Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: jnunemaker/httparty
base: cfacb8a287
...
head fork: jnunemaker/httparty
compare: v0.10.1
  • 12 commits
  • 14 files changed
  • 7 commit comments
  • 5 contributors
Commits on Jan 02, 2013
@kenmazaika kenmazaika Add support for passing in ciphers information into the ConnectionAda…
…pter, and have this work as expected with the Net:HTTP ConnectionAdapter.
e63ee15
@jnunemaker Merge branch 'openssl-ciphers2' of https://github.com/where/httparty
…into where-openssl-ciphers2

Conflicts:
	spec/httparty/connection_adapter_spec.rb
a936eaa
Commits on Jan 10, 2013
@jnunemaker Remove yaml due to possible security risk. 53a8124
@jnunemaker Release 0.10.0.
* Removed yaml support.
3e2ec2b
Commits on Jan 12, 2013
@titanous titanous Bump multi_xml dependency to 0.5.2 for CVE-2013-0175 fix e38baab
Commits on Jan 13, 2013
@jnunemaker Merge pull request #181 from titanous/bump-multi_xml
Bump multi_xml dependency to 0.5.2 for CVE-2013-0175 fix
94e5d4f
Commits on Jan 17, 2013
@ronyv89 ronyv89 Adding MOVE request handling 0474a61
Commits on Jan 26, 2013
@kachick kachick Rename conflict variable around block parameter
It removes below ruby's warning.

* "warning: shadowing outer local variable"
c68c9e3
@kachick kachick Remove unused variable in spec
It removes below ruby's warning.

* "warning: assigned but unused variable"
d571867
@jnunemaker Merge pull request #186 from kachick/improve-remove_warnings
Remove some warnings
74c0631
@jnunemaker Merge pull request #183 from ronyv89/master
MOVE Http request handling
fd1f49c
@jnunemaker Release 0.10.1. 0f04ba8
View
10 History
@@ -1,3 +1,13 @@
+== 0.10.1 2013-01-26
+
+* new
+ * [added support for MOVE requests](https://github.com/jnunemaker/httparty/pull/183)
+ * [bump multi xml version](https://github.com/jnunemaker/httparty/pull/181)
+
+== 0.10.0 2013-01-10
+* changes
+ * removed yaml support because of security risk (see rails yaml issues)
+
== 0.9.0 2012-09-07
* new
* [support for connection adapters](https://github.com/jnunemaker/httparty/pull/157)
View
2  examples/custom_parsers.rb
@@ -1,7 +1,7 @@
class ParseAtom
include HTTParty
- # Support Atom along with the default parsers: xml, json, yaml, etc.
+ # Support Atom along with the default parsers: xml, json, etc.
class Parser::Atom < HTTParty::Parser
SupportedFormats.merge!({"application/atom+xml" => :atom})
View
2  httparty.gemspec
@@ -13,7 +13,7 @@ Gem::Specification.new do |s|
s.description = %q{Makes http fun! Also, makes consuming restful web services dead easy.}
s.add_dependency 'multi_json', "~> 1.0"
- s.add_dependency 'multi_xml'
+ s.add_dependency 'multi_xml', ">= 0.5.2"
s.post_install_message = "When you HTTParty, you must party hard!"
View
24 lib/httparty.rb
@@ -299,7 +299,7 @@ def query_string_normalizer(normalizer)
default_options[:query_string_normalizer] = normalizer
end
- # Allows setting of SSL version to use. This only works in Ruby 1.9.
+ # Allows setting of SSL version to use. This only works in Ruby 1.9+.
# You can get a list of valid versions from OpenSSL::SSL::SSLContext::METHODS.
#
# class Foo
@@ -310,6 +310,19 @@ def ssl_version(version)
default_options[:ssl_version] = version
end
+ # Allows setting of SSL ciphers to use. This only works in Ruby 1.9+.
+ # You can get a list of valid specific ciphers from OpenSSL::Cipher.ciphers.
+ # You also can specify a cipher suite here, listed here at openssl.org:
+ # http://www.openssl.org/docs/apps/ciphers.html#CIPHER_SUITE_NAMES
+ #
+ # class Foo
+ # include HTTParty
+ # ciphers "RC4-SHA"
+ # end
+ def ciphers(cipher_names)
+ default_options[:ciphers] = cipher_names
+ end
+
# Allows setting an OpenSSL certificate authority file
#
# class Foo
@@ -416,6 +429,11 @@ def delete(path, options={}, &block)
perform_request Net::HTTP::Delete, path, options, &block
end
+ # Perform a MOVE request to a path
+ def move(path, options={}, &block)
+ perform_request Net::HTTP::Move, path, options, &block
+ end
+
# Perform a HEAD request to a path
def head(path, options={}, &block)
perform_request Net::HTTP::Head, path, options, &block
@@ -486,6 +504,10 @@ def self.delete(*args, &block)
Basement.delete(*args, &block)
end
+ def self.move(*args, &block)
+ Basement.move(*args, &block)
+ end
+
def self.head(*args, &block)
Basement.head(*args, &block)
end
View
4 lib/httparty/connection_adapter.rb
@@ -81,6 +81,10 @@ def connection
http.set_debug_output(options[:debug_output])
end
+ if options[:ciphers]
+ http.ciphers = options[:ciphers]
+ end
+
return http
end
View
6 lib/httparty/hash_conversions.rb
@@ -36,11 +36,11 @@ def self.normalize_param(key, value)
end
stack.each do |parent, hash|
- hash.each do |key, value|
+ hash.each do |k, v|
if value.is_a?(Hash)
- stack << ["#{parent}[#{key}]", value]
+ stack << ["#{parent}[#{k}]", v]
else
- param << normalize_param("#{parent}[#{key}]", value)
+ param << normalize_param("#{parent}[#{k}]", v)
end
end
end
View
8 lib/httparty/parser.rb
@@ -1,5 +1,5 @@
module HTTParty
- # The default parser used by HTTParty, supports xml, json, html, yaml, and
+ # The default parser used by HTTParty, supports xml, json, html, and
# plain text.
#
# == Custom Parsers
@@ -45,8 +45,6 @@ class Parser
'application/javascript' => :json,
'text/javascript' => :json,
'text/html' => :html,
- 'application/x-yaml' => :yaml,
- 'text/yaml' => :yaml,
'text/plain' => :plain
}
@@ -120,10 +118,6 @@ def json
end
end
- def yaml
- YAML.load(body)
- end
-
def html
body
end
View
3  lib/httparty/request.rb
@@ -7,7 +7,8 @@ class Request #:nodoc:
Net::HTTP::Put,
Net::HTTP::Delete,
Net::HTTP::Head,
- Net::HTTP::Options
+ Net::HTTP::Options,
+ Net::HTTP::Move
]
SupportedURISchemes = [URI::HTTP, URI::HTTPS, URI::Generic]
View
2  lib/httparty/version.rb
@@ -1,3 +1,3 @@
module HTTParty
- VERSION = "0.9.1"
+ VERSION = "0.10.1"
end
View
9 spec/httparty/connection_adapter_spec.rb
@@ -78,6 +78,7 @@
it { should use_ssl }
end
+
context "when ssl version is set" do
let(:options) { {:ssl_version => :TLSv1} }
@@ -95,6 +96,14 @@
end
end
+ context "specifying ciphers" do
+ let(:options) { {:ciphers => 'RC4-SHA' } }
+
+ it "should set the ciphers on the connection" do
+ subject.ciphers.should == 'RC4-SHA'
+ end
+ end if RUBY_VERSION > '1.9'
+
context "when timeout is not set" do
it "doesn't set the timeout" do
http = mock("http", :null_object => true)
View
5 spec/httparty/parser_spec.rb
@@ -155,11 +155,6 @@ def self.name; 'AtomParser'; end
subject.send(:json)
end
- it "parses yaml" do
- YAML.should_receive(:load).with('body')
- subject.send(:yaml)
- end
-
it "parses html by simply returning the body" do
subject.send(:html).should == 'body'
end
View
13 spec/httparty/request_spec.rb
@@ -225,12 +225,6 @@
@request.send(:parse_response, json).should == {'books' => {'book' => {'id' => '1234', 'name' => 'Foo Bar!'}}}
end
- it 'should handle yaml automatically' do
- yaml = "books: \n book: \n name: Foo Bar!\n id: \"1234\"\n"
- @request.options[:format] = :yaml
- @request.send(:parse_response, yaml).should == {'books' => {'book' => {'id' => '1234', 'name' => 'Foo Bar!'}}}
- end
-
it "should include any HTTP headers in the returned response" do
@request.options[:format] = :html
response = stub_response "Content"
@@ -289,7 +283,7 @@
end
it "returns the HTTParty::Response when the 300 does not contain a location header" do
- net_response = stub_response '', 300
+ stub_response '', 300
HTTParty::Response.should === @request.perform
end
end
@@ -364,6 +358,11 @@
@request.perform.should == {"hash" => {"foo" => "bar"}}
end
+ it "should be handled by MOVE transparently" do
+ @request.http_method = Net::HTTP::Move
+ @request.perform.should == {"hash" => {"foo" => "bar"}}
+ end
+
it "should be handled by PATCH transparently" do
@request.http_method = Net::HTTP::Patch
@request.perform.should == {"hash" => {"foo" => "bar"}}
View
21 spec/httparty_spec.rb
@@ -45,6 +45,14 @@
end
end
+ describe 'ciphers' do
+ it 'should set the ciphers content' do
+ @klass.default_options[:ciphers].should be_nil
+ @klass.ciphers 'RC4-SHA'
+ @klass.default_options[:ciphers].should == 'RC4-SHA'
+ end
+ end
+
describe 'http_proxy' do
it 'should set the address' do
@klass.http_proxy 'proxy.foo.com', 80
@@ -376,11 +384,6 @@ class MyParser < HTTParty::Parser
@klass.default_options[:format].should == :json
end
- it "should allow yaml" do
- @klass.format :yaml
- @klass.default_options[:format].should == :yaml
- end
-
it "should allow plain" do
@klass.format :plain
@klass.default_options[:format].should == :plain
@@ -395,7 +398,7 @@ class MyParser < HTTParty::Parser
it 'should only print each format once with an exception' do
lambda do
@klass.format :foobar
- end.should raise_error(HTTParty::UnsupportedFormat, "':foobar' Must be one of: html, json, plain, xml, yaml")
+ end.should raise_error(HTTParty::UnsupportedFormat, "':foobar' Must be one of: html, json, plain, xml")
end
it 'sets the default parser' do
@@ -488,6 +491,12 @@ class MyParser < HTTParty::Parser
end.should raise_error(HTTParty::RedirectionTooDeep) {|e| e.response.body.should == 'first redirect'}
end
+ it "should fail with redirected MOVE" do
+ lambda do
+ @klass.move('/foo', :no_follow => true)
+ end.should raise_error(HTTParty::RedirectionTooDeep) {|e| e.response.body.should == 'first redirect'}
+ end
+
it "should fail with redirected PUT" do
lambda do
@klass.put('/foo', :no_follow => true)
View
2  spec/support/ssl_test_server.rb
@@ -49,7 +49,7 @@ def stop
def thread_main
until @stopping_mutex.synchronize{ @stopping }
- (rr,ww,ee) = select([@ssl_server.to_io], nil, nil, 0.1)
+ (rr,_,_) = select([@ssl_server.to_io], nil, nil, 0.1)
next unless rr && rr.include?(@ssl_server.to_io)

Showing you all comments on commits in this comparison.

@jweiss

Unfortunately this now introduces a GPLv3 dependency as multi_xml 0.5.2 switched to kramdown from maruku :-(

@jnunemaker
Owner

I would talk to multi xml about this. The reason for this is security, so I definitely won't be reverting it.

@lsegal

Maybe @sferik can comment on this? It's marked as a development dependency, so it should not be an issue, but maybe using redcarpet or rdiscount would be better?

@sferik

This is non-issue. I've already addressed it here: sferik/multi_xml@c760063#commitcomment-2454641

I switched to kramdown because it is a fast, pure-Ruby Markdown parser. I was previously using maruku but it contains issues that still haven't been addressed.

@sferik

@lsegal Looking back in my timeline, I actually made this change in response to this tweet from you. :wink:

@lsegal

@sferik: oops! I forgot "pure Ruby" was the requirement here. The ones I mentioned are not in fact pure implementations. kramdown is indeed the best option.

@sferik

Yeah, tests were failing on JRuby during the installation of redcarpet. Same for rdiscount.

Something went wrong with that request. Please try again.