Module: Excon::Utils

Extended by:

Utils

Included in:

Connection, Socket, Utils

Defined in:

lib/excon/utils.rb

Constant Summary

CONTROL =

(0x0..0x1f).map {|c| c.chr }.join + "\x7f"

DELIMS =

'<>#%"'

UNWISE =

'{}|\\^[]`'

NONASCII =

(0x80..0xff).map {|c| c.chr }.join

UNESCAPED =

/([#{ Regexp.escape(CONTROL + ' ' + DELIMS + UNWISE + NONASCII) }])/

ESCAPED =

/%([0-9a-fA-F]{2})/

Instance Method Summary

• #binary_encode(string) ⇒ Object
• #connection_uri(datum = @data) ⇒ Object
• #escape_uri(str) ⇒ Object

  Escapes HTTP reserved and unwise characters in str.

• #headers_hash_to_s(headers) ⇒ Object

  Performs validation on the passed header hash and returns a string representation of the headers.

• #port_string(datum) ⇒ Object
• #query_string(datum) ⇒ Object
• #redact(datum) ⇒ Object

  Redact sensitive info from provided data.

• #request_uri(datum) ⇒ Object
• #split_header_value(str) ⇒ Object

  Splits a header value str according to HTTP specification.

• #unescape_form(str) ⇒ Object

  Unescape form encoded values in str.

• #unescape_uri(str) ⇒ Object

  Unescapes HTTP reserved and unwise characters in str.

Instance Method Details

#binary_encode(string) ⇒ Object

# File 'lib/excon/utils.rb', line 13

def binary_encode(string)
  if FORCE_ENC && string.encoding != Encoding::ASCII_8BIT
    if string.frozen?
      string.dup.force_encoding('BINARY')
    else
      string.force_encoding('BINARY')
    end
  else
    string
  end
end

#connection_uri(datum = @data) ⇒ Object

# File 'lib/excon/utils.rb', line 25

def connection_uri(datum = @data)
  unless datum
    raise ArgumentError, '`datum` must be given unless called on a Connection'
  end
  if datum[:scheme] == UNIX
    "#{datum[:scheme]}://#{datum[:socket]}"
  else
    "#{datum[:scheme]}://#{datum[:host]}#{port_string(datum)}"
  end
end

#escape_uri(str) ⇒ Object

Escapes HTTP reserved and unwise characters in str

# File 'lib/excon/utils.rb', line 104

def escape_uri(str)
  str = str.dup
  str = binary_encode(str)
  str.gsub(UNESCAPED) { "%%%02X" % $1[0].ord }
end

#headers_hash_to_s(headers) ⇒ Object

Performs validation on the passed header hash and returns a string representation of the headers

# File 'lib/excon/utils.rb', line 126

def headers_hash_to_s(headers)
  headers_str = String.new
  headers.each do |key, values|
    if key.to_s.match(/[\r\n]/)
      raise Excon::Errors::InvalidHeaderKey.new(key.to_s.inspect + ' contains forbidden "\r" or "\n"')
    end
    [values].flatten.each do |value|
      if value.to_s.match(/[\r\n]/)
        # Don't include the potentially sensitive header value (i.e. authorization token) in the message
        raise Excon::Errors::InvalidHeaderValue.new(key.to_s + ' header value contains forbidden "\r" or "\n"')
      end
      headers_str << key.to_s << ': ' << value.to_s << CR_NL
    end
  end
  headers_str
end

#port_string(datum) ⇒ Object

# File 'lib/excon/utils.rb', line 64

def port_string(datum)
  if datum[:port].nil? || (datum[:omit_default_port] && ((datum[:scheme].casecmp('http') == 0 && datum[:port] == 80) || (datum[:scheme].casecmp('https') == 0 && datum[:port] == 443)))
    ''
  else
    ':' + datum[:port].to_s
  end
end

#query_string(datum) ⇒ Object

# File 'lib/excon/utils.rb', line 72

def query_string(datum)
  str = String.new
  case datum[:query]
  when String
    str << '?' << datum[:query]
  when Hash
    str << '?'
    datum[:query].sort_by {|k,_| k.to_s }.each do |key, values|
      key = CGI.escape(key.to_s)
      if values.nil?
        str << key << '&'
      else
        [values].flatten.each do |value|
          str << key << '=' << CGI.escape(value.to_s) << '&'
        end
      end
    end
    str.chop! # remove trailing '&'
  end
  str
end

#redact(datum) ⇒ Object

Redact sensitive info from provided data

# File 'lib/excon/utils.rb', line 37

def redact(datum)
  datum = datum.dup
  if datum.has_key?(:headers)
    if datum[:headers].has_key?('Authorization') || datum[:headers].has_key?('Proxy-Authorization')
      datum[:headers] = datum[:headers].dup
    end
    if datum[:headers].has_key?('Authorization')
      datum[:headers]['Authorization'] = REDACTED
    end
    if datum[:headers].has_key?('Proxy-Authorization')
      datum[:headers]['Proxy-Authorization'] = REDACTED
    end
  end
  if datum.has_key?(:password)
    datum[:password] = REDACTED
  end
  if datum.has_key?(:proxy) && datum[:proxy] && datum[:proxy].has_key?(:password)
    datum[:proxy] = datum[:proxy].dup
    datum[:proxy][:password] = REDACTED
  end
  datum
end

#request_uri(datum) ⇒ Object

# File 'lib/excon/utils.rb', line 60

def request_uri(datum)
  connection_uri(datum) + datum[:path] + query_string(datum)
end

#split_header_value(str) ⇒ Object

Splits a header value str according to HTTP specification.

# File 'lib/excon/utils.rb', line 95

def split_header_value(str)
  return [] if str.nil?
  str = str.dup.strip
  str = binary_encode(str)
  str.scan(%r'\G((?:"(?:\\.|[^"])+?"|[^",])+)
                (?:,\s*|\Z)'xn).flatten
end

#unescape_form(str) ⇒ Object

Unescape form encoded values in str

# File 'lib/excon/utils.rb', line 118

def unescape_form(str)
  str = str.dup
  str = binary_encode(str)
  str.gsub!(/\+/, ' ')
  str.gsub(ESCAPED) { $1.hex.chr }
end

#unescape_uri(str) ⇒ Object

Unescapes HTTP reserved and unwise characters in str

# File 'lib/excon/utils.rb', line 111

def unescape_uri(str)
  str = str.dup
  str = binary_encode(str)
  str.gsub(ESCAPED) { $1.hex.chr }
end