Httpclient 2.1.3-RC


#1

Hi all,

I’m working on releasing httpclient/2.1.3. ‘httpclient’ gives
something like the functionality of libwww-perl (LWP) in Ruby.
‘httpclient’ formerly known as ‘http-access2’. See
http://dev.ctor.org/httpclient/ for more detail.

httpclient / http-access2 users, would you please test the RC with
your application and let me know if you have any problem? 2.1.3 will
be released in a few week.

Sorry for [ANN] noise.

Regards,
// NaHi

= Changes in 2.1.3 =

  • Features

    • Proxy Authentication for SSL.
    • performance improvements. as fast as RFuzz::HttpClient,
      eventmachine and curb for keep-alive sites, and as fast as net/http
      for non keep-alive sites. you can get
    • added propfind and proppatch methods.
  • Changes

    • avoid unnecessary memory consuming for get_content/post_content
      with block. get_content returns nil when you call it with a block.
    • post_content with IO did not work when redirect/auth cycle is
      required. (CAUTION: post_content now correctly follows redirection and
      posts the given content)
    • exception handling cleanups.
      • raises HTTPClient::ConfigurationError for environment problem
        (trying to do SSL without openssl installed for example)
      • raises HTTPClient::BadResponse for HTTP response problem. you
        can get the response HTTPMessage returned via $!.res.
      • raises SocketError for connection problem (as same as before).
  • Bug fixes

    • avoid unnecessary negotiation cycle for Negotiate(NTLM)
      authentication. Thanks Rishav for great support for debugging
      Negotiate authentication.
    • get_content/post_content with block yielded unexpected message
      body during redirect/auth cycle.
    • relative URI redirection should be allowed from 2.1.2 but it did
      not work… fixed.
    • avoid unnecessary timeout waiting when no message body returned
      such as ‘204 No Content’ for DAV.
    • avoid blocking on socket closing when the socket is already
      closed by foreign host and the client runs under MT-condition.

#2

Hi again,

2008/12/16 NAKAMURA, Hiroshi removed_email_address@domain.invalid:

I’m working on releasing httpclient/2.1.3. ‘httpclient’ gives

  • performance improvements. as fast as RFuzz::HttpClient,
    eventmachine and curb for keep-alive sites, and as fast as net/http
    for non keep-alive sites.

I’m doing a little benchmark testing. Let me know if you are
interested and know something about it.

Environment:
HTTP Server:
Apache/2.2.9 (Ubuntu) mpm-worker
Ubuntu 8.10 32bit

HTTP Client:
Ruby: ruby 1.8.7 (2008-12-04 revision 20478) [i686-linux]
vendor:
eventmachine/0.12.2()
rfuzz/0.9
net/http (svn ruby_1_8)
httpclient/2.1.3-RC
open-uri (svn ruby_1_8) (net/http wrapper)
httparty/0.2.2 (net/http wrapper)
(
) EM::Protocols::HttpClient2 is not listed below because it does
not work when requests > 20 on my env.

HTTP Server and HTTP clients runs on the same host.

Benchmark suite:
http://dev.ctor.org/http-access2/browser/trunk/bench/bm.rb
proxy = nil
url = http://127.0.0.1/
threads = 2
requests = 250

Result:
HTTP Server KeeyAlive: Off
user system total real
curb 0.050000 0.420000 0.470000 ( 0.807049)
RFuzz::HttpClient 0.090000 0.430000 0.520000 ( 0.803075)
Net::HTTP 0.280000 0.520000 0.800000 ( 1.147281)
HTTPClient 0.140000 0.800000 0.940000 ( 1.299928)
open-uri 0.420000 0.880000 1.300000 ( 1.675272)
HTTParty 0.490000 0.620000 1.110000 ( 1.483024)

HTTP Server KeeyAlive: On
user system total real
curb 0.100000 0.460000 0.560000 ( 51.170485)
RFuzz::HttpClient 0.030000 0.580000 0.610000 ( 1.001198)
Net::HTTP 0.150000 0.490000 0.640000 ( 0.842344)
HTTPClient 0.140000 0.460000 0.600000 ( 0.801035)
open-uri 0.740000 0.740000 1.480000 ( 1.870712)
HTTParty 0.710000 0.880000 1.590000 ( 2.555711)

Considerations:

  1. EM::Protocols::HttpClient2 does not work on my env. Is the
    client code right?
  2. curb needs too much ‘real’ time when connecting to KeepAlive: On
    site. Is this expected?
  3. rfuzz and curb are faster than net/http and httpclient when
    connecting to KeepAlive: Off site.
  4. net/http and httpclient run almost as fast as rfuzz when
    connecting to KeepAlive: On site. Bear in mind that you need to call
    Net::HTTP#start and #finish by yourself for keep-alive handling. Just
    calling Net::HTTP#get takes 2 times longer than others. Bothersome?
    Use others.

At the last, does somebody know how I can read
http://apocryph.org/more_indepth_analysis_ruby_http_client_performance
? I get ‘Error establishing a database connection’.

Regards,
// NaHi


#3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

I posted httpclient/2.1.3. This release includes performance
improvements and full RDoc documentation. (See below for more detail)

‘httpclient’ gives something like the functionality of libwww-perl (LWP)
in Ruby. ‘httpclient’ formerly known as ‘http-access2’.

Features:

  • methods like GET/HEAD/POST/* via HTTP/1.1.

  • HTTPS(SSL), Cookies, proxy, authentication(Digest, NTLM, Basic), etc.

  • asynchronous HTTP request, streaming HTTP request.

  • by contrast with net/http in standard distribution;

    • Cookies support
    • MT-safe
    • streaming POST (POST with File/IO)
    • Digest auth
    • Negotiate/NTLM auth for WWW-Authenticate (requires net/htlm module)
    • NTLM auth for Proxy-Authenticate (requires win32/sspi module)
    • extensible with filter interface
    • you don‘t have to care HTTP/1.1 persistent connection (httpclient
      cares instead of you)
  • Not supported now

    • Cache
    • Rather advanced HTTP/1.1 usage such as Range, deflate, etc. (of
      course you can set it in header by yourself)

For more detail, see API document at http://dev.ctor.org/doc/httpclient/

Changes in 2.1.3:

  • Features

    • Proxy Authentication for SSL.
    • Performance improvements.
    • Full RDoc. Please tell me any English problem. Thanks in advance.
    • Do multipart file upload when a given body includes a File. You
      don’t need to set ‘Content-Type’ and boundary String any more.
    • Added propfind and proppatch methods.
  • Changes

    • Avoid unnecessary memory consuming for get_content/post_content
      with block. get_content returns nil when you call it with a block.
    • post_content with IO did not work when redirect/auth cycle is
      required. (CAUTION: post_content now correctly follows redirection
      and posts the given content)
    • Exception handling cleanups.
      • Raises HTTPClient::ConfigurationError for environment problem
        (trying to do SSL without openssl installed for example)
      • Raises HTTPClient::BadResponse for HTTP response problem. you
        can get the response HTTPMessage returned via $!.res.
      • Raises SocketError for connection problem (as same as before).
  • Bug fixes

    • Avoid unnecessary negotiation cycle for Negotiate(NTLM)
      authentication. Thanks Rishav for great support for debugging
      Negotiate authentication.
    • get_content/post_content with block yielded unexpected message
      body during redirect/auth cycle.
    • Relative URI redirection should be allowed from 2.1.2 but it did
      not work… fixed.
    • Avoid unnecessary timeout waiting when no message body returned
      such as ‘204 No Content’ for DAV.
    • Avoid blocking on socket closing when the socket is already closed
      by foreign host and the client runs under MT-condition.

Download:
http://dev.ctor.org/download/httpclient-2.1.3.tar.gz
http://dev.ctor.org/download/httpclient-2.1.3.zip

sha1sum:
fd1a755927822573c67806626ffdc9077ae15322 httpclient-2.1.3.tar.gz
f7733c7ec32a951a62d5bb7aa2c4ab876b405002 httpclient-2.1.3.zip

gem repository:
‘httpclient’ at http://dev.ctor.org/download/

Regards,
// NaHi

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)

iQEcBAEBAgAGBQJJWPGMAAoJEKYDTjohNqG5x/8H/23Y/SAhPYkBLW6N+a2V2rh6
3HVw3zms/wzjAySMBcRFgIa+MbTLsDg0/5PWO3uZPMuNCxjMEihVUpqmR1DkjRJD
Eg4Upr23R4caCDd7oKvd5WKpygif5XDZwGAZMSFln3zko9s7IjerRNkb+XAZWZyH
Swd059aItpHyXszOY1KAWBFiRIr0Y6wzrzxOG7d2ial/BwydScjLE3gTMKcdxDg2
xBeII+rxga+iPecg0ino9o0QibWA1DoFa4IAC7Wy3N8o3VcrNkHZT43Gn4dZacpQ
Hezl0vy9Kdl9YV0nm4dJo0ldKNdF9stl9p4xySpCYP+1U+8lCQNmicl1POQTRLk=
=BAOX
-----END PGP SIGNATURE-----


#4

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

I posted httpclient/2.1.3.1. httpclient/2.1.3.1 fixes a vulnerability
introduced at 2.1.3. httpclient <= 2.1.2 and http-access2 are safe.

get_content/post_content of httpclient/2.1.3 may send secure cookies for
a https site to non-secure (non-https) site when the https site
redirects the request to a non-https site. httpclient/2.1.3 caches
request object and reuses it for redirection. It should not be cached
and recreated for each time as httpclient <= 2.1.2 and http-access2. See
http://dev.ctor.org/http-access2/changeset/259#file2 for more detail.

I realized this bug when I was reading open-uri story on
[ruby-core:21205]. Ruby users should use open-uri rather than using
net/http directly wherever possible.

httpclient/2.1.3 users should update to 2.1.3.1.

‘httpclient’ gives something like the functionality of libwww-perl (LWP)
in Ruby. ‘httpclient’ formerly known as ‘http-access2’.

Features:

  • methods like GET/HEAD/POST/* via HTTP/1.1.

  • HTTPS(SSL), Cookies, proxy, authentication(Digest, NTLM, Basic), etc.

  • asynchronous HTTP request, streaming HTTP request.

  • by contrast with net/http in standard distribution;

    • Cookies support
    • MT-safe
    • streaming POST (POST with File/IO)
    • Digest auth
    • Negotiate/NTLM auth for WWW-Authenticate (requires net/htlm module)
    • NTLM auth for Proxy-Authenticate (requires win32/sspi module)
    • extensible with filter interface
    • you don‘t have to care HTTP/1.1 persistent connection (httpclient
      cares instead of you)
  • Not supported now

    • Cache
    • Rather advanced HTTP/1.1 usage such as Range, deflate, etc. (of
      course you can set it in header by yourself)

For more detail, see API document at http://dev.ctor.org/doc/httpclient/

Download:
http://dev.ctor.org/download/httpclient-2.1.3.1.tar.gz
http://dev.ctor.org/download/httpclient-2.1.3.1.zip

sha1sum:
eb2f562835106ec8925edae523cd471fb291e055 httpclient-2.1.3.1.tar.gz
153d4d7ef5f79ffe90872a0f77fbad60e241e203 httpclient-2.1.3.1.zip

gem is available from official repository.

Regards,
// NaHi

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)

iQEcBAEBAgAGBQJJZf3zAAoJEKYDTjohNqG5Bc0H/3L0IaK7F+Gkwrso53R5yED6
21NM1fwPcFi6dtxgK/GOOKaUm5sO6I6+aGRkJuo1mbqZJN98wZl/83JlwsbpaOC6
iPA4q2oSFuLXKwulRPBC7wJKoqOQZwgo9FD0yxM8aguzD8240eWpUU1NoKTyvnFZ
8fodqcybj+FhW/dIdn+nltOGolxGKOGSHf7yaO2Do8VW5YkFe4vYfIpH2RfH1h8y
ZzDZLSgP6MEyWwQKDY+UqqxDRmgTh5Uw+6K50y5UpHldZr2QK9U8ZPBnvJ8tljp4
0uyM8cxlOzQq8ddmvV3S8sVBbwW19guLeD26upbU8Az4o8P71gJx9eL1GJUzSRY=
=zNni
-----END PGP SIGNATURE-----