Forum: Ruby httpclient 2.1.3-RC

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
NAKAMURA, Hiroshi (Guest)
on 2008-12-16 09:29
(Received via mailing list)
Hi all,

I'm working on releasing httpclient/2.1.3.  'httpclient' gives
something like the functionality of libwww-perl (LWP) in Ruby.
'httpclient' formerly known as 'http-access2'.  See
http://dev.ctor.org/httpclient/ for more detail.

httpclient / http-access2 users, would you please test the RC with
your application and let me know if you have any problem?  2.1.3 will
be released in a few week.

Sorry for [ANN] noise.

Regards,
// NaHi

= Changes in 2.1.3 =

 * Features
   * Proxy Authentication for SSL.
   * performance improvements.  as fast as RFuzz::HttpClient,
eventmachine and curb for keep-alive sites, and as fast as net/http
for non keep-alive sites.  you can get
   * added propfind and proppatch methods.

 * Changes
   * avoid unnecessary memory consuming for get_content/post_content
with block.  get_content returns nil when you call it with a block.
   * post_content with IO did not work when redirect/auth cycle is
required. (CAUTION: post_content now correctly follows redirection and
posts the given content)
   * exception handling cleanups.
     * raises HTTPClient::ConfigurationError for environment problem
(trying to do SSL without openssl installed for example)
     * raises HTTPClient::BadResponse for HTTP response problem.  you
can get the response HTTPMessage returned via $!.res.
     * raises SocketError for connection problem (as same as before).

 * Bug fixes
   * avoid unnecessary negotiation cycle for Negotiate(NTLM)
authentication.  Thanks Rishav for great support for debugging
Negotiate authentication.
   * get_content/post_content with block yielded unexpected message
body during redirect/auth cycle.
   * relative URI redirection should be allowed from 2.1.2 but it did
not work...  fixed.
   * avoid unnecessary timeout waiting when no message body returned
such as '204 No Content' for DAV.
   * avoid blocking on socket closing when the socket is already
closed by foreign host and the client runs under MT-condition.
NAKAMURA, Hiroshi (Guest)
on 2008-12-17 05:01
(Received via mailing list)
Hi again,

2008/12/16 NAKAMURA, Hiroshi <removed_email_address@domain.invalid>:
> I'm working on releasing httpclient/2.1.3.  'httpclient' gives

>   * performance improvements.  as fast as RFuzz::HttpClient,
> eventmachine and curb for keep-alive sites, and as fast as net/http
> for non keep-alive sites.

I'm doing a little benchmark testing.  Let me know if you are
interested and know something about it.

Environment:
  HTTP Server:
    Apache/2.2.9 (Ubuntu) mpm-worker
    Ubuntu 8.10 32bit

  HTTP Client:
    Ruby: ruby 1.8.7 (2008-12-04 revision 20478) [i686-linux]
    vendor:
      eventmachine/0.12.2(*)
      rfuzz/0.9
      net/http (svn ruby_1_8)
      httpclient/2.1.3-RC
      open-uri (svn ruby_1_8) (net/http wrapper)
      httparty/0.2.2 (net/http wrapper)
    (*) EM::Protocols::HttpClient2 is not listed below because it does
not work when requests > 20 on my env.

  HTTP Server and HTTP clients runs on the same host.

Benchmark suite:
  http://dev.ctor.org/http-access2/browser/trunk/bench/bm.rb
    proxy = nil
    url = http://127.0.0.1/
    threads = 2
    requests = 250

Result:
  HTTP Server KeeyAlive: Off
                            user     system      total        real
    curb                0.050000   0.420000   0.470000 (  0.807049)
    RFuzz::HttpClient   0.090000   0.430000   0.520000 (  0.803075)
    Net::HTTP           0.280000   0.520000   0.800000 (  1.147281)
    HTTPClient          0.140000   0.800000   0.940000 (  1.299928)
    open-uri            0.420000   0.880000   1.300000 (  1.675272)
    HTTParty            0.490000   0.620000   1.110000 (  1.483024)

  HTTP Server KeeyAlive: On
                            user     system      total        real
    curb                0.100000   0.460000   0.560000 ( 51.170485)
    RFuzz::HttpClient   0.030000   0.580000   0.610000 (  1.001198)
    Net::HTTP           0.150000   0.490000   0.640000 (  0.842344)
    HTTPClient          0.140000   0.460000   0.600000 (  0.801035)
    open-uri            0.740000   0.740000   1.480000 (  1.870712)
    HTTParty            0.710000   0.880000   1.590000 (  2.555711)

Considerations:
  1. EM::Protocols::HttpClient2 does not work on my env.  Is the
client code right?
  2. curb needs too much 'real' time when connecting to KeepAlive: On
site.  Is this expected?
  3. rfuzz and curb are faster than net/http and httpclient when
connecting to KeepAlive: Off site.
  4. net/http and httpclient run almost as fast as rfuzz when
connecting to KeepAlive: On site.  Bear in mind that you need to call
Net::HTTP#start and #finish by yourself for keep-alive handling.  Just
calling Net::HTTP#get takes 2 times longer than others.  Bothersome?
Use others.

At the last, does somebody know how I can read
http://apocryph.org/more_indepth_analysis_ruby_htt...
?  I get 'Error establishing a database connection'.

Regards,
// NaHi
NAKAMURA, Hiroshi (Guest)
on 2008-12-29 17:50
(Received via mailing list)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

I posted httpclient/2.1.3.  This release includes performance
improvements and full RDoc documentation. (See below for more detail)

'httpclient' gives something like the functionality of libwww-perl (LWP)
in Ruby. 'httpclient' formerly known as 'http-access2'.


Features:

 * methods like GET/HEAD/POST/* via HTTP/1.1.
 * HTTPS(SSL), Cookies, proxy, authentication(Digest, NTLM, Basic), etc.
 * asynchronous HTTP request, streaming HTTP request.

 * by contrast with net/http in standard distribution;
   * Cookies support
   * MT-safe
   * streaming POST (POST with File/IO)
   * Digest auth
   * Negotiate/NTLM auth for WWW-Authenticate (requires net/htlm module)
   * NTLM auth for Proxy-Authenticate (requires win32/sspi module)
   * extensible with filter interface
   * you don‘t have to care HTTP/1.1 persistent connection (httpclient
     cares instead of you)

 * Not supported now
   * Cache
   * Rather advanced HTTP/1.1 usage such as Range, deflate, etc. (of
     course you can set it in header by yourself)

For more detail, see API document at http://dev.ctor.org/doc/httpclient/


Changes in 2.1.3:
 * Features
   * Proxy Authentication for SSL.
   * Performance improvements.
   * Full RDoc. Please tell me any English problem. Thanks in advance.
   * Do multipart file upload when a given body includes a File. You
     don't need to set 'Content-Type' and boundary String any more.
   * Added propfind and proppatch methods.

 * Changes
   * Avoid unnecessary memory consuming for get_content/post_content
     with block. get_content returns nil when you call it with a block.
   * post_content with IO did not work when redirect/auth cycle is
     required. (CAUTION: post_content now correctly follows redirection
     and posts the given content)
   * Exception handling cleanups.
     * Raises HTTPClient::ConfigurationError for environment problem
       (trying to do SSL without openssl installed for example)
     * Raises HTTPClient::BadResponse for HTTP response problem. you
       can get the response HTTPMessage returned via $!.res.
     * Raises SocketError for connection problem (as same as before).

 * Bug fixes
   * Avoid unnecessary negotiation cycle for Negotiate(NTLM)
     authentication. Thanks Rishav for great support for debugging
     Negotiate authentication.
   * get_content/post_content with block yielded unexpected message
     body during redirect/auth cycle.
   * Relative URI redirection should be allowed from 2.1.2 but it did
     not work... fixed.
   * Avoid unnecessary timeout waiting when no message body returned
     such as '204 No Content' for DAV.
   * Avoid blocking on socket closing when the socket is already closed
     by foreign host and the client runs under MT-condition.


Download:
  http://dev.ctor.org/download/httpclient-2.1.3.tar.gz
  http://dev.ctor.org/download/httpclient-2.1.3.zip

sha1sum:
  fd1a755927822573c67806626ffdc9077ae15322  httpclient-2.1.3.tar.gz
  f7733c7ec32a951a62d5bb7aa2c4ab876b405002  httpclient-2.1.3.zip

gem repository:
  'httpclient' at http://dev.ctor.org/download/

Regards,
// NaHi

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)

iQEcBAEBAgAGBQJJWPGMAAoJEKYDTjohNqG5x/8H/23Y/SAhPYkBLW6N+a2V2rh6
3HVw3zms/wzjAySMBcRFgIa+MbTLsDg0/5PWO3uZPMuNCxjMEihVUpqmR1DkjRJD
Eg4Upr23R4caCDd7oKvd5WKpygif5XDZwGAZMSFln3zko9s7IjerRNkb+XAZWZyH
Swd059aItpHyXszOY1KAWBFiRIr0Y6wzrzxOG7d2ial/BwydScjLE3gTMKcdxDg2
xBeII+rxga+iPecg0ino9o0QibWA1DoFa4IAC7Wy3N8o3VcrNkHZT43Gn4dZacpQ
Hezl0vy9Kdl9YV0nm4dJo0ldKNdF9stl9p4xySpCYP+1U+8lCQNmicl1POQTRLk=
=BAOX
-----END PGP SIGNATURE-----
NAKAMURA, Hiroshi (Guest)
on 2009-01-08 15:23
(Received via mailing list)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

I posted httpclient/2.1.3.1.  httpclient/2.1.3.1 fixes a vulnerability
introduced at 2.1.3.  httpclient <= 2.1.2 and http-access2 are safe.

get_content/post_content of httpclient/2.1.3 may send secure cookies for
a https site to non-secure (non-https) site when the https site
redirects the request to a non-https site.  httpclient/2.1.3 caches
request object and reuses it for redirection.  It should not be cached
and recreated for each time as httpclient <= 2.1.2 and http-access2. See
http://dev.ctor.org/http-access2/changeset/259#file2 for more detail.

I realized this bug when I was reading open-uri story on
[ruby-core:21205].  Ruby users should use open-uri rather than using
net/http directly wherever possible.

httpclient/2.1.3 users should update to 2.1.3.1.

'httpclient' gives something like the functionality of libwww-perl (LWP)
in Ruby. 'httpclient' formerly known as 'http-access2'.


Features:

 * methods like GET/HEAD/POST/* via HTTP/1.1.
 * HTTPS(SSL), Cookies, proxy, authentication(Digest, NTLM, Basic), etc.
 * asynchronous HTTP request, streaming HTTP request.

 * by contrast with net/http in standard distribution;
   * Cookies support
   * MT-safe
   * streaming POST (POST with File/IO)
   * Digest auth
   * Negotiate/NTLM auth for WWW-Authenticate (requires net/htlm module)
   * NTLM auth for Proxy-Authenticate (requires win32/sspi module)
   * extensible with filter interface
   * you don‘t have to care HTTP/1.1 persistent connection (httpclient
     cares instead of you)

 * Not supported now
   * Cache
   * Rather advanced HTTP/1.1 usage such as Range, deflate, etc. (of
     course you can set it in header by yourself)

For more detail, see API document at http://dev.ctor.org/doc/httpclient/

Download:
  http://dev.ctor.org/download/httpclient-2.1.3.1.tar.gz
  http://dev.ctor.org/download/httpclient-2.1.3.1.zip

sha1sum:
  eb2f562835106ec8925edae523cd471fb291e055  httpclient-2.1.3.1.tar.gz
  153d4d7ef5f79ffe90872a0f77fbad60e241e203  httpclient-2.1.3.1.zip

gem is available from official repository.

Regards,
// NaHi

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)

iQEcBAEBAgAGBQJJZf3zAAoJEKYDTjohNqG5Bc0H/3L0IaK7F+Gkwrso53R5yED6
21NM1fwPcFi6dtxgK/GOOKaUm5sO6I6+aGRkJuo1mbqZJN98wZl/83JlwsbpaOC6
iPA4q2oSFuLXKwulRPBC7wJKoqOQZwgo9FD0yxM8aguzD8240eWpUU1NoKTyvnFZ
8fodqcybj+FhW/dIdn+nltOGolxGKOGSHf7yaO2Do8VW5YkFe4vYfIpH2RfH1h8y
ZzDZLSgP6MEyWwQKDY+UqqxDRmgTh5Uw+6K50y5UpHldZr2QK9U8ZPBnvJ8tljp4
0uyM8cxlOzQq8ddmvV3S8sVBbwW19guLeD26upbU8Az4o8P71gJx9eL1GJUzSRY=
=zNni
-----END PGP SIGNATURE-----
This topic is locked and can not be replied to.