summaryrefslogtreecommitdiff
path: root/config/initializers/net_http_response_patch.rb
blob: 4ffe227a3fda00a2ddfd83d782fe50a683677016 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# frozen_string_literal: true

module Net
  class HTTPResponse
    # rubocop: disable Cop/LineBreakAfterGuardClauses
    # rubocop: disable Cop/LineBreakAroundConditionalBlock
    # rubocop: disable Layout/EmptyLineAfterGuardClause
    # rubocop: disable Style/AndOr
    # rubocop: disable Style/CharacterLiteral
    # rubocop: disable Style/InfiniteLoop

    # Original method:
    # https://github.com/ruby/ruby/blob/v2_7_5/lib/net/http/response.rb#L54-L69
    #
    # Our changes:
    # - Pass along the `start_time` to `Gitlab::BufferedIo`, so we can raise a timeout
    #   if reading the headers takes too long.
    # - Limit the regexes to avoid ReDoS attacks.
    def self.each_response_header(sock)
      start_time = Process.clock_gettime(Process::CLOCK_MONOTONIC)
      key = value = nil
      while true
        line = sock.is_a?(Gitlab::BufferedIo) ? sock.readuntil("\n", true, start_time) : sock.readuntil("\n", true)
        line = line.sub(/\s{0,10}\z/, '')
        break if line.empty?
        if line[0] == ?\s or line[0] == ?\t and value
          # :nocov:
          value << ' ' unless value.empty?
          value << line.strip
          # :nocov:
        else
          yield key, value if key
          key, value = line.strip.split(/\s{0,10}:\s{0,10}/, 2)
          raise Net::HTTPBadResponse, 'wrong header line format' if value.nil?
        end
      end
      yield key, value if key
    end
    # rubocop: enable Cop/LineBreakAfterGuardClauses
    # rubocop: enable Cop/LineBreakAroundConditionalBlock
    # rubocop: enable Layout/EmptyLineAfterGuardClause
    # rubocop: enable Style/AndOr
    # rubocop: enable Style/CharacterLiteral
    # rubocop: enable Style/InfiniteLoop
  end
end