_code_error.rb +2 -1
- data/lib/mechanize/response_read_error.rb +1 -0
- data/lib/mechanize/robots_disallowed_error.rb +1 -0
- data/lib/mechanize/test_case/bad_chunking_servlet.rb +1 -0
- data/lib/mechanize/test_case/basic_auth_servlet.rb +1 -0
- data/lib/mechanize/test_case/content_type_servlet.rb +1 -0
- data/lib/mechanize/test_case/digest_auth_servlet.rb +1 -0
- data/lib/mechanize/test_case/file_upload_servlet.rb +1 -0
- data/lib/mechanize/test_case/form_servlet.rb +1 -0
- data/lib/mechanize/test_case/gzip_servlet.rb +1 -0
- data/lib/mechanize/test_case/header_servlet.rb +1 -0
- data/lib/mechanize/test_case/http_refresh_servlet.rb +1 -0
- data/lib/mechanize/test_case/infinite_redirect_servlet.rb +1 -0
- data/lib/mechanize/test_case/infinite_refresh_servlet.rb +1 -0
- data/lib/mechanize/test_case/many_cookies_as_string_servlet.rb +1 -0
- data/lib/mechanize/test_case/many_cookies_servlet.rb +1 -0
- data/lib/mechanize/test_case/modified_since_servlet.rb +1 -0
- data/lib/mechanize/test_case/ntlm_servlet.rb +1 -0
- data/lib/mechanize/test_case/one_cookie_no_spaces_servlet.rb +1 -0
- data/lib/mechanize/test_case/one_cookie_servlet.rb +1 -0
- data/lib/mechanize/test_case/quoted_value_cookie_servlet.rb +1 -0
- data/lib/mechanize/test_case/redirect_servlet.rb +1 -0
- data/lib/mechanize/test_case/referer_servlet.rb +1 -0
- data/lib/mechanize/test_case/refresh_with_empty_url.rb +1 -0
- data/lib/mechanize/test_case/refresh_without_url.rb +1 -0
- data/lib/mechanize/test_case/response_code_servlet.rb +1 -0
- data/lib/mechanize/test_case/robots_txt_servlet.rb +1 -0
- data/lib/mechanize/test_case/send_cookies_servlet.rb +1 -0
- data/lib/mechanize/test_case/server.rb +1 -0
- data/lib/mechanize/test_case/servlets.rb +1 -0
- data/lib/mechanize/test_case/verb_servlet.rb +1 -0
- data/lib/mechanize/test_case.rb +32 -27
- data/lib/mechanize/unauthorized_error.rb +1 -0
- data/lib/mechanize/unsupported_scheme_error.rb +1 -0
- data/lib/mechanize/util.rb +2 -1
- data/lib/mechanize/version.rb +2 -1
- data/lib/mechanize/xml_file.rb +1 -0
- data/lib/mechanize.rb +2 -1
- data/mechanize.gemspec +48 -34
- data/test/htdocs/dir with spaces/foo.html +1 -0
- data/test/test_mechanize.rb +5 -4
- data/test/test_mechanize_cookie_jar.rb +2 -0
- data/test/test_mechanize_download.rb +1 -0
- data/test/test_mechanize_file.rb +1 -0
- data/test/test_mechanize_file_connection.rb +21 -3
- data/test/test_mechanize_file_response.rb +6 -0
- data/test/test_mechanize_http_agent.rb +47 -7
- data/test/test_mechanize_http_content_disposition_parser.rb +27 -0
- data/test/test_mechanize_link.rb +24 -0
- data/test/test_mechanize_page_encoding.rb +28 -1
- metadata +145 -56
- data/README.rdoc +0 -77
data/lib/mechanize/test_case.rb
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
1
2
|
require 'mechanize'
|
|
2
3
|
require 'logger'
|
|
3
4
|
require 'tempfile'
|
|
@@ -57,12 +58,12 @@ class Mechanize::TestCase < Minitest::Test
|
|
|
57
58
|
|
|
58
59
|
def fake_page agent = @mech
|
|
59
60
|
uri = URI 'http://fake.example/'
|
|
60
|
-
html =
|
|
61
|
-
<html>
|
|
62
|
-
<body>
|
|
63
|
-
<form><input type="submit" value="submit" /></form>
|
|
64
|
-
</body>
|
|
65
|
-
</html>
|
|
61
|
+
html = String.new(<<~END)
|
|
62
|
+
<html>
|
|
63
|
+
<body>
|
|
64
|
+
<form><input type="submit" value="submit" /></form>
|
|
65
|
+
</body>
|
|
66
|
+
</html>
|
|
66
67
|
END
|
|
67
68
|
|
|
68
69
|
Mechanize::Page.new uri, nil, html, 200, agent
|
|
@@ -87,11 +88,9 @@ class Mechanize::TestCase < Minitest::Test
|
|
|
87
88
|
# Creates a Mechanize::CookieJar by parsing the given +str+
|
|
88
89
|
|
|
89
90
|
def cookie_jar str, uri = URI('http://example')
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
jar
|
|
91
|
+
Mechanize::CookieJar.new.tap do |jar|
|
|
92
|
+
jar.parse str, uri
|
|
93
|
+
end
|
|
95
94
|
end
|
|
96
95
|
|
|
97
96
|
##
|
|
@@ -109,22 +108,18 @@ class Mechanize::TestCase < Minitest::Test
|
|
|
109
108
|
# Creates a Nokogiri Node +element+ with the given +attributes+
|
|
110
109
|
|
|
111
110
|
def node element, attributes = {}
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
attributes.each do |name, value|
|
|
117
|
-
node[name] = value
|
|
111
|
+
Nokogiri::XML::Node.new(element, Nokogiri::HTML::Document.new).tap do |node|
|
|
112
|
+
attributes.each do |name, value|
|
|
113
|
+
node[name] = value
|
|
114
|
+
end
|
|
118
115
|
end
|
|
119
|
-
|
|
120
|
-
node
|
|
121
116
|
end
|
|
122
117
|
|
|
123
118
|
##
|
|
124
119
|
# Creates a Mechanize::Page for the given +uri+ with the given
|
|
125
120
|
# +content_type+, response +body+ and HTTP status +code+
|
|
126
121
|
|
|
127
|
-
def page uri, content_type = 'text/html', body =
|
|
122
|
+
def page uri, content_type = 'text/html', body = String.new, code = 200
|
|
128
123
|
uri = URI uri unless URI::Generic === uri
|
|
129
124
|
|
|
130
125
|
Mechanize::Page.new(uri, { 'content-type' => content_type }, body, code,
|
|
@@ -173,15 +168,25 @@ UQIBATANBgkqhkiG9w0BAQUFAANBAAAB////////////////////////////////
|
|
|
173
168
|
# Creates a Tempfile with +content+ that is immediately unlinked
|
|
174
169
|
|
|
175
170
|
def tempfile content
|
|
176
|
-
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
171
|
+
Tempfile.new(@NAME).tap do |body_io|
|
|
172
|
+
body_io.unlink
|
|
173
|
+
body_io.write content
|
|
174
|
+
body_io.flush
|
|
175
|
+
body_io.rewind
|
|
176
|
+
end
|
|
177
|
+
end
|
|
181
178
|
|
|
182
|
-
|
|
179
|
+
##
|
|
180
|
+
# Returns true if the current platform is a Windows platform
|
|
181
|
+
def windows?
|
|
182
|
+
::RUBY_PLATFORM =~ /mingw|mswin/
|
|
183
183
|
end
|
|
184
184
|
|
|
185
|
+
##
|
|
186
|
+
# Return the contents of the file without Windows carriage returns
|
|
187
|
+
def file_contents_without_cr(path)
|
|
188
|
+
File.read(path).gsub(/\r\n/, "\n")
|
|
189
|
+
end
|
|
185
190
|
end
|
|
186
191
|
|
|
187
192
|
require 'mechanize/test_case/servlets'
|
|
@@ -312,7 +317,7 @@ class Response # :nodoc:
|
|
|
312
317
|
|
|
313
318
|
def initialize
|
|
314
319
|
@header = {}
|
|
315
|
-
@body =
|
|
320
|
+
@body = String.new
|
|
316
321
|
@code = nil
|
|
317
322
|
@query = nil
|
|
318
323
|
@cookies = []
|
data/lib/mechanize/util.rb
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
1
2
|
require 'cgi'
|
|
2
3
|
require 'nkf'
|
|
3
4
|
|
|
@@ -15,7 +16,7 @@ class Mechanize::Util
|
|
|
15
16
|
def build_query_string(parameters, enc = nil)
|
|
16
17
|
each_parameter(parameters).inject(nil) { |s, (k, v)|
|
|
17
18
|
# WEBrick::HTTP.escape* has some problems about m17n on ruby-1.9.*.
|
|
18
|
-
(s.nil? ?
|
|
19
|
+
(s.nil? ? String.new : s << '&') << [CGI.escape(k.to_s), CGI.escape(v.to_s)].join('=')
|
|
19
20
|
} || ''
|
|
20
21
|
end
|
|
21
22
|
|
data/lib/mechanize/version.rb
CHANGED
data/lib/mechanize/xml_file.rb
CHANGED
data/lib/mechanize.rb
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
1
2
|
require 'mechanize/version'
|
|
2
3
|
require 'fileutils'
|
|
3
4
|
require 'forwardable'
|
|
@@ -114,7 +115,7 @@ class Mechanize
|
|
|
114
115
|
|
|
115
116
|
AGENT_ALIASES = {
|
|
116
117
|
'Mechanize' => "Mechanize/#{VERSION} Ruby/#{ruby_version} (http://github.com/sparklemotion/mechanize/)",
|
|
117
|
-
'Linux Firefox' => 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:
|
|
118
|
+
'Linux Firefox' => 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0',
|
|
118
119
|
'Linux Konqueror' => 'Mozilla/5.0 (compatible; Konqueror/3; Linux)',
|
|
119
120
|
'Linux Mozilla' => 'Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624',
|
|
120
121
|
'Mac Firefox' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:43.0) Gecko/20100101 Firefox/43.0',
|
data/mechanize.gemspec
CHANGED
|
@@ -1,20 +1,19 @@
|
|
|
1
1
|
# coding: utf-8
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
require 'mechanize/version'
|
|
2
|
+
# frozen_string_literal: true
|
|
3
|
+
require_relative 'lib/mechanize/version'
|
|
5
4
|
|
|
6
5
|
Gem::Specification.new do |spec|
|
|
7
|
-
spec.name
|
|
8
|
-
spec.version
|
|
9
|
-
spec.homepage
|
|
10
|
-
spec.summary
|
|
11
|
-
spec.description
|
|
6
|
+
spec.name = "mechanize"
|
|
7
|
+
spec.version = Mechanize::VERSION
|
|
8
|
+
spec.homepage = "https://github.com/sparklemotion/mechanize"
|
|
9
|
+
spec.summary = 'The Mechanize library is used for automating interaction with websites'
|
|
10
|
+
spec.description =
|
|
12
11
|
[
|
|
13
12
|
"The Mechanize library is used for automating interaction with websites.",
|
|
14
13
|
"Mechanize automatically stores and sends cookies, follows redirects,",
|
|
15
14
|
"and can follow links and submit forms. Form fields can be populated and",
|
|
16
15
|
"submitted. Mechanize also keeps track of the sites that you have visited as",
|
|
17
|
-
"a history."
|
|
16
|
+
"a history.",
|
|
18
17
|
].join("\n")
|
|
19
18
|
|
|
20
19
|
spec.authors =
|
|
@@ -23,7 +22,7 @@ Gem::Specification.new do |spec|
|
|
|
23
22
|
'Aaron Patterson',
|
|
24
23
|
'Mike Dalessio',
|
|
25
24
|
'Akinori MUSHA',
|
|
26
|
-
'Lee Jarvis'
|
|
25
|
+
'Lee Jarvis',
|
|
27
26
|
]
|
|
28
27
|
spec.email =
|
|
29
28
|
[
|
|
@@ -31,32 +30,47 @@ Gem::Specification.new do |spec|
|
|
|
31
30
|
'aaron.patterson@gmail.com',
|
|
32
31
|
'mike.dalessio@gmail.com',
|
|
33
32
|
'knu@idaemons.org',
|
|
34
|
-
'ljjarvis@gmail.com'
|
|
33
|
+
'ljjarvis@gmail.com',
|
|
35
34
|
]
|
|
36
35
|
|
|
37
|
-
spec.
|
|
36
|
+
spec.metadata = {
|
|
37
|
+
'yard.run' => 'yard',
|
|
38
|
+
'bug_tracker_uri' => 'https://github.com/sparklemotion/mechanize/issues',
|
|
39
|
+
'changelog_uri' => 'https://github.com/sparklemotion/mechanize/blob/main/CHANGELOG.md',
|
|
40
|
+
'documentation_uri' => 'https://www.rubydoc.info/gems/mechanize',
|
|
41
|
+
'homepage_uri' => 'https://github.com/sparklemotion/mechanize',
|
|
42
|
+
'source_code_uri' => 'https://github.com/sparklemotion/mechanize'
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
spec.license = "MIT"
|
|
38
46
|
|
|
39
47
|
spec.require_paths = ["lib"]
|
|
40
|
-
spec.files
|
|
41
|
-
spec.test_files
|
|
42
|
-
|
|
43
|
-
spec.extra_rdoc_files += Dir['*.rdoc']
|
|
44
|
-
spec.rdoc_options
|
|
45
|
-
|
|
46
|
-
spec.required_ruby_version = ">=
|
|
47
|
-
|
|
48
|
-
spec.add_runtime_dependency
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
spec.add_runtime_dependency "
|
|
58
|
-
|
|
59
|
-
spec.add_runtime_dependency
|
|
60
|
-
spec.add_runtime_dependency
|
|
61
|
-
spec.add_runtime_dependency
|
|
48
|
+
spec.files = %x(git ls-files).split($/)
|
|
49
|
+
spec.test_files = spec.files.grep(%r{^test/})
|
|
50
|
+
|
|
51
|
+
spec.extra_rdoc_files += Dir['*.rdoc', '*.md']
|
|
52
|
+
spec.rdoc_options = ["--main", "README.md"]
|
|
53
|
+
|
|
54
|
+
spec.required_ruby_version = ">= 2.5.0"
|
|
55
|
+
|
|
56
|
+
spec.add_runtime_dependency("addressable", "~> 2.8")
|
|
57
|
+
spec.add_runtime_dependency("domain_name", ">= 0.5.20190701", "~> 0.5")
|
|
58
|
+
spec.add_runtime_dependency("http-cookie", ">= 1.0.3", "~> 1.0")
|
|
59
|
+
spec.add_runtime_dependency("mime-types", "~> 3.0")
|
|
60
|
+
spec.add_runtime_dependency("net-http-digest_auth", ">= 1.4.1", "~> 1.4")
|
|
61
|
+
|
|
62
|
+
# careful! some folks are relying on older versions of net-http-persistent
|
|
63
|
+
# - see the socks proxy patch in use at #507 and #464
|
|
64
|
+
# - see use of retry_change_requests that was removed at #558
|
|
65
|
+
spec.add_runtime_dependency("net-http-persistent", ">= 2.5.2", "< 5.0.dev")
|
|
66
|
+
|
|
67
|
+
spec.add_runtime_dependency("nokogiri", ">= 1.11.2", "~> 1.11")
|
|
68
|
+
spec.add_runtime_dependency("rubyntlm", ">= 0.6.3", "~> 0.6")
|
|
69
|
+
spec.add_runtime_dependency("webrick", "~> 1.7")
|
|
70
|
+
spec.add_runtime_dependency("webrobots", "~> 0.1.2")
|
|
71
|
+
|
|
72
|
+
spec.add_development_dependency("minitest", "~> 5.14")
|
|
73
|
+
spec.add_development_dependency("rake", "~> 13.0")
|
|
74
|
+
spec.add_development_dependency("rdoc", "~> 6.3")
|
|
75
|
+
spec.add_development_dependency("rubocop", "~> 1.12")
|
|
62
76
|
end
|
data/test/test_mechanize.rb
CHANGED
|
@@ -346,6 +346,7 @@ but not <a href="/" rel="me nofollow">this</a>!
|
|
|
346
346
|
end
|
|
347
347
|
|
|
348
348
|
def test_download_does_not_allow_command_injection
|
|
349
|
+
skip if windows?
|
|
349
350
|
in_tmpdir do
|
|
350
351
|
@mech.download('http://example', '| ruby -rfileutils -e \'FileUtils.touch("vul.txt")\'')
|
|
351
352
|
|
|
@@ -949,7 +950,7 @@ but not <a href="/" rel="me nofollow">this</a>!
|
|
|
949
950
|
"Content-Disposition: form-data; name=\"userfile1\"; filename=\"#{name}\"",
|
|
950
951
|
page.body
|
|
951
952
|
)
|
|
952
|
-
assert_operator page.body.bytesize, :>,
|
|
953
|
+
assert_operator page.body.bytesize, :>, file_contents_without_cr(__FILE__).length
|
|
953
954
|
end
|
|
954
955
|
|
|
955
956
|
def test_post_file_upload_nonascii
|
|
@@ -968,7 +969,7 @@ but not <a href="/" rel="me nofollow">this</a>!
|
|
|
968
969
|
page.body
|
|
969
970
|
)
|
|
970
971
|
assert_match("Content-Type: application/zip", page.body)
|
|
971
|
-
assert_operator page.body.bytesize, :>,
|
|
972
|
+
assert_operator page.body.bytesize, :>, file_contents_without_cr(__FILE__).length
|
|
972
973
|
end
|
|
973
974
|
|
|
974
975
|
def test_post_file_upload
|
|
@@ -987,7 +988,7 @@ but not <a href="/" rel="me nofollow">this</a>!
|
|
|
987
988
|
page.body
|
|
988
989
|
)
|
|
989
990
|
assert_match("Content-Type: application/zip", page.body)
|
|
990
|
-
assert_operator page.body.bytesize, :>,
|
|
991
|
+
assert_operator page.body.bytesize, :>, file_contents_without_cr(__FILE__).length
|
|
991
992
|
end
|
|
992
993
|
|
|
993
994
|
def test_post_redirect
|
|
@@ -1182,7 +1183,7 @@ but not <a href="/" rel="me nofollow">this</a>!
|
|
|
1182
1183
|
|
|
1183
1184
|
page = @mech.submit(form)
|
|
1184
1185
|
|
|
1185
|
-
contents = File.binread
|
|
1186
|
+
contents = File.binread(__FILE__).gsub(/\r\n/, "\n")
|
|
1186
1187
|
basename = File.basename __FILE__
|
|
1187
1188
|
|
|
1188
1189
|
assert_match(
|
|
@@ -502,6 +502,7 @@ class TestMechanizeCookieJar < Mechanize::TestCase
|
|
|
502
502
|
end
|
|
503
503
|
|
|
504
504
|
def test_prevent_command_injection_when_saving
|
|
505
|
+
skip if windows?
|
|
505
506
|
url = URI 'http://rubygems.org/'
|
|
506
507
|
path = '| ruby -rfileutils -e \'FileUtils.touch("vul.txt")\''
|
|
507
508
|
|
|
@@ -514,6 +515,7 @@ class TestMechanizeCookieJar < Mechanize::TestCase
|
|
|
514
515
|
end
|
|
515
516
|
|
|
516
517
|
def test_prevent_command_injection_when_loading
|
|
518
|
+
skip if windows?
|
|
517
519
|
url = URI 'http://rubygems.org/'
|
|
518
520
|
path = '| ruby -rfileutils -e \'FileUtils.touch("vul.txt")\''
|
|
519
521
|
|
data/test/test_mechanize_file.rb
CHANGED
|
@@ -3,19 +3,37 @@ require 'mechanize/test_case'
|
|
|
3
3
|
class TestMechanizeFileConnection < Mechanize::TestCase
|
|
4
4
|
|
|
5
5
|
def test_request
|
|
6
|
-
|
|
6
|
+
file_path = File.expand_path(__FILE__)
|
|
7
|
+
uri = URI.parse "file://#{file_path}"
|
|
7
8
|
conn = Mechanize::FileConnection.new
|
|
8
9
|
|
|
9
10
|
body = ''
|
|
10
11
|
|
|
11
12
|
conn.request uri, nil do |response|
|
|
13
|
+
assert_equal(file_path, response.file_path)
|
|
12
14
|
response.read_body do |part|
|
|
13
15
|
body << part
|
|
14
16
|
end
|
|
15
17
|
end
|
|
16
18
|
|
|
17
|
-
assert_equal File.read(__FILE__), body
|
|
19
|
+
assert_equal File.read(__FILE__), body.gsub(/\r\n/, "\n")
|
|
18
20
|
end
|
|
19
21
|
|
|
20
|
-
|
|
22
|
+
def test_request_on_uri_with_windows_drive
|
|
23
|
+
uri_string = "file://C:/path/to/file.html"
|
|
24
|
+
expected_file_path = "C:/path/to/file.html"
|
|
25
|
+
|
|
26
|
+
uri = URI.parse(uri_string)
|
|
27
|
+
conn = Mechanize::FileConnection.new
|
|
21
28
|
|
|
29
|
+
called = false
|
|
30
|
+
yielded_file_path = nil
|
|
31
|
+
conn.request(uri, nil) do |response|
|
|
32
|
+
called = true
|
|
33
|
+
yielded_file_path = response.file_path
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
assert(called)
|
|
37
|
+
assert_equal(expected_file_path, yielded_file_path)
|
|
38
|
+
end
|
|
39
|
+
end
|
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
require 'mechanize/test_case'
|
|
2
2
|
|
|
3
3
|
class TestMechanizeFileResponse < Mechanize::TestCase
|
|
4
|
+
def test_file_path
|
|
5
|
+
res = Mechanize::FileResponse.new("/path/to/foo.html")
|
|
6
|
+
assert_equal("/path/to/foo.html", res.file_path)
|
|
7
|
+
end
|
|
8
|
+
|
|
4
9
|
def test_content_type
|
|
5
10
|
Tempfile.open %w[pi .nothtml] do |tempfile|
|
|
6
11
|
res = Mechanize::FileResponse.new tempfile.path
|
|
@@ -31,6 +36,7 @@ class TestMechanizeFileResponse < Mechanize::TestCase
|
|
|
31
36
|
end
|
|
32
37
|
|
|
33
38
|
def test_read_body_does_not_allow_command_injection
|
|
39
|
+
skip if windows?
|
|
34
40
|
in_tmpdir do
|
|
35
41
|
FileUtils.touch('| ruby -rfileutils -e \'FileUtils.touch("vul.txt")\'')
|
|
36
42
|
res = Mechanize::FileResponse.new('| ruby -rfileutils -e \'FileUtils.touch("vul.txt")\'')
|