🚀 Advanced HTTP Client for Ruby. Fueled with interceptors.
GPL-3.0 License
Bot releases are visible (Hide)
Fixes no implicit conversion of nil into String
when request includes bearer proc but no bearer token.
Published by ryabrody almost 3 years ago
When a request url did include a parameter which did not match any provided parameters to be scrubbed, then the app ran into:
expected LHC::NotFound, got #<NoMethodError: undefined method `[]' for nil:NilClass>
This release fixes that.
Published by ryabrody almost 3 years ago
Filter more sensitive data from request's cache key and from response's effective URL.
Introduce usage of local_uri for filtering the data from the effective URL.
Published by ryabrody over 3 years ago
This release fixes FrozenError (can't modify frozen String: "[FILTERED]")
which happened when the app configured config.scrubs[:headers] << 'Authorization'
and a request with a bearer token or basic auth were made.
Published by ryabrody over 3 years ago
You can filter out sensitive request data from your log files and rollbar by appending them to LHS.config.scrubs
. These values will be marked [FILTERED]
in the log and on rollbar. Also nested parameters are being filtered.
The scrubbing configuration affects all request done by LHC independent of the endpoint. You can scrub any attribute within :params
, :headers
or :body
. For :auth
you either can choose :bearer
or :basic
(default is both).
LHS scrubs per default:
username
and password
within the Request Headerpassword
and password_confirmation
within the Request BodyEnhance the default scrubbing by pushing the name of the parameter, which should be scrubbed, as string to the existing configuration.
You can also add multiple parameters at once by pushing multiple strings.
Example:
LHC.configure do |c|
c.scrubs[:params] << 'api_key'
c.scrubs[:body].push('user_token', 'secret_key')
end
For disabling scrubbing, add following configuration:
LHC.configure do |c|
c.scrubs = {}
end
If you want to turn off :bearer
or :basic
scrubbing, then just overwrite the :auth
configuration.
Example:
LHC.configure do |c|
c.scrubs[:auth] = [:bearer]
end
If your app has a different authentication strategy than Bearer Authentication or Basic Authentication then you can filter the data by scrubbing the whole header:
LHC.configure do |c|
c.scrubs[:headers] << 'Authorization'
end
Major Changes
This Release automatically filters out sensitive data from the logs and rollbar notifications. No further changes needed.
Published by ryabrody over 3 years ago
This release upgrades rubocop and switches GitHub Action from using actions/setup-ruby
to use ruby/setup-ruby
.
It also removes the localch specific rubocop rules. Now we only have .rubocop.yml
.
Furthermore this PR disables following cops:
Lint/DeprecatedConstants
Lint/EmptyBlock
Lint/EmptyClass
Lint/OrAssignmentToConstant
Lint/SymbolConversion
Lint/NonDeterministicRequireOrder
Lint/ConstantDefinitionInBlock
Lint/ToJSON
Layout/LineLength
Style/HashConversion
Style/NilLambda
Style/SingleArgumentDig
Style/OptionalBooleanParameter
Style/CaseLikeIf
Style/OptionalBooleanParameter
Style/RedundantBegin
Style/RedundantAssignment
Performance/StringInclude
Major Changes
This version requires ruby 2.7 and higher
This Introduces monitoring for caching.
It extends the monitoring interceptor to record miss
or hit
in order to monitor http caching.
Also:
module_parent_name
calls to improve support of active support 5 and 6 and to get rid of some warningsafter_response
was not called, if a response was served from cacheThis adds the possibility to configure multi-level (local & central) caching for the caching interceptor.
Also:
cache_expires_in
which have been deprecation warned since years nowLHC::Caching.logger
in favor of simple stdout (puts), mainly because it hasn't been used anywhereYou can also use a central http cache to be used by the LHC::Caching
interceptor.
If you configure a local and a central cache, LHC will perform multi-level-caching.
LHC will try to retrieve cached information first from the central, in case of a miss from the local cache, while writing back into both.
LHC::Caching.central = {
read: 'redis://[email protected]:6379/0',
write: 'redis://[email protected]:6379/0'
}
Published by cedricwider about 4 years ago
Allow all values that deal with header information to be procs.
Published by cedricwider about 4 years ago
Published by cedricwider about 4 years ago
https://github.com/local-ch/lhc/releases/tag/v12.1.0 introduced a bug.
Because the auth interceptors uses instance variables for auth_options once it has been initalized with the before_raw_request hook (as used by body auth) other interceptors can not pass auth options anymore even at a later hook (before_request).
This PR removes the instance variable usage and lets auth interceptor always access the original auth option hash. So that other interceptor can prepare those options (like LHS auto auth interceptor).