| Age | Commit message (Collapse) | Author |
|---|
|
https://github.com/ruby/net-http/commit/b8bdb7248e
|
|
https://github.com/ruby/net-http/commit/da626e4e42
|
|
(https://github.com/ruby/net-http/pull/89)
https://github.com/ruby/net-http/commit/86b84eb307
|
|
(https://github.com/ruby/net-http/pull/85)
https://github.com/ruby/net-http/commit/9d9040fb79
|
|
The lack of a newline between the call-seq and the documentation was
causing the documentation to be parsed as a call-seq.
https://github.com/ruby/net-http/commit/1a212e2065
|
|
https://github.com/ruby/net-http/commit/09a9ea163a
|
|
https://github.com/ruby/net-http/commit/0512b5bfc9
|
|
https://github.com/ruby/net-http/commit/4444e8cea4
|
|
https://github.com/ruby/net-http/commit/6b30c5310b
|
|
https://github.com/ruby/net-http/commit/16d042fad6
Co-authored-by: Peter Zhu <peter@peterzhu.ca>
|
|
https://github.com/ruby/net-http/commit/4a5732e210
|
|
|
|
This reverts commit https://github.com/ruby/net-http/commit/753cae3bbccc.
https://github.com/ruby/net-http/commit/98caa38204
|
|
This list is out of date. At least OpenBSD since 2013 does not
allow one user to read the environment variables of a process
run by another user.
While we could try to keep the list updated, I think it's a bad
idea to not use the user/password from the environment, even if
another user on the system could read it. If http_proxy exists
in the environment, and other users can read it, it doesn't
make it more secure for Ruby to ignore it. You could argue that
it encourages poor security practices, but net/http should provide
mechanism, not policy.
Fixes [Bug #18908]
https://github.com/ruby/net-http/commit/1e4585153d
|
|
https://github.com/ruby/net-http/commit/992d07cb41
|
|
https://github.com/ruby/net-http/commit/0017cc64c0
|
|
Handle missing session_new_cb= and do not call
session_cache_mode=, as JRuby SSL does not support
these methods.
https://github.com/ruby/net-http/commit/3237ef4d8c
|
|
The ignore_eof setting on HTTPResponse makes it so an EOFError is
raised when reading bodies with a defined Content-Length, if the
body read was truncated due to the socket be closed.
The ignore_eof setting on HTTP sets the values used in responses
that are created by the object.
For backwards compatibility, the default is for both settings is
true. However, unless you are specifically tested for and handling
truncated responses, it's a good idea to set ignore_eof to false so
that errors are raised for truncated responses, instead of those
errors silently being ignored.
Fixes [Bug #14972]
https://github.com/ruby/net-http/commit/4d47e34995
|
|
encoding
This allows for the ability to opt-in to a method to set the
encoding of response bodies. By setting the accessor to a String
or Encoding instance, it will use the specified encoding.
Setting the value of true will try to detect the encoding of the
response body, either using the Content-Type header (assuming it
specifies charset) or by scanning for a <meta> tag in the document
that specifies the encoding. The default is false in which case
no forcing of encoding will be done (same as before the patch).
Implements [Feature #2567]
Implements [Feature #15517]
https://github.com/ruby/net-http/commit/6233e6b7c1
Co-authored-by: Yui Naruse <naruse@ruby-lang.org>
|
|
RFC 6066, section 3, explicitly disallows the use of an IP address
as an SNI server name. So check if the connection is being made
to an IP address using the resolv regexps, and do not set an SNI
hostname in that case.
Recent changes to LibreSSL make it more strictly follow RFC 6066,
resulting an s.hostname= raising an error if passed an IP address.
When such verions of LibreSSL are used, this change not only fixes
the net/http tests, it also fixes tests for webrick and open-uri,
which both make SSL connections to 127.0.0.1 using net/http in
their tests.
Avoid warning in the openssl extension by unsetting
@ssl_context.verify_hostname if connecting to an IP address.
Make changes so that the post_connection_check still happens
when connecting to an IP address, which is necessary to keep
checking that the certificate returned includes the IP address,
which one of the tests depends on.
Revert the previous change that modified the regexp used for
checking the error message.
https://github.com/ruby/net-http/commit/fa68e64bee
|
|
Renames `D` to `debug` in `Net::HTTP` and introduces an alias for
backwards compatibility. This was done for readability reasons, in that
`D` did not clearly reflect what the method was doing and can cause some
confusion.
https://github.com/ruby/net-http/commit/582d6e87d6
|
|
`response_body_permitted?` is a method of request.
|
|
The last_communicated timestamp is for HTTP persistent connection, to
decide whether the current TCP connection may be reused for the
subsequent requests or not. Naturally, the timer must be reset if the
connection is recreated since it is no longer relevant.
https://github.com/ruby/net-http/commit/0a013de42d
|
|
Notes:
Merged: https://github.com/ruby/ruby/pull/4970
|
|
https://github.com/ruby/net-http/commit/f3e65e2a31
|
|
It is not used in net/http library code since commit 15ccd0118c13
(r36473 in ruby svn trunk, 2012).
require's in test suite are also cleaned up.
https://github.com/ruby/net-http/commit/996d18a43f
|
|
OpenSSL make take some time to initialize, and it would be best
to take that time before connecting instead of after.
From joshc on Redmine.
Fixes Ruby Bug #9459
https://github.com/ruby/net-http/commit/14e09fba24
|
|
If someone sets an env variable defining a http_proxy, containing a
username / password with percent-encoded characters, then the resulting
base64 encoded auth header will be wrong.
For example, suppose a username is `Y\X` and the password is `R%S] ?X`.
Properly URL encoded the proxy url would be:
http://Y%5CX:R%25S%5D%20%3FX@proxy.example:8000
The resulting proxy auth header should be: `WVxYOlIlU10gP1g=`, but the
getters defined by ruby StdLib `URI` return a username `Y%5CX` and
password `R%25S%5D%20%3FX`, resulting in `WSU1Q1g6UiUyNVMlNUQlMjAlM0ZY`.
As a result the proxy will deny the request.
Please note that this is my first contribution to the ruby ecosystem, to
standard lib especially and I am not a ruby developer.
References:
- https://gitlab.com/gitlab-org/gitlab/-/issues/289836
- https://bugs.ruby-lang.org/projects/ruby-master/repository/trunk/revisions/58461
- https://bugs.ruby-lang.org/issues/17542
https://github.com/ruby/net-http/commit/e57d4f38aa
|
|
Use Socket.tcp's connect_timeout option instead
https://github.com/ruby/net-http/commit/753cae3bbc
|
|
iff means if and only if, but readers without that knowledge might
assume this to be a spelling mistake. To me, this seems like
exclusionary language that is unnecessary. Simply using "if and only if"
instead should suffice.
https://github.com/ruby/net-http/commit/ffb87cad32
|
|
|
|
They are followed up with
https://github.com/ruby/ruby/commit/8fb02b7a97317090e3946e6f2d4a7d034f9699f1
|
|
"requiring version.rb" strategy has some issues.
- cannot work when cross-compiling
- often introduces wrong namespace
- must know the superclasses
- costs at each runtime than at build-time
etc.
Notes:
Merged: https://github.com/ruby/ruby/pull/3375
|
|
...to reflect that Net::HTTP.start accepts keep_alive_timeout as an option.
Notes:
Merged: https://github.com/ruby/ruby/pull/3185
|
|
|
|
Currently, Net::HTTP can only send a single SSL certificate when it
establishes a connection. Some use-cases involve sending an entire
certificate chain to the destination; for this, SSLContext supports
assigning to #extra_chain_cert=.
This adds support in Net::HTTP for exposing this underlying SSLContext
property to end-users. [Feature #9758]
|
|
|
|
* Let Net::HTTP.get take request headers
* Add more test cases for no header usages
* Add examples with request headers
* Add a NEWS entry [ci skip]
[Feature #16686]
Notes:
Merged-By: k0kubun <takashikkbn@gmail.com>
|
|
test/net/http/test_https.rb: rename fixture methods to read_fixture
because it conflicts with test-unit gem.
|
|
According to https://github.com/ruby/openssl/pull/60,
> Currently an user who wants to do the hostname verification needs to
call SSLSocket#post_connection_check explicitly after the TLS connection
is established.
if an user who wants to skip the hostname verification,
SSLSocket#post_connection_check doesn't need to be called
https://bugs.ruby-lang.org/issues/16555
|
|
54072e329cab7207fba133caba4fc12b45add8f9
|
|
|
|
|
|
to replace the address for TCP/IP connection [Feature #5180]
There're 3 layers of hostname:
* host address for TCP/IP
* TLS server name
* HTTP Host header value
To test DNS round robin or check server certificate from server local,
people sometimes want to connect server with given IP address but keep
TLS server name and HTTP Host header value.
closes [Feature #15215]
closes https://github.com/ruby/ruby/pull/1893
closes https://github.com/ruby/ruby/pull/1977
|
|
An EPIPE when sending the request should be ignored. Even if you
cannot write more data, you may still be able to read the server's
response.
Fixes [Bug #14466]
Notes:
Merged: https://github.com/ruby/ruby/pull/2494
|
|
A patch from casperisfine (Jean byroot Boussier).
[Fix GH-2012]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66891 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
This reverts commit 69a1db96fe63ff3071cb3d272675a1d0470aab01.
getaddrinfo(3) doesn't support timeout.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66660 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
lib/net/pop.rb: ditto
lib/net/ftp.rb: ditto
lib/net/smtp.rb: ditto
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66659 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
So that classes which uses Net::HTTP with https can use OpenSSL
namespace for example exception classes like OpenSSL::SSL::SSLError.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@66401 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65288 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
