Class: RestClient::Request
- Inherits:
-
Object
- Object
- RestClient::Request
- Defined in:
- lib/restclient/request.rb,
lib/restclient/exceptions.rb
Overview
This class is used internally by RestClient to send the request, but you can also call it directly if you’d like to use a method not supported by the main API. For example:
RestClient::Request.execute(:method => :head, :url => 'http://example.com')
Mandatory parameters:
-
:method
-
:url
Optional parameters (have a look at ssl and/or uri for some explanations):
-
:headers a hash containing the request headers
-
:cookies will replace possible cookies in the :headers
-
:user and :password for basic auth, will be replaced by a user/password available in the :url
-
:block_response call the provided block with the HTTPResponse as parameter
-
:raw_response return a low-level RawResponse instead of a Response
-
:max_redirects maximum number of redirections (default to 10)
-
:verify_ssl enable ssl verification, possible values are constants from
OpenSSL::SSL::VERIFY_*, defaults to OpenSSL::SSL::VERIFY_PEER
-
:timeout and :open_timeout are how long to wait for a response and to
open a connection, in seconds. Pass nil to disable the timeout.
-
:ssl_client_cert, :ssl_client_key, :ssl_ca_file, :ssl_ca_path,
:ssl_cert_store, :ssl_verify_callback, :ssl_verify_callback_warnings
-
:ssl_version specifies the SSL version for the underlying Net::HTTP connection
-
:ssl_ciphers sets SSL ciphers for the connection. See
OpenSSL::SSL::SSLContext#ciphers=
Constant Summary collapse
- DefaultCiphers =
This is similar to the list now in ruby core, but adds HIGH and RC4-MD5 for better compatibility (similar to Firefox) and moves AES-GCM cipher suites above DHE/ECDHE CBC suites (similar to Chromium). github.com/ruby/ruby/commit/699b209cf8cf11809620e12985ad33ae33b119ee
This list will be used by default if the Ruby global OpenSSL default ciphers appear to be a weak list.
%w{ !aNULL !eNULL !EXPORT !SSLV2 !LOW ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256 DHE-DSS-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-DSS-AES256-GCM-SHA384 AES128-GCM-SHA256 AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-RSA-AES128-SHA ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-RSA-AES256-SHA DHE-RSA-AES128-SHA256 DHE-RSA-AES256-SHA256 DHE-RSA-AES128-SHA DHE-RSA-AES256-SHA DHE-DSS-AES128-SHA256 DHE-DSS-AES256-SHA256 DHE-DSS-AES128-SHA DHE-DSS-AES256-SHA AES128-SHA256 AES256-SHA256 AES128-SHA AES256-SHA ECDHE-ECDSA-RC4-SHA ECDHE-RSA-RC4-SHA RC4-SHA HIGH +RC4 RC4-MD5 }.join(":")
- WeakDefaultCiphers =
A set of weak default ciphers that we will override by default.
Set.new([ "ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW", ])
- SSLOptionList =
%w{client_cert client_key ca_file ca_path cert_store version ciphers verify_callback verify_callback_warnings}
- Redirect =
backwards compatibility
RestClient::Redirect
RestClient::Unauthorized
- RequestFailed =
RestClient::RequestFailed
Instance Attribute Summary collapse
-
#args ⇒ Object
readonly
Returns the value of attribute args.
-
#cookies ⇒ Object
readonly
Returns the value of attribute cookies.
-
#headers ⇒ Object
readonly
Returns the value of attribute headers.
-
#max_redirects ⇒ Object
readonly
Returns the value of attribute max_redirects.
-
#method ⇒ Object
readonly
Returns the value of attribute method.
-
#open_timeout ⇒ Object
readonly
Returns the value of attribute open_timeout.
-
#password ⇒ Object
readonly
Returns the value of attribute password.
-
#payload ⇒ Object
readonly
Returns the value of attribute payload.
-
#processed_headers ⇒ Object
readonly
Returns the value of attribute processed_headers.
-
#raw_response ⇒ Object
readonly
Returns the value of attribute raw_response.
-
#ssl_opts ⇒ Object
readonly
Returns the value of attribute ssl_opts.
-
#timeout ⇒ Object
readonly
Returns the value of attribute timeout.
-
#url ⇒ Object
readonly
Returns the value of attribute url.
-
#user ⇒ Object
readonly
Returns the value of attribute user.
Class Method Summary collapse
- .decode(content_encoding, body) ⇒ Object
-
.default_ssl_cert_store ⇒ OpenSSL::X509::Store
Return a certificate store that can be used to validate certificates with the system certificate authorities.
- .execute(args, &block) ⇒ Object
Instance Method Summary collapse
- #default_headers ⇒ Object
- #execute(&block) ⇒ Object
- #fetch_body(http_response) ⇒ Object
-
#initialize(args) ⇒ Request
constructor
A new instance of Request.
- #log_request ⇒ Object
- #log_response(res) ⇒ Object
- #make_headers(user_headers) ⇒ Object
- #net_http_class ⇒ Object
- #net_http_do_request(http, req, body = nil, &block) ⇒ Object
- #net_http_request_class(method) ⇒ Object
- #parse_url(url) ⇒ Object
- #parse_url_with_auth(url) ⇒ Object
- #print_verify_callback_warnings ⇒ Object
- #process_payload(p = nil, parent_key = nil) ⇒ Object
- #process_result(res, &block) ⇒ Object
-
#process_url_params(url, headers) ⇒ Object
Extract the query parameters and append them to the url.
- #setup_credentials(req) ⇒ Object
-
#stringify_headers(headers) ⇒ Object
Return a hash of headers whose keys are capitalized strings.
- #transmit(uri, req, payload, &block) ⇒ Object
-
#valid_cookie_key?(string) ⇒ Boolean
Do some sanity checks on cookie keys.
-
#valid_cookie_value?(value) ⇒ Boolean
Validate cookie values.
-
#verify_ssl ⇒ Object
SSL-related options.
Constructor Details
#initialize(args) ⇒ Request
Returns a new instance of Request.
105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 |
# File 'lib/restclient/request.rb', line 105 def initialize args @method = args[:method] or raise ArgumentError, "must pass :method" @headers = args[:headers] || {} if args[:url] @url = process_url_params(args[:url], headers) else raise ArgumentError, "must pass :url" end @cookies = @headers.delete(:cookies) || args[:cookies] || {} @payload = Payload.generate(args[:payload]) @user = args[:user] @password = args[:password] if args.include?(:timeout) @timeout = args[:timeout] end if args.include?(:open_timeout) @open_timeout = args[:open_timeout] end @block_response = args[:block_response] @raw_response = args[:raw_response] || false @ssl_opts = {} if args.include?(:verify_ssl) v_ssl = args.fetch(:verify_ssl) if v_ssl if v_ssl == true # interpret :verify_ssl => true as VERIFY_PEER @ssl_opts[:verify_ssl] = OpenSSL::SSL::VERIFY_PEER else # otherwise pass through any truthy values @ssl_opts[:verify_ssl] = v_ssl end else # interpret all falsy :verify_ssl values as VERIFY_NONE @ssl_opts[:verify_ssl] = OpenSSL::SSL::VERIFY_NONE end else # if :verify_ssl was not passed, default to VERIFY_PEER @ssl_opts[:verify_ssl] = OpenSSL::SSL::VERIFY_PEER end SSLOptionList.each do |key| source_key = ('ssl_' + key).to_sym if args.has_key?(source_key) @ssl_opts[key.to_sym] = args.fetch(source_key) end end # If there's no CA file, CA path, or cert store provided, use default if !ssl_ca_file && !ssl_ca_path && !@ssl_opts.include?(:cert_store) @ssl_opts[:cert_store] = self.class.default_ssl_cert_store end unless @ssl_opts.include?(:ciphers) # If we're on a Ruby version that has insecure default ciphers, # override it with our default list. if WeakDefaultCiphers.include?( OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.fetch(:ciphers)) @ssl_opts[:ciphers] = DefaultCiphers end end @tf = nil # If you are a raw request, this is your tempfile @max_redirects = args[:max_redirects] || 10 @processed_headers = make_headers headers @args = args end |
Instance Attribute Details
#args ⇒ Object (readonly)
Returns the value of attribute args.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def args @args end |
#cookies ⇒ Object (readonly)
Returns the value of attribute cookies.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def @cookies end |
#headers ⇒ Object (readonly)
Returns the value of attribute headers.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def headers @headers end |
#max_redirects ⇒ Object (readonly)
Returns the value of attribute max_redirects.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def max_redirects @max_redirects end |
#method ⇒ Object (readonly)
Returns the value of attribute method.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def method @method end |
#open_timeout ⇒ Object (readonly)
Returns the value of attribute open_timeout.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def open_timeout @open_timeout end |
#password ⇒ Object (readonly)
Returns the value of attribute password.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def password @password end |
#payload ⇒ Object (readonly)
Returns the value of attribute payload.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def payload @payload end |
#processed_headers ⇒ Object (readonly)
Returns the value of attribute processed_headers.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def processed_headers @processed_headers end |
#raw_response ⇒ Object (readonly)
Returns the value of attribute raw_response.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def raw_response @raw_response end |
#ssl_opts ⇒ Object (readonly)
Returns the value of attribute ssl_opts.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def ssl_opts @ssl_opts end |
#timeout ⇒ Object (readonly)
Returns the value of attribute timeout.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def timeout @timeout end |
#url ⇒ Object (readonly)
Returns the value of attribute url.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def url @url end |
#user ⇒ Object (readonly)
Returns the value of attribute user.
35 36 37 |
# File 'lib/restclient/request.rb', line 35 def user @user end |
Class Method Details
.decode(content_encoding, body) ⇒ Object
500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 |
# File 'lib/restclient/request.rb', line 500 def self.decode content_encoding, body if (!body) || body.empty? body elsif content_encoding == 'gzip' Zlib::GzipReader.new(StringIO.new(body)).read elsif content_encoding == 'deflate' begin Zlib::Inflate.new.inflate body rescue Zlib::DataError # No luck with Zlib decompression. Let's try with raw deflate, # like some broken web servers do. Zlib::Inflate.new(-Zlib::MAX_WBITS).inflate body end else body end end |
.default_ssl_cert_store ⇒ OpenSSL::X509::Store
Return a certificate store that can be used to validate certificates with the system certificate authorities. This will probably not do anything on OS X, which monkey patches OpenSSL in terrible ways to insert its own validation. On most *nix platforms, this will add the system certifcates using OpenSSL::X509::Store#set_default_paths. On Windows, this will use RestClient::Windows::RootCerts to look up the CAs trusted by the system.
315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 |
# File 'lib/restclient/request.rb', line 315 def self.default_ssl_cert_store cert_store = OpenSSL::X509::Store.new cert_store.set_default_paths # set_default_paths() doesn't do anything on Windows, so look up # certificates using the win32 API. if RestClient::Platform.windows? RestClient::Windows::RootCerts.instance.to_a.uniq.each do |cert| begin cert_store.add_cert(cert) rescue OpenSSL::X509::StoreError => err # ignore duplicate certs raise unless err. == 'cert already in hash table' end end end cert_store end |
.execute(args, &block) ⇒ Object
40 41 42 |
# File 'lib/restclient/request.rb', line 40 def self.execute(args, & block) new(args).execute(& block) end |
Instance Method Details
#default_headers ⇒ Object
576 577 578 |
# File 'lib/restclient/request.rb', line 576 def default_headers {:accept => '*/*; q=0.5, application/xml', :accept_encoding => 'gzip, deflate'} end |
#execute(&block) ⇒ Object
174 175 176 177 178 179 |
# File 'lib/restclient/request.rb', line 174 def execute & block uri = parse_url_with_auth(url) transmit uri, net_http_request_class(method).new(uri.request_uri, processed_headers), payload, & block ensure payload.close if payload end |
#fetch_body(http_response) ⇒ Object
455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 |
# File 'lib/restclient/request.rb', line 455 def fetch_body(http_response) if @raw_response # Taken from Chef, which as in turn... # Stolen from http://www.ruby-forum.com/topic/166423 # Kudos to _why! @tf = Tempfile.new("rest-client") @tf.binmode size, total = 0, http_response.header['Content-Length'].to_i http_response.read_body do |chunk| @tf.write chunk size += chunk.size if RestClient.log if size == 0 RestClient.log << "%s %s done (0 length file)\n" % [@method, @url] elsif total == 0 RestClient.log << "%s %s (zero content length)\n" % [@method, @url] else RestClient.log << "%s %s %d%% done (%d of %d)\n" % [@method, @url, (size * 100) / total, size, total] end end end @tf.close @tf else http_response.read_body end http_response end |
#log_request ⇒ Object
518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 |
# File 'lib/restclient/request.rb', line 518 def log_request return unless RestClient.log out = [] sanitized_url = begin uri = URI.parse(url) uri.password = "REDACTED" if uri.password uri.to_s rescue URI::InvalidURIError # An attacker may be able to manipulate the URL to be # invalid, which could force discloure of a password if # we show any of the un-parsed URL here. "[invalid uri]" end out << "RestClient.#{method} #{sanitized_url.inspect}" out << payload.short_inspect if payload out << processed_headers.to_a.sort.map { |(k, v)| [k.inspect, v.inspect].join("=>") }.join(", ") RestClient.log << out.join(', ') + "\n" end |
#log_response(res) ⇒ Object
539 540 541 542 543 544 545 546 547 548 549 |
# File 'lib/restclient/request.rb', line 539 def log_response res return unless RestClient.log size = if @raw_response File.size(@tf.path) else res.body.nil? ? 0 : res.body.size end RestClient.log << "# => #{res.code} #{res.class.to_s.gsub(/^Net::HTTP/, '')} | #{(res['Content-type'] || '').gsub(/;.*$/, '')} #{size} bytes\n" end |
#make_headers(user_headers) ⇒ Object
210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 |
# File 'lib/restclient/request.rb', line 210 def make_headers user_headers unless @cookies.empty? # Validate that the cookie names and values look sane. If you really # want to pass scary characters, just set the Cookie header directly. # RFC6265 is actually much more restrictive than we are. @cookies.each do |key, val| unless (key) raise ArgumentError.new("Invalid cookie name: #{key.inspect}") end unless (val) raise ArgumentError.new("Invalid cookie value: #{val.inspect}") end end user_headers[:cookie] = @cookies.map { |key, val| "#{key}=#{val}" }.sort.join('; ') end headers = stringify_headers(default_headers).merge(stringify_headers(user_headers)) headers.merge!(@payload.headers) if @payload headers end |
#net_http_class ⇒ Object
252 253 254 255 256 257 258 259 |
# File 'lib/restclient/request.rb', line 252 def net_http_class if RestClient.proxy proxy_uri = URI.parse(RestClient.proxy) Net::HTTP::Proxy(proxy_uri.host, proxy_uri.port, proxy_uri.user, proxy_uri.password) else Net::HTTP end end |
#net_http_do_request(http, req, body = nil, &block) ⇒ Object
265 266 267 268 269 270 271 272 |
# File 'lib/restclient/request.rb', line 265 def net_http_do_request(http, req, body=nil, &block) if body != nil && body.respond_to?(:read) req.body_stream = body return http.request(req, nil, &block) else return http.request(req, body, &block) end end |
#net_http_request_class(method) ⇒ Object
261 262 263 |
# File 'lib/restclient/request.rb', line 261 def net_http_request_class(method) Net::HTTP.const_get(method.to_s.capitalize) end |
#parse_url(url) ⇒ Object
274 275 276 277 |
# File 'lib/restclient/request.rb', line 274 def parse_url(url) url = "http://#{url}" unless url.match(/^http/) URI.parse(url) end |
#parse_url_with_auth(url) ⇒ Object
279 280 281 282 283 284 285 286 287 |
# File 'lib/restclient/request.rb', line 279 def parse_url_with_auth(url) uri = parse_url(url) @user = CGI.unescape(uri.user) if uri.user @password = CGI.unescape(uri.password) if uri.password if !@user && !@password @user, @password = Netrc.read[uri.host] end uri end |
#print_verify_callback_warnings ⇒ Object
335 336 337 338 339 340 341 342 343 344 345 346 347 |
# File 'lib/restclient/request.rb', line 335 def print_verify_callback_warnings warned = false if RestClient::Platform.mac_mri? warn('warning: ssl_verify_callback return code is ignored on OS X') warned = true end if RestClient::Platform.jruby? warn('warning: SSL verify_callback may not work correctly in jruby') warn('see https://github.com/jruby/jruby/issues/597') warned = true end warned end |
#process_payload(p = nil, parent_key = nil) ⇒ Object
289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 |
# File 'lib/restclient/request.rb', line 289 def process_payload(p=nil, parent_key=nil) unless p.is_a?(Hash) p else @headers[:content_type] ||= 'application/x-www-form-urlencoded' p.keys.map do |k| key = parent_key ? "#{parent_key}[#{k}]" : k if p[k].is_a? Hash process_payload(p[k], key) else value = parser.escape(p[k].to_s, Regexp.new("[^#{URI::PATTERN::UNRESERVED}]")) "#{key}=#{value}" end end.join("&") end end |
#process_result(res, &block) ⇒ Object
484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 |
# File 'lib/restclient/request.rb', line 484 def process_result res, & block if @raw_response # We don't decode raw requests response = RawResponse.new(@tf, res, args) else response = Response.create(Request.decode(res['content-encoding'], res.body), res, args) end if block_given? block.call(response, self, res, & block) else response.return!(self, res, & block) end end |
#process_url_params(url, headers) ⇒ Object
Extract the query parameters and append them to the url
192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 |
# File 'lib/restclient/request.rb', line 192 def process_url_params url, headers url_params = {} headers.delete_if do |key, value| if 'params' == key.to_s.downcase && value.is_a?(Hash) url_params.merge! value true else false end end unless url_params.empty? query_string = url_params.collect { |k, v| "#{k.to_s}=#{CGI::escape(v.to_s)}" }.join('&') url + "?#{query_string}" else url end end |
#setup_credentials(req) ⇒ Object
451 452 453 |
# File 'lib/restclient/request.rb', line 451 def setup_credentials(req) req.basic_auth(user, password) if user end |
#stringify_headers(headers) ⇒ Object
Return a hash of headers whose keys are capitalized strings
552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 |
# File 'lib/restclient/request.rb', line 552 def stringify_headers headers headers.inject({}) do |result, (key, value)| if key.is_a? Symbol key = key.to_s.split(/_/).map { |w| w.capitalize }.join('-') end if 'CONTENT-TYPE' == key.upcase result[key] = maybe_convert_extension(value.to_s) elsif 'ACCEPT' == key.upcase # Accept can be composed of several comma-separated values if value.is_a? Array target_values = value else target_values = value.to_s.split ',' end result[key] = target_values.map { |ext| maybe_convert_extension(ext.to_s.strip) }.join(', ') else result[key] = value.to_s end result end end |
#transmit(uri, req, payload, &block) ⇒ Object
349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 |
# File 'lib/restclient/request.rb', line 349 def transmit uri, req, payload, & block setup_credentials req net = net_http_class.new(uri.host, uri.port) net.use_ssl = uri.is_a?(URI::HTTPS) net.ssl_version = ssl_version if ssl_version net.ciphers = ssl_ciphers if ssl_ciphers net.verify_mode = verify_ssl net.cert = ssl_client_cert if ssl_client_cert net.key = ssl_client_key if ssl_client_key net.ca_file = ssl_ca_file if ssl_ca_file net.ca_path = ssl_ca_path if ssl_ca_path net.cert_store = ssl_cert_store if ssl_cert_store # We no longer rely on net.verify_callback for the main SSL verification # because it's not well supported on all platforms (see comments below). # But do allow users to set one if they want. if ssl_verify_callback net.verify_callback = ssl_verify_callback # Hilariously, jruby only calls the callback when cert_store is set to # something, so make sure to set one. # https://github.com/jruby/jruby/issues/597 if RestClient::Platform.jruby? net.cert_store ||= OpenSSL::X509::Store.new end if ssl_verify_callback_warnings != false if print_verify_callback_warnings warn('pass :ssl_verify_callback_warnings => false to silence this') end end end if OpenSSL::SSL::VERIFY_PEER == OpenSSL::SSL::VERIFY_NONE warn('WARNING: OpenSSL::SSL::VERIFY_PEER == OpenSSL::SSL::VERIFY_NONE') warn('This dangerous monkey patch leaves you open to MITM attacks!') warn('Try passing :verify_ssl => false instead.') end if defined? @timeout if @timeout == -1 warn 'To disable read timeouts, please set timeout to nil instead of -1' @timeout = nil end net.read_timeout = @timeout end if defined? @open_timeout if @open_timeout == -1 warn 'To disable open timeouts, please set open_timeout to nil instead of -1' @open_timeout = nil end net.open_timeout = @open_timeout end RestClient.before_execution_procs.each do |before_proc| before_proc.call(req, args) end log_request net.start do |http| if @block_response net_http_do_request(http, req, payload ? payload.to_s : nil, &@block_response) else res = net_http_do_request(http, req, payload ? payload.to_s : nil) \ { |http_response| fetch_body(http_response) } log_response res process_result res, & block end end rescue EOFError raise RestClient::ServerBrokeConnection rescue Timeout::Error, Errno::ETIMEDOUT raise RestClient::RequestTimeout rescue OpenSSL::SSL::SSLError => error # TODO: deprecate and remove RestClient::SSLCertificateNotVerified and just # pass through OpenSSL::SSL::SSLError directly. # # Exceptions in verify_callback are ignored [1], and jruby doesn't support # it at all [2]. RestClient has to catch OpenSSL::SSL::SSLError and either # re-throw it as is, or throw SSLCertificateNotVerified based on the # contents of the message field of the original exception. # # The client has to handle OpenSSL::SSL::SSLError exceptions anyway, so # we shouldn't make them handle both OpenSSL and RestClient exceptions. # # [1] https://github.com/ruby/ruby/blob/89e70fe8e7/ext/openssl/ossl.c#L238 # [2] https://github.com/jruby/jruby/issues/597 if error..include?("certificate verify failed") raise SSLCertificateNotVerified.new(error.) else raise error end end |
#valid_cookie_key?(string) ⇒ Boolean
Do some sanity checks on cookie keys.
Properly it should be a valid TOKEN per RFC 2616, but lots of servers are more liberal.
Disallow the empty string as well as keys containing control characters, equals sign, semicolon, comma, or space.
240 241 242 243 244 |
# File 'lib/restclient/request.rb', line 240 def (string) return false if string.empty? ! Regexp.new('[\x0-\x1f\x7f=;, ]').match(string) end |
#valid_cookie_value?(value) ⇒ Boolean
Validate cookie values. Rather than following RFC 6265, allow anything but control characters, comma, and semicolon.
248 249 250 |
# File 'lib/restclient/request.rb', line 248 def (value) ! Regexp.new('[\x0-\x1f\x7f,;]').match(value) end |
#verify_ssl ⇒ Object
SSL-related options
182 183 184 |
# File 'lib/restclient/request.rb', line 182 def verify_ssl @ssl_opts.fetch(:verify_ssl) end |