Class: Gitlab::HTTP

Inherits:

Object

Object
Gitlab::HTTP

show all

Defined in:: lib/gitlab/http.rb

Constant Summary collapse

BlockedUrlError =

Gitlab::HTTP_V2::BlockedUrlError

RedirectionTooDeep =

Gitlab::HTTP_V2::RedirectionTooDeep

ReadTotalTimeout =

Gitlab::HTTP_V2::ReadTotalTimeout

HeaderReadTimeout =

Gitlab::HTTP_V2::HeaderReadTimeout

SilentModeBlockedError =

Gitlab::HTTP_V2::SilentModeBlockedError

ResponseSizeTooLarge =

Gitlab::HTTP_V2::ResponseSizeTooLarge

MaxDecompressionSizeError =

Gitlab::HTTP_V2::MaxDecompressionSizeError

InvalidResponseError =

Gitlab::HTTP_V2::InvalidResponseError

HTTP_TIMEOUT_ERRORS =

Gitlab::HTTP_V2::HTTP_TIMEOUT_ERRORS

HTTP_ERRORS =

Gitlab::HTTP_V2::HTTP_ERRORS

DEFAULT_TIMEOUT_OPTIONS =

{
  open_timeout: 10,
  read_timeout: 20,
  write_timeout: 30
}.freeze

DEFAULT_READ_TOTAL_TIMEOUT =

30.seconds

Error = We are explicitly assigning these constants because they are used in the codebase.

HTTParty::Error

Response =

HTTParty::Response

ResponseError =

HTTParty::ResponseError

CookieHash =

HTTParty::CookieHash

Class Method Summary collapse

.perform_request(http_method, path, options, &block) ⇒ Object

TODO: This method is subject to be removed We have this for now because we explicitly use the perform_request method in some places.
.try_get(path, options = {}, &block) ⇒ Object
.without_decompression_limit ⇒ Object

Disables the decompression limit validation for the duration of the given block.

Class Method Details

.perform_request(http_method, path, options, &block) ⇒ `Object`

TODO: This method is subject to be removed We have this for now because we explicitly use the perform_request method in some places.

# File 'lib/gitlab/http.rb', line 45

def perform_request(http_method, path, options, &block)
  method_name = http_method::METHOD.downcase.to_sym

  unless ::Gitlab::HTTP_V2::SUPPORTED_HTTP_METHODS.include?(method_name)
    raise ArgumentError, "Unsupported HTTP method: '#{method_name}'."
  end

  # Use `::Gitlab::HTTP_V2.get/post/...` methods
  ::Gitlab::HTTP_V2.public_send(method_name, path, http_v2_options(options), &block) # rubocop:disable GitlabSecurity/PublicSend -- method is validated to make sure it is one of the methods in Gitlab::HTTP_V2::SUPPORTED_HTTP_METHODS
end

.try_get(path, options = {}, &block) ⇒ `Object`

# File 'lib/gitlab/http.rb', line 37

def try_get(path, options = {}, &block)
  get(path, options, &block)
rescue *HTTP_ERRORS
  nil
end

.without_decompression_limit ⇒ `Object`

Disables the decompression limit validation for the duration of the given block.

SECURITY WARNING: Only use this method for requests to trusted web servers that are not user-controlled. For requests to user-controlled servers, set ‘accept-encoding: identity` in the request headers to request the source server not return a compressed response.

# File 'lib/gitlab/http.rb', line 61

def without_decompression_limit
  return yield unless Gitlab::SafeRequestStore.active?

  begin
    prev = Gitlab::SafeRequestStore[:disable_net_http_decompression]
    Gitlab::SafeRequestStore[:disable_net_http_decompression] = true
    yield
  ensure
    Gitlab::SafeRequestStore[:disable_net_http_decompression] = prev
  end
end