rest-client 1.7.2 → 1.7.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of rest-client might be problematic. Click here for more details.
- checksums.yaml +7 -0
- data/history.md +6 -0
- data/lib/restclient/exceptions.rb +1 -1
- data/lib/restclient/platform.rb +1 -1
- data/lib/restclient/request.rb +48 -19
- data/lib/restclient/version.rb +1 -1
- data/spec/integration/request_spec.rb +4 -4
- data/spec/unit/request_spec.rb +12 -0
- metadata +29 -48
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 8807a06ea9680179c83ab3cc8e93c13b517c04a4
|
4
|
+
data.tar.gz: bdaa911803deedb6cc50870ecc438f98fbd6ba8f
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 40873fc7011e525bcec7460323c7256397783232d16f01eea880a45c6f7ad4c454edb0e28ac4150a76101f9ab48ca62ea63fb740297168760b75743bf565d896
|
7
|
+
data.tar.gz: 88be594b35a8c7eca659b553fd79c09ee6aec9411f1eaa176c9bf1bba95822c7283fb1cba78c5c9528ad97d7581475ee59d9dccd93cc06f5c2d1a53c4a8f3ecb
|
data/history.md
CHANGED
@@ -195,8 +195,8 @@ module RestClient
|
|
195
195
|
end
|
196
196
|
end
|
197
197
|
|
198
|
-
# backwards compatibility
|
199
198
|
class RestClient::Request
|
199
|
+
# backwards compatibility
|
200
200
|
Redirect = RestClient::Redirect
|
201
201
|
Unauthorized = RestClient::Unauthorized
|
202
202
|
RequestFailed = RestClient::RequestFailed
|
data/lib/restclient/platform.rb
CHANGED
data/lib/restclient/request.rb
CHANGED
@@ -334,7 +334,7 @@ module RestClient
|
|
334
334
|
|
335
335
|
def print_verify_callback_warnings
|
336
336
|
warned = false
|
337
|
-
if RestClient::Platform.
|
337
|
+
if RestClient::Platform.mac_mri?
|
338
338
|
warn('warning: ssl_verify_callback return code is ignored on OS X')
|
339
339
|
warned = true
|
340
340
|
end
|
@@ -519,7 +519,18 @@ module RestClient
|
|
519
519
|
return unless RestClient.log
|
520
520
|
|
521
521
|
out = []
|
522
|
-
|
522
|
+
sanitized_url = begin
|
523
|
+
uri = URI.parse(url)
|
524
|
+
uri.password = "REDACTED" if uri.password
|
525
|
+
uri.to_s
|
526
|
+
rescue URI::InvalidURIError
|
527
|
+
# An attacker may be able to manipulate the URL to be
|
528
|
+
# invalid, which could force discloure of a password if
|
529
|
+
# we show any of the un-parsed URL here.
|
530
|
+
"[invalid uri]"
|
531
|
+
end
|
532
|
+
|
533
|
+
out << "RestClient.#{method} #{sanitized_url.inspect}"
|
523
534
|
out << payload.short_inspect if payload
|
524
535
|
out << processed_headers.to_a.sort.map { |(k, v)| [k.inspect, v.inspect].join("=>") }.join(", ")
|
525
536
|
RestClient.log << out.join(', ') + "\n"
|
@@ -544,8 +555,7 @@ module RestClient
|
|
544
555
|
key = key.to_s.split(/_/).map { |w| w.capitalize }.join('-')
|
545
556
|
end
|
546
557
|
if 'CONTENT-TYPE' == key.upcase
|
547
|
-
|
548
|
-
result[key] = MIME::Types.type_for_extension target_value
|
558
|
+
result[key] = maybe_convert_extension(value.to_s)
|
549
559
|
elsif 'ACCEPT' == key.upcase
|
550
560
|
# Accept can be composed of several comma-separated values
|
551
561
|
if value.is_a? Array
|
@@ -553,7 +563,9 @@ module RestClient
|
|
553
563
|
else
|
554
564
|
target_values = value.to_s.split ','
|
555
565
|
end
|
556
|
-
result[key] = target_values.map { |ext|
|
566
|
+
result[key] = target_values.map { |ext|
|
567
|
+
maybe_convert_extension(ext.to_s.strip)
|
568
|
+
}.join(', ')
|
557
569
|
else
|
558
570
|
result[key] = value.to_s
|
559
571
|
end
|
@@ -571,21 +583,38 @@ module RestClient
|
|
571
583
|
URI.const_defined?(:Parser) ? URI::Parser.new : URI
|
572
584
|
end
|
573
585
|
|
574
|
-
|
575
|
-
|
576
|
-
|
577
|
-
|
578
|
-
|
579
|
-
|
580
|
-
#
|
581
|
-
|
582
|
-
|
583
|
-
|
584
|
-
|
586
|
+
# Given a MIME type or file extension, return either a MIME type or, if
|
587
|
+
# none is found, the input unchanged.
|
588
|
+
#
|
589
|
+
# >> maybe_convert_extension('json')
|
590
|
+
# => 'application/json'
|
591
|
+
#
|
592
|
+
# >> maybe_convert_extension('unknown')
|
593
|
+
# => 'unknown'
|
594
|
+
#
|
595
|
+
# >> maybe_convert_extension('application/xml')
|
596
|
+
# => 'application/xml'
|
597
|
+
#
|
598
|
+
# @param ext [String]
|
599
|
+
#
|
600
|
+
# @return [String]
|
601
|
+
#
|
602
|
+
def maybe_convert_extension(ext)
|
603
|
+
unless ext =~ /\A[a-zA-Z0-9_@-]+\z/
|
604
|
+
# Don't look up strings unless they look like they could be a file
|
605
|
+
# extension known to mime-types.
|
606
|
+
#
|
607
|
+
# There currently isn't any API public way to look up extensions
|
608
|
+
# directly out of MIME::Types, but the type_for() method only strips
|
609
|
+
# off after a period anyway.
|
610
|
+
return ext
|
611
|
+
end
|
585
612
|
|
586
|
-
|
587
|
-
|
588
|
-
|
613
|
+
types = MIME::Types.type_for(ext)
|
614
|
+
if types.empty?
|
615
|
+
ext
|
616
|
+
else
|
617
|
+
types.first.content_type
|
589
618
|
end
|
590
619
|
end
|
591
620
|
end
|
data/lib/restclient/version.rb
CHANGED
@@ -34,7 +34,7 @@ describe RestClient::Request do
|
|
34
34
|
#
|
35
35
|
# On OS X, this test fails since Apple has patched OpenSSL to always fall
|
36
36
|
# back on the system CA store.
|
37
|
-
it "is unsuccessful with an incorrect ca_file", :unless => RestClient::Platform.
|
37
|
+
it "is unsuccessful with an incorrect ca_file", :unless => RestClient::Platform.mac_mri? do
|
38
38
|
request = RestClient::Request.new(
|
39
39
|
:method => :get,
|
40
40
|
:url => 'https://www.mozilla.org',
|
@@ -45,7 +45,7 @@ describe RestClient::Request do
|
|
45
45
|
|
46
46
|
# On OS X, this test fails since Apple has patched OpenSSL to always fall
|
47
47
|
# back on the system CA store.
|
48
|
-
it "is unsuccessful with an incorrect ca_path", :unless => RestClient::Platform.
|
48
|
+
it "is unsuccessful with an incorrect ca_path", :unless => RestClient::Platform.mac_mri? do
|
49
49
|
request = RestClient::Request.new(
|
50
50
|
:method => :get,
|
51
51
|
:url => 'https://www.mozilla.org',
|
@@ -79,7 +79,7 @@ describe RestClient::Request do
|
|
79
79
|
end
|
80
80
|
|
81
81
|
it "fails verification when the callback returns false",
|
82
|
-
:unless => RestClient::Platform.
|
82
|
+
:unless => RestClient::Platform.mac_mri? do
|
83
83
|
request = RestClient::Request.new(
|
84
84
|
:method => :get,
|
85
85
|
:url => 'https://www.mozilla.org',
|
@@ -90,7 +90,7 @@ describe RestClient::Request do
|
|
90
90
|
end
|
91
91
|
|
92
92
|
it "succeeds verification when the callback returns true",
|
93
|
-
:unless => RestClient::Platform.
|
93
|
+
:unless => RestClient::Platform.mac_mri? do
|
94
94
|
request = RestClient::Request.new(
|
95
95
|
:method => :get,
|
96
96
|
:url => 'https://www.mozilla.org',
|
data/spec/unit/request_spec.rb
CHANGED
@@ -414,6 +414,18 @@ describe RestClient::Request do
|
|
414
414
|
@request.log_response res
|
415
415
|
log[0].should eq "# => 200 OK | text/html 0 bytes\n"
|
416
416
|
end
|
417
|
+
|
418
|
+
it 'does not log request password' do
|
419
|
+
log = RestClient.log = []
|
420
|
+
RestClient::Request.new(:method => :get, :url => 'http://user:password@url', :headers => {:user_agent => 'rest-client', :accept => '*/*'}).log_request
|
421
|
+
log[0].should eq %Q{RestClient.get "http://user:REDACTED@url", "Accept"=>"*/*", "Accept-Encoding"=>"gzip, deflate", "User-Agent"=>"rest-client"\n}
|
422
|
+
end
|
423
|
+
|
424
|
+
it 'logs invalid URIs, even though they will fail elsewhere' do
|
425
|
+
log = RestClient.log = []
|
426
|
+
RestClient::Request.new(:method => :get, :url => 'http://a@b:c', :headers => {:user_agent => 'rest-client', :accept => '*/*'}).log_request
|
427
|
+
log[0].should eq %Q{RestClient.get "[invalid uri]", "Accept"=>"*/*", "Accept-Encoding"=>"gzip, deflate", "User-Agent"=>"rest-client"\n}
|
428
|
+
end
|
417
429
|
end
|
418
430
|
|
419
431
|
it "strips the charset from the response content type" do
|
metadata
CHANGED
@@ -1,141 +1,126 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rest-client
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.7.
|
5
|
-
prerelease:
|
4
|
+
version: 1.7.3
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- REST Client Team
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date:
|
11
|
+
date: 2015-02-20 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
14
|
name: webmock
|
16
15
|
requirement: !ruby/object:Gem::Requirement
|
17
|
-
none: false
|
18
16
|
requirements:
|
19
|
-
- - ~>
|
17
|
+
- - "~>"
|
20
18
|
- !ruby/object:Gem::Version
|
21
19
|
version: '1.4'
|
22
20
|
type: :development
|
23
21
|
prerelease: false
|
24
22
|
version_requirements: !ruby/object:Gem::Requirement
|
25
|
-
none: false
|
26
23
|
requirements:
|
27
|
-
- - ~>
|
24
|
+
- - "~>"
|
28
25
|
- !ruby/object:Gem::Version
|
29
26
|
version: '1.4'
|
30
27
|
- !ruby/object:Gem::Dependency
|
31
28
|
name: rspec
|
32
29
|
requirement: !ruby/object:Gem::Requirement
|
33
|
-
none: false
|
34
30
|
requirements:
|
35
|
-
- - ~>
|
31
|
+
- - "~>"
|
36
32
|
- !ruby/object:Gem::Version
|
37
33
|
version: '2.4'
|
38
34
|
type: :development
|
39
35
|
prerelease: false
|
40
36
|
version_requirements: !ruby/object:Gem::Requirement
|
41
|
-
none: false
|
42
37
|
requirements:
|
43
|
-
- - ~>
|
38
|
+
- - "~>"
|
44
39
|
- !ruby/object:Gem::Version
|
45
40
|
version: '2.4'
|
46
41
|
- !ruby/object:Gem::Dependency
|
47
42
|
name: pry
|
48
43
|
requirement: !ruby/object:Gem::Requirement
|
49
|
-
none: false
|
50
44
|
requirements:
|
51
|
-
- -
|
45
|
+
- - ">="
|
52
46
|
- !ruby/object:Gem::Version
|
53
47
|
version: '0'
|
54
48
|
type: :development
|
55
49
|
prerelease: false
|
56
50
|
version_requirements: !ruby/object:Gem::Requirement
|
57
|
-
none: false
|
58
51
|
requirements:
|
59
|
-
- -
|
52
|
+
- - ">="
|
60
53
|
- !ruby/object:Gem::Version
|
61
54
|
version: '0'
|
62
55
|
- !ruby/object:Gem::Dependency
|
63
56
|
name: pry-doc
|
64
57
|
requirement: !ruby/object:Gem::Requirement
|
65
|
-
none: false
|
66
58
|
requirements:
|
67
|
-
- -
|
59
|
+
- - ">="
|
68
60
|
- !ruby/object:Gem::Version
|
69
61
|
version: '0'
|
70
62
|
type: :development
|
71
63
|
prerelease: false
|
72
64
|
version_requirements: !ruby/object:Gem::Requirement
|
73
|
-
none: false
|
74
65
|
requirements:
|
75
|
-
- -
|
66
|
+
- - ">="
|
76
67
|
- !ruby/object:Gem::Version
|
77
68
|
version: '0'
|
78
69
|
- !ruby/object:Gem::Dependency
|
79
70
|
name: rdoc
|
80
71
|
requirement: !ruby/object:Gem::Requirement
|
81
|
-
none: false
|
82
72
|
requirements:
|
83
|
-
- -
|
73
|
+
- - ">="
|
84
74
|
- !ruby/object:Gem::Version
|
85
75
|
version: 2.4.2
|
86
|
-
- - <
|
76
|
+
- - "<"
|
87
77
|
- !ruby/object:Gem::Version
|
88
78
|
version: '5.0'
|
89
79
|
type: :development
|
90
80
|
prerelease: false
|
91
81
|
version_requirements: !ruby/object:Gem::Requirement
|
92
|
-
none: false
|
93
82
|
requirements:
|
94
|
-
- -
|
83
|
+
- - ">="
|
95
84
|
- !ruby/object:Gem::Version
|
96
85
|
version: 2.4.2
|
97
|
-
- - <
|
86
|
+
- - "<"
|
98
87
|
- !ruby/object:Gem::Version
|
99
88
|
version: '5.0'
|
100
89
|
- !ruby/object:Gem::Dependency
|
101
90
|
name: mime-types
|
102
91
|
requirement: !ruby/object:Gem::Requirement
|
103
|
-
none: false
|
104
92
|
requirements:
|
105
|
-
- -
|
93
|
+
- - ">="
|
106
94
|
- !ruby/object:Gem::Version
|
107
95
|
version: '1.16'
|
108
|
-
- - <
|
96
|
+
- - "<"
|
109
97
|
- !ruby/object:Gem::Version
|
110
98
|
version: '3.0'
|
111
99
|
type: :runtime
|
112
100
|
prerelease: false
|
113
101
|
version_requirements: !ruby/object:Gem::Requirement
|
114
|
-
none: false
|
115
102
|
requirements:
|
116
|
-
- -
|
103
|
+
- - ">="
|
117
104
|
- !ruby/object:Gem::Version
|
118
105
|
version: '1.16'
|
119
|
-
- - <
|
106
|
+
- - "<"
|
120
107
|
- !ruby/object:Gem::Version
|
121
108
|
version: '3.0'
|
122
109
|
- !ruby/object:Gem::Dependency
|
123
110
|
name: netrc
|
124
111
|
requirement: !ruby/object:Gem::Requirement
|
125
|
-
none: false
|
126
112
|
requirements:
|
127
|
-
- - ~>
|
113
|
+
- - "~>"
|
128
114
|
- !ruby/object:Gem::Version
|
129
115
|
version: '0.7'
|
130
116
|
type: :runtime
|
131
117
|
prerelease: false
|
132
118
|
version_requirements: !ruby/object:Gem::Requirement
|
133
|
-
none: false
|
134
119
|
requirements:
|
135
|
-
- - ~>
|
120
|
+
- - "~>"
|
136
121
|
- !ruby/object:Gem::Version
|
137
122
|
version: '0.7'
|
138
|
-
description:
|
123
|
+
description: 'A simple HTTP and REST client for Ruby, inspired by the Sinatra microframework
|
139
124
|
style of specifying actions: get, put, post, delete.'
|
140
125
|
email: rest.client@librelist.com
|
141
126
|
executables:
|
@@ -145,9 +130,9 @@ extra_rdoc_files:
|
|
145
130
|
- README.rdoc
|
146
131
|
- history.md
|
147
132
|
files:
|
148
|
-
- .gitignore
|
149
|
-
- .rspec
|
150
|
-
- .travis.yml
|
133
|
+
- ".gitignore"
|
134
|
+
- ".rspec"
|
135
|
+
- ".travis.yml"
|
151
136
|
- AUTHORS
|
152
137
|
- Gemfile
|
153
138
|
- LICENSE
|
@@ -198,30 +183,26 @@ files:
|
|
198
183
|
homepage: https://github.com/rest-client/rest-client
|
199
184
|
licenses:
|
200
185
|
- MIT
|
186
|
+
metadata: {}
|
201
187
|
post_install_message:
|
202
188
|
rdoc_options: []
|
203
189
|
require_paths:
|
204
190
|
- lib
|
205
191
|
required_ruby_version: !ruby/object:Gem::Requirement
|
206
|
-
none: false
|
207
192
|
requirements:
|
208
|
-
- -
|
193
|
+
- - ">="
|
209
194
|
- !ruby/object:Gem::Version
|
210
195
|
version: 1.9.2
|
211
196
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
212
|
-
none: false
|
213
197
|
requirements:
|
214
|
-
- -
|
198
|
+
- - ">="
|
215
199
|
- !ruby/object:Gem::Version
|
216
200
|
version: '0'
|
217
|
-
segments:
|
218
|
-
- 0
|
219
|
-
hash: 1102817666116175326
|
220
201
|
requirements: []
|
221
202
|
rubyforge_project:
|
222
|
-
rubygems_version:
|
203
|
+
rubygems_version: 2.2.2
|
223
204
|
signing_key:
|
224
|
-
specification_version:
|
205
|
+
specification_version: 4
|
225
206
|
summary: Simple HTTP and REST client for Ruby, inspired by microframework syntax for
|
226
207
|
specifying actions.
|
227
208
|
test_files:
|