commit ghc-http-client for openSUSE:Factory

root Thu, 06 Dec 2018 03:17:31 -0800

Hello community,

here is the log from the commit of package ghc-http-client for openSUSE:Factory 
checked in at 2018-12-06 12:16:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/ghc-http-client (Old)
 and      /work/SRC/openSUSE:Factory/.ghc-http-client.new.19453 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "ghc-http-client"

Thu Dec  6 12:16:25 2018 rev:28 rq:650505 version:0.5.14

Changes:
--------
--- /work/SRC/openSUSE:Factory/ghc-http-client/ghc-http-client.changes  
2018-10-25 08:26:25.543799845 +0200
+++ 
/work/SRC/openSUSE:Factory/.ghc-http-client.new.19453/ghc-http-client.changes   
    2018-12-06 12:16:27.469575156 +0100
@@ -1,0 +2,12 @@
+Mon Nov 19 16:03:02 UTC 2018 - psim...@suse.com
+
+- Update http-client to version 0.5.14.
+  # Changelog for http-client
+
+  ## 0.5.14
+
+  * Omit port for `getUri` when protocol is `http` and port is `80`, or when
+    protocol is `https` and port is `443`
+  * Sending requests with invalid headers now throws InvalidRequestHeader 
exception
+
+-------------------------------------------------------------------

Old:
----
  http-client-0.5.13.1.tar.gz

New:
----
  http-client-0.5.14.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ ghc-http-client.spec ++++++
--- /var/tmp/diff_new_pack.kKb2c8/_old  2018-12-06 12:16:28.013574572 +0100
+++ /var/tmp/diff_new_pack.kKb2c8/_new  2018-12-06 12:16:28.013574572 +0100
@@ -19,7 +19,7 @@
 %global pkg_name http-client
 %bcond_with tests
 Name:           ghc-%{pkg_name}
-Version:        0.5.13.1
+Version:        0.5.14
 Release:        0
 Summary:        An HTTP client engine
 License:        MIT

++++++ http-client-0.5.13.1.tar.gz -> http-client-0.5.14.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/http-client-0.5.13.1/ChangeLog.md 
new/http-client-0.5.14/ChangeLog.md
--- old/http-client-0.5.13.1/ChangeLog.md       2018-07-01 03:15:33.000000000 
+0200
+++ new/http-client-0.5.14/ChangeLog.md 2018-11-19 08:40:08.000000000 +0100
@@ -1,3 +1,11 @@
+# Changelog for http-client
+
+## 0.5.14
+
+* Omit port for `getUri` when protocol is `http` and port is `80`, or when
+  protocol is `https` and port is `443`
+* Sending requests with invalid headers now throws InvalidRequestHeader 
exception
+
 ## 0.5.13.1
 
 * Add a workaround for a cabal bug 
[haskell-infra/hackage-trustees#165](https://github.com/haskell-infra/hackage-trustees/issues/165)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/http-client-0.5.13.1/Network/HTTP/Client/Core.hs 
new/http-client-0.5.14/Network/HTTP/Client/Core.hs
--- old/http-client-0.5.13.1/Network/HTTP/Client/Core.hs        2018-07-01 
03:15:12.000000000 +0200
+++ new/http-client-0.5.14/Network/HTTP/Client/Core.hs  2018-11-19 
06:27:06.000000000 +0100
@@ -17,6 +17,7 @@
 import Network.HTTP.Types
 import Network.HTTP.Client.Manager
 import Network.HTTP.Client.Types
+import Network.HTTP.Client.Headers
 import Network.HTTP.Client.Body
 import Network.HTTP.Client.Request
 import Network.HTTP.Client.Response
@@ -190,6 +191,9 @@
 -- Since 0.1.0
 responseOpen :: Request -> Manager -> IO (Response BodyReader)
 responseOpen inputReq manager' = do
+  case validateHeaders (requestHeaders inputReq) of
+    GoodHeaders -> return ()
+    BadHeaders reason -> throwHttp $ InvalidRequestHeader reason
   (manager, req0) <- getModifiedRequestManager manager' inputReq
   wrapExc req0 $ mWrapException manager req0 $ do
     (req, res) <- go manager (redirectCount req0) req0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/http-client-0.5.13.1/Network/HTTP/Client/Headers.hs 
new/http-client-0.5.14/Network/HTTP/Client/Headers.hs
--- old/http-client-0.5.13.1/Network/HTTP/Client/Headers.hs     2018-04-09 
15:40:11.000000000 +0200
+++ new/http-client-0.5.14/Network/HTTP/Client/Headers.hs       2018-11-19 
06:27:06.000000000 +0100
@@ -3,6 +3,8 @@
 {-# LANGUAGE ViewPatterns #-}
 module Network.HTTP.Client.Headers
     ( parseStatusHeaders
+    , validateHeaders
+    , HeadersValidationResult (..)
     ) where
 
 import           Control.Applicative            as A ((<$>), (<*>))
@@ -10,6 +12,9 @@
 import qualified Data.ByteString                as S
 import qualified Data.ByteString.Char8          as S8
 import qualified Data.CaseInsensitive           as CI
+import           Data.Char (ord)
+import           Data.Maybe (mapMaybe)
+import           Data.Monoid
 import           Network.HTTP.Client.Connection
 import           Network.HTTP.Client.Types
 import           System.Timeout                 (timeout)
@@ -94,3 +99,17 @@
         return (CI.mk $! strip key, strip $! S.drop 1 bs2)
 
     strip = S.dropWhile (== charSpace) . fst . S.spanEnd (== charSpace)
+
+data HeadersValidationResult
+    = GoodHeaders
+    | BadHeaders S.ByteString -- contains a message with the reason
+
+validateHeaders :: RequestHeaders -> HeadersValidationResult
+validateHeaders headers =
+    case mapMaybe validateHeader headers of
+        [] -> GoodHeaders
+        reasons -> BadHeaders (S8.unlines reasons)
+    where
+    validateHeader (k, v)
+        | S8.elem '\n' v = Just ("Header " <> CI.original k <> " has newlines")
+        | True = Nothing
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/http-client-0.5.13.1/Network/HTTP/Client/Request.hs 
new/http-client-0.5.14/Network/HTTP/Client/Request.hs
--- old/http-client-0.5.13.1/Network/HTTP/Client/Request.hs     2018-07-01 
03:15:12.000000000 +0200
+++ new/http-client-0.5.14/Network/HTTP/Client/Request.hs       2018-11-19 
06:27:06.000000000 +0100
@@ -192,7 +192,7 @@
     , uriAuthority = Just URIAuth
         { uriUserInfo = ""
         , uriRegName = S8.unpack $ host req
-        , uriPort = ':' : show (port req)
+        , uriPort = port'
         }
     , uriPath = S8.unpack $ path req
     , uriQuery =
@@ -201,6 +201,11 @@
             _ -> S8.unpack $ queryString req
     , uriFragment = ""
     }
+  where
+    port'
+      | secure req && (port req) == 443 = ""
+      | not (secure req) && (port req) == 80 = ""
+      | otherwise = ':' : show (port req)
 
 applyAnyUriBasedAuth :: URI -> Request -> Request
 applyAnyUriBasedAuth uri req =
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/http-client-0.5.13.1/Network/HTTP/Client/Types.hs 
new/http-client-0.5.14/Network/HTTP/Client/Types.hs
--- old/http-client-0.5.13.1/Network/HTTP/Client/Types.hs       2018-07-01 
03:15:12.000000000 +0200
+++ new/http-client-0.5.14/Network/HTTP/Client/Types.hs 2018-11-19 
06:27:06.000000000 +0100
@@ -168,6 +168,10 @@
                    -- ^ The given response header line could not be parsed
                    --
                    -- @since 0.5.0
+                   | InvalidRequestHeader S.ByteString
+                   -- ^ The given request header is not compliant (e.g. has 
newlines)
+                   --
+                   -- @since 0.5.14
                    | InternalException SomeException
                    -- ^ An exception was raised by an underlying library when
                    -- performing the request. Most often, this is caused by a
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/http-client-0.5.13.1/http-client.cabal 
new/http-client-0.5.14/http-client.cabal
--- old/http-client-0.5.13.1/http-client.cabal  2018-07-01 03:15:46.000000000 
+0200
+++ new/http-client-0.5.14/http-client.cabal    2018-11-19 06:27:06.000000000 
+0100
@@ -1,5 +1,5 @@
 name:                http-client
-version:             0.5.13.1
+version:             0.5.14
 synopsis:            An HTTP client engine
 description:         Hackage documentation generation is not reliable. For up 
to date documentation, please see: 
<http://www.stackage.org/package/http-client>.
 homepage:            https://github.com/snoyberg/http-client
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/http-client-0.5.13.1/test-nonet/Network/HTTP/Client/RequestSpec.hs 
new/http-client-0.5.14/test-nonet/Network/HTTP/Client/RequestSpec.hs
--- old/http-client-0.5.13.1/test-nonet/Network/HTTP/Client/RequestSpec.hs      
2018-03-26 12:24:22.000000000 +0200
+++ new/http-client-0.5.14/test-nonet/Network/HTTP/Client/RequestSpec.hs        
2018-11-19 06:27:06.000000000 +0100
@@ -54,6 +54,25 @@
         field `shouldSatisfy` isJust
         field `shouldBe` Just "Basic dXNlcjpwYXNz"
 
+    describe "getUri" $ do
+      context "when protocol is http and port is 80" $ do
+        it "omits port" $ do
+          let url = "http://example.com/";
+          request <- parseRequest url
+          show (getUri request) `shouldBe` url
+
+      context "when protocol is https and port is 443" $ do
+        it "omits port" $ do
+          let url = "https://example.com/";
+          request <- parseRequest url
+          show (getUri request) `shouldBe` url
+
+      context "when protocol is https and port is 80" $ do
+        it "does not omit port" $ do
+          let url = "https://example.com:80/";
+          request <- parseRequest url
+          show (getUri request) `shouldBe` url
+
     describe "Show Request" $
       it "redacts authorization header content" $ do
         let request = defaultRequest { requestHeaders = [("Authorization", 
"secret")] }

commit ghc-http-client for openSUSE:Factory

Reply via email to