Support for Gzip/Inflate #375
Conversation
|
Awesome! Thanks! Couple of notes though... This should not be auto-enabled. User should explicitly tell to use inflater on incoming data. Probably something like this: HTTP.use(:auto_inflate).headers("Accept-Encoding" => "gzip").get("https://github.com")Sometimes one may want not to inflate body and keep it as is. Also it would make sense to add deflate support as well. Second thing is we should NEVER modify response headers, regardless if body was auto-inflated or not. I see inflater to be an IO wrapper. Or filter. So that it would be possible to re-use for example apart from HTTP gem. |
👍 on that. Compression over TLS can lead to compression oracles (ala TIME, CRIME, BREACH) |
Are you sure about that? The body is no longer encoded, so |
|
@Bonias Hm. Good call, but I think Net::HTTP is doing that wrong. |
|
I think it's worth considering to enable it by default, even going as far as setting
To make it possible for clients to retrieve the compressed body, perhaps I had a stab at implementing this a while ago, but got stuck on writing proper tests and kind of forgot. Deflate seemed to come in two flavours. |
Can be used this way:
# body will be automatically decoded when Content-Encoding is set to gzip or deflate
HTTP.use(:auto_inflate).headers("Accept-Encoding" => "gzip").get("https://github.com").to_s
# request body will be automatically encoded with gzip. Content-Encoding header will be automatically set to gzip
HTTP.use(:auto_deflate).post("https://github.com", body: "Some body").to_s
# both features can be used at the same time
HTTP.use(:auto_inflate, :auto_deflate).headers("Accept-Encoding" => "gzip").post("https://github.com", body: "Some body")
# deflate encoding can be used to encode body
HTTP.use(auto_deflate: { method: :deflate }).headers("Accept-Encoding" => "gzip").post("https://github.com", body: "Some body")
|
I updated PR. We can turn decoding on by setting We can turn encoding on (gzip by default): Or both features at once: We can also use deflate instead of gzip: Unfortunately rubocop is reporting 3 offenses. I'm not sure how to fix them, but maybe I'll handle that later, when you will not have any other remarks to this PR. What do you think? |
|
So far looks good. Have some strange feelings, but can't formulate them yet -will take another deeper look later today or tomorrow. |
|
Ship it! |
|
This looks good to me. Regarding the RuboCop offenses, I think we should just disable Re: MethodLength, I'm fine turning that up to 25 globally. |
|
Sorry got lots of things to do this week. Will provide my input tomorrow. |
Increase Metrics/MethodLength to 25 Disable Metrics/ClassLength on HTTP:Options and DummyServer::Servlet httprb#375 (comment)
|
I've changed rubocop config for now. |
It seems `Zlib::GzipWriter.wrap` behave differently with JRuby and ruby MRI. See jruby/jruby#4249.
|
I missed JRuby failed tests before. They are fixed now. |
|
Hi guys. Is there anything else what is blocking this PR? |
|
It looks ok to me. I'm down to merge it if @ixti is |
|
Sorry, completely overlooked this one. Thanks again for all your hard work! Merged! |
Upstream changes (from CHANGES.md): ## 2.2.0 (2017-02-03) * [#375](httprb/http#375) Add support for automatic Gzip/Inflate ([@Bonias]) * [#390](httprb/http#390) Add REPORT to the list of valid HTTP verbs ([@ixti]) ## 2.1.0 (2016-11-08) * [#370](httprb/http#370) Add Headers#include? ([@ixti]) * [#364](httprb/http#364) Add HTTP::Response#connection ([@janko-m]) * [#362](httprb/http#362) connect_ssl uses connect_timeout (Closes #359) ([@TiagoCardoso1983])
Hi,
I implemented gzip/inflate decompression. It resolves #113.
Before:
After:
Please, let me know if I need to change something here.