puppet 6.16.0-x64-mingw32 → 6.17.0-x64-mingw32

data/spec/integration/network/http_pool_spec.rb

@@ -122,7 +122,7 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
         Puppet::Network::HttpPool.http_client_class = klass
       end
 
-      it "connects using the scheme, host and port from the http instance" do
+      it "connects using the scheme, host and port from the http instance preserving the URL path and query" do
         request_line = nil
 
         response_proc = -> (req, res) {
@@ -131,20 +131,20 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
 
         server.start_server(response_proc: response_proc) do |port|
           http = Puppet::Network::HttpPool.http_instance(hostname, port, true)
-          path  = "http://bogus.example.com:443/foo"
+          path  = "http://bogus.example.com:443/foo?q=a"
           http.get(path)
 
           if legacy_api
-            # The old API passed the bogus hostname which didn't match
-            # the host we connected to.
-            expect(request_line).to eq("GET http://bogus.example.com:443/foo HTTP/1.1\r\n")
+            # The old API uses 'absolute-form' and passes the bogus hostname
+            # which isn't the host we connected to.
+            expect(request_line).to eq("GET http://bogus.example.com:443/foo?q=a HTTP/1.1\r\n")
           else
-            expect(request_line).to eq("GET /foo HTTP/1.1\r\n")
+            expect(request_line).to eq("GET /foo?q=a HTTP/1.1\r\n")
           end
         end
       end
 
-      it "requires the caller to URL encode the path" do
+      it "requires the caller to URL encode the path and query when using absolute form" do
         request_line = nil
 
         response_proc = -> (req, res) {
@@ -153,16 +153,33 @@ describe Puppet::Network::HttpPool, unless: Puppet::Util::Platform.jruby? do
 
         server.start_server(response_proc: response_proc) do |port|
           http = Puppet::Network::HttpPool.http_instance(hostname, port, true)
-          encoded_url = "https://#{hostname}:#{port}/foo%20bar"
+          params = { 'key' => 'a value' }
+          encoded_url = "https://#{hostname}:#{port}/foo%20bar?q=#{Puppet::Util.uri_query_encode(params.to_json)}"
           http.get(encoded_url)
 
           if legacy_api
             expect(request_line).to eq("GET #{encoded_url} HTTP/1.1\r\n")
           else
-            expect(request_line).to eq("GET /foo%20bar HTTP/1.1\r\n")
+            expect(request_line).to eq("GET /foo%20bar?q=%7B%22key%22%3A%22a%20value%22%7D HTTP/1.1\r\n")
           end
         end
       end
+
+      it "requires the caller to URL encode the path and query when using a path" do
+        request_line = nil
+
+        response_proc = -> (req, res) {
+          request_line = req.request_line
+        }
+
+        server.start_server(response_proc: response_proc) do |port|
+          http = Puppet::Network::HttpPool.http_instance(hostname, port, true)
+          params = { 'key' => 'a value' }
+          http.get("/foo%20bar?q=#{Puppet::Util.uri_query_encode(params.to_json)}")
+
+          expect(request_line).to eq("GET /foo%20bar?q=%7B%22key%22%3A%22a%20value%22%7D HTTP/1.1\r\n")
+        end
+      end
     end
 
     describe Puppet::Network::HTTP::Connection do

data/spec/integration/parser/compiler_spec.rb

@@ -834,6 +834,17 @@ describe Puppet::Parser::Compiler do
           MANIFEST
         end.to raise_error(/Foo\[bar\]:\s+parameter 'a' expects a value for key 'd'\s+parameter 'a' unrecognized key 'c'/m)
       end
+
+      it 'handles Sensitive type in resource array' do
+        catalog = compile_to_catalog(<<-MANIFEST)
+          define foo(Sensitive[String] $password) {
+            notify{ "${title}": message => "${password}" }
+          }
+          foo { ['testA', 'testB']: password =>Sensitive('some password') }
+        MANIFEST
+        expect(catalog).to have_resource("Notify[testA]").with_parameter(:message, 'Sensitive [value redacted]')
+        expect(catalog).to have_resource("Notify[testB]").with_parameter(:message, 'Sensitive [value redacted]')
+      end
     end
 
     context 'when using typed parameters in class' do

data/spec/integration/type/file_spec.rb

@@ -1160,7 +1160,7 @@ describe Puppet::Type.type(:file), :uses_checksums => true do
       source_prefix = Puppet::Util::Platform.windows? ? '/' : ''
 
       # the URI can be round-tripped through unescape
-      expect(URI.unescape(uri_path)).to eq(source_prefix + source)
+      expect(Puppet::Util.uri_unescape(uri_path)).to eq(source_prefix + source)
       # and is properly UTF-8
       expect(uri_path.encoding).to eq (Encoding::UTF_8)
 

data/spec/integration/util/windows/registry_spec.rb

@@ -259,23 +259,23 @@ describe Puppet::Util::Windows::Registry do
         {
           name: 'REG_SZ',
           type: Win32::Registry::REG_SZ,
-          value: "reg sz\u0000 string",
-          expected_value: "reg sz  string"
+          value: "reg sz\u0000\u0000 string",
+          expected_value: "reg sz"
         },
         {
           name: 'REG_SZ_2',
           type: Win32::Registry::REG_SZ,
-          value: "reg sz\x00 string",
-          expected_value: "reg sz  string"
+          value: "reg sz 2\x00\x00 string",
+          expected_value: "reg sz 2"
         },
         {
           name: 'REG_EXPAND_SZ',
           type: Win32::Registry::REG_EXPAND_SZ,
-          value: "\0reg expand string",
-          expected_value: " reg expand string"
+          value: "\0\0\0reg expand string",
+          expected_value: ""
         }
       ].each do |pair|
-        it 'replaces null bytes with spaces' do
+        it 'reads up to the first wide null' do
           hklm.create("#{puppet_key}\\#{subkey_name}", Win32::Registry::KEY_ALL_ACCESS) do |reg|
             reg.write(value_name, pair[:type], pair[:value])
           end

data/spec/integration/util/windows/user_spec.rb

@@ -125,19 +125,16 @@ describe "Puppet::Util::Windows::User", :if => Puppet::Util::Platform.windows? d
       end
 
       it 'should raise error given that logon returns false' do
-
         allow(Puppet::Util::Windows::User).to receive(:logon_user_by_logon_type).with(
-            user, passwd, fLOGON32_LOGON_NETWORK, fLOGON32_PROVIDER_DEFAULT, anything).and_return (0)
+            user, '.', passwd, fLOGON32_LOGON_NETWORK, fLOGON32_PROVIDER_DEFAULT, anything).and_return (0)
         allow(Puppet::Util::Windows::User).to receive(:logon_user_by_logon_type).with(
-            user, passwd, fLOGON32_LOGON_INTERACTIVE, fLOGON32_PROVIDER_DEFAULT, anything).and_return(0)
+            user, '.', passwd, fLOGON32_LOGON_INTERACTIVE, fLOGON32_PROVIDER_DEFAULT, anything).and_return(0)
 
         expect {Puppet::Util::Windows::User.logon_user(user, passwd) {}}
             .to raise_error(Puppet::Util::Windows::Error, /Failed to logon user/)
-
       end
     end
 
-
     describe "password_is?" do
       it "should return false given an incorrect username and password" do
         expect(Puppet::Util::Windows::User.password_is?(username, bad_password)).to be_falsey
@@ -180,5 +177,43 @@ describe "Puppet::Util::Windows::User", :if => Puppet::Util::Platform.windows? d
         expect { Puppet::Util::Windows::User.check_token_membership }.not_to raise_error
       end
     end
+
+    describe "default_system_account?" do
+      it "should succesfully identify 'SYSTEM' user as a default system account" do
+        allow(Puppet::Util::Windows::SID).to receive(:name_to_sid).with('SYSTEM').and_return(Puppet::Util::Windows::SID::LocalSystem)
+        expect(Puppet::Util::Windows::User.default_system_account?('SYSTEM')).to eq(true)
+      end
+
+      it "should succesfully identify 'NETWORK SERVICE' user as a default system account" do
+        allow(Puppet::Util::Windows::SID).to receive(:name_to_sid).with('NETWORK SERVICE').and_return(Puppet::Util::Windows::SID::NtNetwork)
+        expect(Puppet::Util::Windows::User.default_system_account?('NETWORK SERVICE')).to eq(true)
+      end
+
+      it "should succesfully identify 'LOCAL SERVICE' user as a default system account" do
+        allow(Puppet::Util::Windows::SID).to receive(:name_to_sid).with('LOCAL SERVICE').and_return(Puppet::Util::Windows::SID::NtLocal)
+        expect(Puppet::Util::Windows::User.default_system_account?('LOCAL SERVICE')).to eq(true)
+      end
+
+      it "should not identify user with unknown sid as a default system account" do
+        allow(Puppet::Util::Windows::SID).to receive(:name_to_sid).with('UnknownUser').and_return(Puppet::Util::Windows::SID::Null)
+        expect(Puppet::Util::Windows::User.default_system_account?('UnknownUser')).to eq(false)
+      end
+    end
+
+    describe "localsystem?" do
+      before do
+        allow(Puppet::Util::Windows::ADSI).to receive(:computer_name).and_return("myPC")
+      end
+
+      ['LocalSystem', '.\LocalSystem', 'myPC\LocalSystem', 'lOcALsysTem'].each do |input|
+        it "should succesfully identify #{input} as the 'LocalSystem' account" do
+          expect(Puppet::Util::Windows::User.localsystem?(input)).to eq(true)
+        end
+      end
+
+      it "should not identify any other user as the 'LocalSystem' account" do
+        expect(Puppet::Util::Windows::User.localsystem?('OtherUser')).to eq(false)
+      end
+    end
   end
 end

data/spec/unit/configurer/fact_handler_spec.rb

@@ -104,7 +104,7 @@ describe Puppet::Configurer::FactHandler do
           expect(text).to include(test_fact[:encoded])
 
           # this is not sufficient to test whether these values are sent via HTTP GET or HTTP POST in actual catalog request
-          expect(JSON.parse(URI.unescape(to_upload[:facts]))['values']).to eq(test_fact[:hash])
+          expect(JSON.parse(Puppet::Util.uri_unescape(to_upload[:facts]))['values']).to eq(test_fact[:hash])
         end
       end
     end
@@ -129,7 +129,7 @@ describe Puppet::Configurer::FactHandler do
           expect(to_upload).to eq({:facts_format => 'application/json', :facts => text})
           expect(text).to include(test_fact[:encoded])
 
-          expect(JSON.parse(URI.unescape(to_upload[:facts]))['values']).to eq(test_fact[:hash])
+          expect(JSON.parse(Puppet::Util.uri_unescape(to_upload[:facts]))['values']).to eq(test_fact[:hash])
         end
       end
     end
@@ -138,9 +138,9 @@ describe Puppet::Configurer::FactHandler do
       facts = Puppet::Node::Facts.new(Puppet[:node_name_value], 'my_name_fact' => 'other_node_name')
       Puppet::Node::Facts.indirection.save(facts)
 
-      # prefer URI.unescape but validate CGI also works
+      # prefer Puppet::Util.uri_unescape but validate CGI also works
       encoded_facts = facthandler.facts_for_uploading[:facts]
-      expect(URI.unescape(encoded_facts)).to validate_against('api/schemas/facts.json')
+      expect(Puppet::Util.uri_unescape(encoded_facts)).to validate_against('api/schemas/facts.json')
       expect(CGI.unescape(encoded_facts)).to validate_against('api/schemas/facts.json')
     end
   end

data/spec/unit/context/trusted_information_spec.rb

@@ -41,8 +41,12 @@ describe Puppet::Context::TrustedInformation, :unless => RUBY_PLATFORM == 'java'
   }
 
   def allow_external_trusted_data(certname, data)
-    Puppet[:trusted_external_command] = '/usr/bin/generate_data.sh'
-    allow(Puppet::Util::Execution).to receive(:execute).with(['/usr/bin/generate_data.sh', certname], anything).and_return(JSON.dump(data))
+    command = 'generate_data.sh'
+    Puppet[:trusted_external_command] = command
+    # The expand_path bit is necessary b/c :trusted_external_command is a
+    # file_or_directory setting, and file_or_directory settings automatically
+    # expand the given path.
+    allow(Puppet::Util::Execution).to receive(:execute).with([File.expand_path(command), certname], anything).and_return(JSON.dump(data))
   end
 
   it "defaults external to an empty hash" do
@@ -99,9 +103,11 @@ describe Puppet::Context::TrustedInformation, :unless => RUBY_PLATFORM == 'java'
     end
 
     it 'only runs the trusted external command the first time it is invoked' do
-      Puppet[:trusted_external_command] = '/usr/bin/generate_data.sh'
+      command = 'generate_data.sh'
+      Puppet[:trusted_external_command] = command
 
-      expect(Puppet::Util::Execution).to receive(:execute).with(['/usr/bin/generate_data.sh', 'cert name'], anything).and_return(JSON.dump(external_data)).once
+      # See allow_external_trusted_data to understand why expand_path is necessary
+      expect(Puppet::Util::Execution).to receive(:execute).with([File.expand_path(command), 'cert name'], anything).and_return(JSON.dump(external_data)).once
 
       trusted = Puppet::Context::TrustedInformation.remote(true, 'cert name', cert)
       trusted.external

data/spec/unit/file_serving/http_metadata_spec.rb

@@ -30,11 +30,6 @@ describe Puppet::FileServing::HttpMetadata do
     end
 
     context "with no Last-Modified or Content-MD5 header from the server" do
-      before do
-        allow(http_response).to receive(:[]).with('last-modified').and_return(nil)
-        allow(http_response).to receive(:[]).with('content-md5').and_return(nil)
-      end
-
       it "should use :mtime as the checksum type, based on current time" do
         # Stringifying Time.now does some rounding; do so here so we don't end up with a time
         # that's greater than the stringified version returned by collect.
@@ -51,13 +46,9 @@ describe Puppet::FileServing::HttpMetadata do
     context "with a Last-Modified header from the server" do
       let(:time) { Time.now.utc }
 
-      before do
-        allow(http_response).to receive(:[]).with('content-md5').and_return(nil)
-      end
-
       it "should use :mtime as the checksum type, based on Last-Modified" do
         # HTTP uses "GMT" not "UTC"
-        allow(http_response).to receive(:[]).with('last-modified').and_return(time.strftime("%a, %d %b %Y %T GMT"))
+        http_response.add_field('last-modified', time.strftime("%a, %d %b %Y %T GMT"))
         metadata = described_class.new(http_response)
         metadata.collect
         expect( metadata.checksum_type ).to eq :mtime
@@ -70,16 +61,48 @@ describe Puppet::FileServing::HttpMetadata do
       let(:base64) { Digest::MD5.new.base64digest input }
       let(:hex) { Digest::MD5.new.hexdigest input }
 
-      before do
-        allow(http_response).to receive(:[]).with('last-modified').and_return(nil)
-        allow(http_response).to receive(:[]).with('content-md5').and_return(base64)
+      it "should use the md5 checksum" do
+        http_response.add_field('content-md5', base64)
+        metadata = described_class.new(http_response)
+        metadata.collect
+        expect( metadata.checksum_type ).to eq :md5
+        expect( metadata.checksum ).to eq "{md5}#{hex}"
       end
+    end
+
+    context "with X-Checksum-Md5" do
+      let(:md5) { "c58989e9740a748de4f5054286faf99b" }
 
       it "should use the md5 checksum" do
+        http_response.add_field('X-Checksum-Md5', md5)
         metadata = described_class.new(http_response)
         metadata.collect
         expect( metadata.checksum_type ).to eq :md5
-        expect( metadata.checksum ).to eq "{md5}#{hex}"
+        expect( metadata.checksum ).to eq "{md5}#{md5}"
+      end
+    end
+
+    context "with X-Checksum-Sha1" do
+      let(:sha1) { "01e4d15746f4274b84d740a93e04b9fd2882e3ea" }
+
+      it "should use the SHA1 checksum" do
+        http_response.add_field('X-Checksum-Sha1', sha1)
+        metadata = described_class.new(http_response)
+        metadata.collect
+        expect( metadata.checksum_type ).to eq :sha1
+        expect( metadata.checksum ).to eq "{sha1}#{sha1}"
+      end
+    end
+
+    context "with X-Checksum-Sha256" do
+      let(:sha256) { "a3eda98259c30e1e75039c2123670c18105e1c46efb672e42ca0e4cbe77b002a" }
+
+      it "should use the SHA256 checksum" do
+        http_response.add_field('X-Checksum-Sha256', sha256)
+        metadata = described_class.new(http_response)
+        metadata.collect
+        expect( metadata.checksum_type ).to eq :sha256
+        expect( metadata.checksum ).to eq "{sha256}#{sha256}"
       end
     end
   end

data/spec/unit/file_serving/terminus_selector_spec.rb

@@ -3,62 +3,81 @@ require 'spec_helper'
 require 'puppet/file_serving/terminus_selector'
 
 describe Puppet::FileServing::TerminusSelector do
-  before do
-    @object = Object.new
-    @object.extend(Puppet::FileServing::TerminusSelector)
+  class TestSelector
+    include Puppet::FileServing::TerminusSelector
+  end
 
-    @request = double('request', :key => "mymod/myfile", :options => {:node => "whatever"}, :server => nil, :protocol => nil)
+  def create_request(key)
+    Puppet::Indirector::Request.new(:indirection_name, :find, key, nil, {node: 'whatever'})
   end
 
+  subject { TestSelector.new }
+
   describe "when being used to select termini" do
     it "should return :file if the request key is fully qualified" do
-      expect(@request).to receive(:key).and_return(File.expand_path('/foo'))
-      expect(@object.select(@request)).to eq(:file)
+      request = create_request(File.expand_path('/foo'))
+
+      expect(subject.select(request)).to eq(:file)
+    end
+
+    it "should return :file_server if the request key is relative" do
+      request = create_request('modules/my_module/path/to_file')
+
+      expect(subject.select(request)).to eq(:file_server)
     end
 
     it "should return :file if the URI protocol is set to 'file'" do
-      expect(@request).to receive(:protocol).and_return("file")
-      expect(@object.select(@request)).to eq(:file)
+      request = create_request(Puppet::Util.path_to_uri(File.expand_path("/foo")).to_s)
+
+      expect(subject.select(request)).to eq(:file)
     end
 
     it "should return :http if the URI protocol is set to 'http'" do
-      expect(@request).to receive(:protocol).and_return("http")
-      expect(@object.select(@request)).to eq :http
+      request = create_request("http://www.example.com")
+
+      expect(subject.select(request)).to eq(:http)
     end
 
     it "should return :http if the URI protocol is set to 'https'" do
-      expect(@request).to receive(:protocol).and_return("https")
-      expect(@object.select(@request)).to eq :http
+      request = create_request("https://www.example.com")
+
+      expect(subject.select(request)).to eq(:http)
+    end
+
+    it "should return :http if the path starts with a double slash" do
+      request = create_request("https://www.example.com//index.html")
+
+      expect(subject.select(request)).to eq(:http)
     end
 
     it "should fail when a protocol other than :puppet, :http(s) or :file is used" do
-      allow(@request).to receive(:protocol).and_return("ftp")
-      expect { @object.select(@request) }.to raise_error(ArgumentError)
+      request = create_request("ftp://ftp.example.com")
+
+      expect {
+        subject.select(request)
+      }.to raise_error(ArgumentError, /URI protocol 'ftp' is not currently supported for file serving/)
     end
 
     describe "and the protocol is 'puppet'" do
-      before do
-        allow(@request).to receive(:protocol).and_return("puppet")
-      end
-
       it "should choose :rest when a server is specified" do
-        allow(@request).to receive(:protocol).and_return("puppet")
-        expect(@request).to receive(:server).and_return("foo")
-        expect(@object.select(@request)).to eq(:rest)
+        request = create_request("puppet://puppetserver.example.com")
+
+        expect(subject.select(request)).to eq(:rest)
       end
 
       # This is so a given file location works when bootstrapping with no server.
       it "should choose :rest when default_file_terminus is rest" do
-        allow(@request).to receive(:protocol).and_return("puppet")
         Puppet[:server] = 'localhost'
-        expect(@object.select(@request)).to eq(:rest)
+        request = create_request("puppet:///plugins")
+
+        expect(subject.select(request)).to eq(:rest)
       end
 
       it "should choose :file_server when default_file_terminus is file_server and no server is specified on the request" do
-        expect(@request).to receive(:protocol).and_return("puppet")
-        expect(@request).to receive(:server).and_return(nil)
         Puppet[:default_file_terminus] = 'file_server'
-        expect(@object.select(@request)).to eq(:file_server)
+        request = create_request("puppet:///plugins")
+
+        expect(subject.select(request)).to eq(:file_server)
       end
     end
   end

data/spec/unit/http/client_spec.rb

@@ -507,6 +507,20 @@ describe Puppet::HTTP::Client do
 
       client.get(uri, options: {basic_auth: {user: 'user', password: nil}})
     end
+
+    it 'observes userinfo in the URL' do
+      stub_request(:get, uri).with(basic_auth: credentials)
+
+      client.get(URI("https://user:pass@www.example.com"))
+    end
+
+    it 'prefers explicit basic_auth credentials' do
+      uri = URI("https://ignored_user:ignored_pass@www.example.com")
+
+      stub_request(:get, "https://www.example.com").with(basic_auth: credentials)
+
+      client.get(uri, options: {basic_auth: {user: 'user', password: 'pass'}})
+    end
   end
 
   context "when redirecting" do
@@ -535,10 +549,41 @@ describe Puppet::HTTP::Client do
       expect(response).to be_success
     end
 
-    it "preserves query parameters" do
-      query = { 'debug' => true }
-      stub_request(:get, start_url).with(query: query).to_return(redirect_to(url: bar_url))
-      stub_request(:get, bar_url).with(query: query).to_return(status: 200)
+    it "updates the Host header from the Location host and port" do
+      stub_request(:get, start_url).with(headers: { 'Host' => 'www.example.com:8140' })
+        .to_return(redirect_to(url: other_host))
+      stub_request(:get, other_host).with(headers: { 'Host' => 'other.example.com:8140' })
+        .to_return(status: 200)
+
+      response = client.get(start_url)
+      expect(response).to be_success
+    end
+
+    it "omits the default HTTPS port from the Host header" do
+      stub_request(:get, start_url).with(headers: { 'Host' => 'www.example.com:8140' })
+        .to_return(redirect_to(url: "https://other.example.com/qux"))
+      stub_request(:get, "https://other.example.com/qux").with(headers: { 'Host' => 'other.example.com' })
+        .to_return(status: 200)
+
+      response = client.get(start_url)
+      expect(response).to be_success
+    end
+
+    it "omits the default HTTP port from the Host header" do
+      stub_request(:get, start_url).with(headers: { 'Host' => 'www.example.com:8140' })
+        .to_return(redirect_to(url: "http://other.example.com/qux"))
+      stub_request(:get, "http://other.example.com/qux").with(headers: { 'Host' => 'other.example.com' })
+        .to_return(status: 200)
+
+      response = client.get(start_url)
+      expect(response).to be_success
+    end
+
+    it "applies query parameters from the location header" do
+      query = { 'redirected' => false }
+
+      stub_request(:get, start_url).with(query: query).to_return(redirect_to(url: "#{bar_url}?redirected=true"))
+      stub_request(:get, bar_url).with(query: {'redirected' => 'true'}).to_return(status: 200)
 
       response = client.get(start_url, params: query)
       expect(response).to be_success
@@ -569,16 +614,27 @@ describe Puppet::HTTP::Client do
       expect(response).to be_success
     end
 
-    it "preserves query parameters given a relative location" do
+    it "applies query parameters from the location header" do
       relative_url = "/people.html"
-      query = { 'debug' => true }
-      stub_request(:get, start_url).with(query: query).to_return(redirect_to(url: relative_url))
-      stub_request(:get, "https://www.example.com:8140/people.html").with(query: query).to_return(status: 200)
+      query = { 'redirected' => false }
+      stub_request(:get, start_url).with(query: query).to_return(redirect_to(url: "#{relative_url}?redirected=true"))
+      stub_request(:get, "https://www.example.com:8140/people.html").with(query: {'redirected' => 'true'}).to_return(status: 200)
 
       response = client.get(start_url, params: query)
       expect(response).to be_success
     end
 
+    it "removes dot segments from a relative location" do
+      # from https://tools.ietf.org/html/rfc3986#section-5.4.2
+      base_url = URI("http://a/b/c/d;p?q")
+      relative_url = "../../../../g"
+      stub_request(:get, base_url).to_return(redirect_to(url: relative_url))
+      stub_request(:get, "http://a/g").to_return(status: 200)
+
+      response = client.get(base_url)
+      expect(response).to be_success
+    end
+
     it "preserves request body for each request" do
       data = 'some data'
       stub_request(:put, start_url).with(body: data).to_return(redirect_to(url: bar_url))