lib/ureq
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

implement https_only flag

Browse Source
This commit is contained in:
Pierre Dubouilh
2022-04-05 18:26:29 +02:00
committed by Martin Algesten
parent 06743da5de
commit aced0d9b6a
3 changed files with 27 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/agent.rs
View File

@@ -54,6 +54,7 @@ pub(crate) struct AgentConfig {
pub timeout_read: Option<Duration>, pub timeout_read: Option<Duration>,
pub timeout_write: Option<Duration>, pub timeout_write: Option<Duration>,
pub timeout: Option<Duration>, pub timeout: Option<Duration>,
pub https_only: bool,
pub no_delay: bool, pub no_delay: bool,
pub redirects: u32, pub redirects: u32,
pub redirect_auth_headers: RedirectAuthHeaders, pub redirect_auth_headers: RedirectAuthHeaders,
@@ -239,6 +240,7 @@ impl AgentBuilder {
timeout_read: None, timeout_read: None,
timeout_write: None, timeout_write: None,
timeout: None, timeout: None,
https_only: false,
no_delay: true, no_delay: true,
redirects: 5, redirects: 5,
redirect_auth_headers: RedirectAuthHeaders::Never, redirect_auth_headers: RedirectAuthHeaders::Never,
@@ -293,6 +295,21 @@ impl AgentBuilder {
self self
} }
/// Enforce the client to only perform HTTPS requests.
/// This setting also makes the client refuse HTTPS to HTTP redirects.
/// Default is false
///
/// Example:
/// ```
/// let agent = ureq::AgentBuilder::new()
/// .https_only(true)
/// .build();
/// ```
pub fn https_only(mut self, enforce: bool) -> Self {
self.config.https_only = enforce;
self
}
/// Sets the maximum number of connections allowed in the connection pool. /// Sets the maximum number of connections allowed in the connection pool.
/// By default, this is set to 100. Setting this to zero would disable /// By default, this is set to 100. Setting this to zero would disable
/// connection pooling. /// connection pooling.

5
src/error.rs
View File

@@ -336,6 +336,8 @@ pub enum ErrorKind {
UnknownScheme, UnknownScheme,
/// DNS lookup failed. /// DNS lookup failed.
Dns, Dns,
/// Insecure request attempted with https only set
InsecureRequestHttpsOnly,
/// Connection to server failed. /// Connection to server failed.
ConnectionFailed, ConnectionFailed,
/// Too many redirects. /// Too many redirects.
@@ -402,6 +404,9 @@ impl fmt::Display for ErrorKind {
ErrorKind::InvalidUrl => write!(f, "Bad URL"), ErrorKind::InvalidUrl => write!(f, "Bad URL"),
ErrorKind::UnknownScheme => write!(f, "Unknown Scheme"), ErrorKind::UnknownScheme => write!(f, "Unknown Scheme"),
ErrorKind::Dns => write!(f, "Dns Failed"), ErrorKind::Dns => write!(f, "Dns Failed"),
ErrorKind::InsecureRequestHttpsOnly => {
write!(f, "Insecure request attempted with https_only set")
}
ErrorKind::ConnectionFailed => write!(f, "Connection Failed"), ErrorKind::ConnectionFailed => write!(f, "Connection Failed"),
ErrorKind::TooManyRedirects => write!(f, "Too Many Redirects"), ErrorKind::TooManyRedirects => write!(f, "Too Many Redirects"),
ErrorKind::BadStatus => write!(f, "Bad Status"), ErrorKind::BadStatus => write!(f, "Bad Status"),

5
src/unit.rs
View File

@@ -348,6 +348,11 @@ fn connect_socket(unit: &Unit, hostname: &str, use_pooled: bool) -> Result<(Stre
"http" | "https" | "test" => (), "http" | "https" | "test" => (),
scheme => return Err(ErrorKind::UnknownScheme.msg(format!("unknown scheme '{}'", scheme))), scheme => return Err(ErrorKind::UnknownScheme.msg(format!("unknown scheme '{}'", scheme))),
}; };
if unit.url.scheme() != "https" && unit.agent.config.https_only {
return Err(ErrorKind::InsecureRequestHttpsOnly.msg(format!(
"can't perform non https request with https_only set"
)));
}
if use_pooled { if use_pooled {
let pool = &unit.agent.state.pool; let pool = &unit.agent.state.pool;
let proxy = &unit.agent.config.proxy; let proxy = &unit.agent.config.proxy;