class Gem::Net::HTTP::Persistent
Persistent
connections for Gem::Net::HTTP
Gem::Net::HTTP::Persistent
maintains persistent connections across all the servers you wish to talk to. For each host:port you communicate with a single persistent connection is created.
Connections will be shared across threads through a connection pool to increase reuse of connections.
You can shut down any remaining HTTP connections when done by calling shutdown
.
Example:
require 'bundler/vendor/net-http-persistent/lib/net/http/persistent' uri = Gem::URI 'http://example.com/awesome/web/service' http = Gem::Net::HTTP::Persistent.new # perform a GET response = http.request uri # or get = Gem::Net::HTTP::Get.new uri.request_uri response = http.request get # create a POST post_uri = uri + 'create' post = Gem::Net::HTTP::Post.new post_uri.path post.set_form_data 'some' => 'cool data' # perform the POST, the Gem::URI is always required response http.request post_uri, post
Note that for GET, HEAD and other requests that do not have a body you want to use Gem::URI#request_uri not Gem::URI#path. The request_uri contains the query params which are sent in the body for other requests.
TLS/SSL¶ ↑
TLS connections are automatically created depending upon the scheme of the Gem::URI
. TLS connections are automatically verified against the default certificate store for your computer. You can override this by changing verify_mode
or by specifying an alternate cert_store.
Here are the TLS settings, see the individual methods for documentation:
certificate
-
This client’s certificate
ca_file
-
The certificate-authorities
ca_path
-
Directory with certificate-authorities
cert_store
-
An SSL certificate store
ciphers
-
List of SSl ciphers allowed
private_key
-
The client’s SSL private key
reuse_ssl_sessions
-
Reuse a previously opened SSL session for a new connection
ssl_timeout
-
Session lifetime
ssl_version
-
Which specific SSL version to use
verify_callback
-
For server certificate verification
verify_depth
-
Depth of certificate verification
verify_mode
-
How connections should be verified
verify_hostname
-
Use hostname verification for server certificate during the handshake
Proxies¶ ↑
A proxy can be set through proxy=
or at initialization time by providing a second argument to ::new
. The proxy may be the Gem::URI
of the proxy server or :ENV
which will consult environment variables.
See proxy=
and proxy_from_env
for details.
Headers¶ ↑
Headers may be specified for use in every request. headers
are appended to any headers on the request. override_headers
replace existing headers on the request.
The difference between the two can be seen in setting the User-Agent. Using http.headers['User-Agent'] = 'MyUserAgent'
will send “Ruby, MyUserAgent” while http.override_headers['User-Agent'] = 'MyUserAgent'
will send “MyUserAgent”.
Tuning¶ ↑
Segregation¶ ↑
Each Gem::Net::HTTP::Persistent
instance has its own pool of connections. There is no sharing with other instances (as was true in earlier versions).
Idle Timeout¶ ↑
If a connection hasn’t been used for this number of seconds it will automatically be reset upon the next use to avoid attempting to send to a closed connection. The default value is 5 seconds. nil means no timeout. Set through idle_timeout
.
Reducing this value may help avoid the “too many connection resets” error when sending non-idempotent requests while increasing this value will cause fewer round-trips.
Read Timeout¶ ↑
The amount of time allowed between reading two chunks from the socket. Set through read_timeout
Max Requests¶ ↑
The number of requests that should be made before opening a new connection. Typically many keep-alive capable servers tune this to 100 or less, so the 101st request will fail with ECONNRESET. If unset (default), this value has no effect, if set, connections will be reset on the request after max_requests.
Open Timeout¶ ↑
The amount of time to wait for a connection to be opened. Set through open_timeout
.
Socket Options¶ ↑
Socket options may be set on newly-created connections. See socket_options
for details.
Connection Termination¶ ↑
If you are done using the Gem::Net::HTTP::Persistent
instance you may shut down all the connections in the current thread with shutdown
. This is not recommended for normal use, it should only be used when it will be several minutes before you make another HTTP request.
If you are using multiple threads, call shutdown
in each thread when the thread is done making requests. If you don’t call shutdown, that’s OK. Ruby will automatically garbage collect and shutdown your HTTP connections when the thread terminates.
Constants
- DEFAULT_POOL_SIZE
- VERSION
The version of
Gem::Net::HTTP::Persistent
you are using
Attributes
An SSL certificate authority. Setting this will set verify_mode
to VERIFY_PEER.
A directory of SSL certificates to be used as certificate authorities. Setting this will set verify_mode
to VERIFY_PEER.
This client’s OpenSSL::X509::Certificate
An SSL certificate store. Setting this will override the default certificate store. See verify_mode
for more information.
This client’s OpenSSL::X509::Certificate
The ciphers allowed for SSL connections
Sends debug_output
to this IO via Gem::Net::HTTP#set_debug_output.
Never use this method in production code, it causes a serious security hole.
Headers that are added to every request using Gem::Net::HTTP#add_field
Maps host:port to an HTTP version. This allows us to enable version specific features.
Maximum time an unused connection can remain idle before being automatically closed.
The value sent in the Keep-Alive header. Defaults to 30. Not needed for HTTP/1.1 servers.
This may not work correctly for HTTP/1.0 servers
This method may be removed in a future version as RFC 2616 does not require this header.
This client’s SSL private key
Maximum number of requests on a connection before it is considered expired and automatically closed.
Number of retries to perform if a request fails.
See also max_retries=
, Gem::Net::HTTP#max_retries=.
Maximum SSL version to use, e.g. :TLS1_2
By default, the version will be negotiated automatically between client and server. Ruby 2.5 and newer only.
Minimum SSL version to use, e.g. :TLS1_1
By default, the version will be negotiated automatically between client and server. Ruby 2.5 and newer only.
The name for this collection of persistent connections.
List of host suffixes which will not be proxied
Seconds to wait until a connection is opened. See Gem::Net::HTTP#open_timeout
Headers that are added to every request using Gem::Net::HTTP#[]=
This client’s SSL private key
The URL through which requests will be proxied
Seconds to wait until reading one block. See Gem::Net::HTTP#read_timeout
By default SSL sessions are reused to avoid extra SSL handshakes. Set this to false if you have problems communicating with an HTTPS server like:
SSL_connect [...] read finished A: unexpected message (OpenSSL::SSL::SSLError)
An array of options for Socket#setsockopt.
By default the TCP_NODELAY option is set on sockets.
To set additional options append them to this array:
http.socket_options << [Socket::SOL_SOCKET, Socket::SO_KEEPALIVE, 1]
SSL session lifetime
SSL version to use.
By default, the version will be negotiated automatically between client and server. Ruby 1.9 and newer only. Deprecated since Ruby 2.5.
Sets the depth of SSL certificate verification
HTTPS verify_hostname.
If a client sets this to true and enables SNI with SSLSocket#hostname=, the hostname verification on the server certificate is performed automatically during the handshake using OpenSSL::SSL.verify_certificate_identity().
You can set verify_hostname
as true to use hostname verification during the handshake.
NOTE: This works with Ruby > 3.0.
HTTPS verify mode. Defaults to OpenSSL::SSL::VERIFY_PEER which verifies the server certificate.
If no ca_file
, ca_path
or cert_store
is set the default system certificate store is used.
You can use verify_mode
to override any default values.
Seconds to wait until writing one block. See Gem::Net::HTTP#write_timeout
Public Class Methods
Use this method to detect the idle timeout of the host at uri
. The value returned can be used to configure idle_timeout
. max
controls the maximum idle timeout to detect.
After
Idle timeout detection is performed by creating a connection then performing a HEAD request in a loop until the connection terminates waiting one additional second per loop.
NOTE: This may not work on ruby > 1.9.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 201 def self.detect_idle_timeout uri, max = 10 uri = Gem::URI uri unless Gem::URI::Generic === uri uri += '/' req = Gem::Net::HTTP::Head.new uri.request_uri http = new 'net-http-persistent detect_idle_timeout' http.connection_for uri do |connection| sleep_time = 0 http = connection.http loop do response = http.request req $stderr.puts "HEAD #{uri} => #{response.code}" if $DEBUG unless Gem::Net::HTTPOK === response then raise Error, "bad response code #{response.code} detecting idle timeout" end break if sleep_time >= max sleep_time += 1 $stderr.puts "sleeping #{sleep_time}" if $DEBUG sleep sleep_time end end rescue # ignore StandardErrors, we've probably found the idle timeout. ensure return sleep_time unless $! end
Creates a new Gem::Net::HTTP::Persistent
.
Set a name
for fun. Your library name should be good enough, but this otherwise has no purpose.
proxy
may be set to a Gem::URI::HTTP or :ENV to pick up proxy options from the environment. See proxy_from_env
for details.
In order to use a Gem::URI
for the proxy you may need to do some extra work beyond Gem::URI
parsing if the proxy requires a password:
proxy = Gem::URI 'http://proxy.example' proxy.user = 'AzureDiamond' proxy.password = 'hunter2'
Set pool_size
to limit the maximum number of connections allowed. Defaults to 1/4 the number of allowed file handles or 256 if your OS does not support a limit on allowed file handles. You can have no more than this many threads with active HTTP transactions.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 490 def initialize name: nil, proxy: nil, pool_size: DEFAULT_POOL_SIZE @name = name @debug_output = nil @proxy_uri = nil @no_proxy = [] @headers = {} @override_headers = {} @http_versions = {} @keep_alive = 30 @open_timeout = nil @read_timeout = nil @write_timeout = nil @idle_timeout = 5 @max_requests = nil @max_retries = 1 @socket_options = [] @ssl_generation = 0 # incremented when SSL session variables change @socket_options << [Socket::IPPROTO_TCP, Socket::TCP_NODELAY, 1] if Socket.const_defined? :TCP_NODELAY @pool = Gem::Net::HTTP::Persistent::Pool.new size: pool_size do |http_args| Gem::Net::HTTP::Persistent::Connection.new Gem::Net::HTTP, http_args, @ssl_generation end @certificate = nil @ca_file = nil @ca_path = nil @ciphers = nil @private_key = nil @ssl_timeout = nil @ssl_version = nil @min_version = nil @max_version = nil @verify_callback = nil @verify_depth = nil @verify_mode = nil @verify_hostname = nil @cert_store = nil @generation = 0 # incremented when proxy Gem::URI changes if HAVE_OPENSSL then @verify_mode = OpenSSL::SSL::VERIFY_PEER @reuse_ssl_sessions = OpenSSL::SSL.const_defined? :Session end self.proxy = proxy if proxy end
Public Instance Methods
Sets the SSL certificate authority file.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 556 def ca_file= file @ca_file = file reconnect_ssl end
Sets the SSL certificate authority path.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 565 def ca_path= path @ca_path = path reconnect_ssl end
Overrides the default SSL certificate store used for verifying connections.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 575 def cert_store= store @cert_store = store reconnect_ssl end
Sets this client’s OpenSSL::X509::Certificate
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 544 def certificate= certificate @certificate = certificate reconnect_ssl end
The ciphers allowed for SSL connections
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 584 def ciphers= ciphers @ciphers = ciphers reconnect_ssl end
Creates a new connection for uri
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 593 def connection_for uri use_ssl = uri.scheme.downcase == 'https' net_http_args = [uri.hostname, uri.port] # I'm unsure if uri.host or uri.hostname should be checked against # the proxy bypass list. if @proxy_uri and not proxy_bypass? uri.host, uri.port then net_http_args.concat @proxy_args else net_http_args.concat [nil, nil, nil, nil] end connection = @pool.checkout net_http_args http = connection.http connection.ressl @ssl_generation if connection.ssl_generation != @ssl_generation if not http.started? then ssl http if use_ssl start http elsif expired? connection then reset connection end http.keep_alive_timeout = @idle_timeout if @idle_timeout http.max_retries = @max_retries if http.respond_to?(:max_retries=) http.read_timeout = @read_timeout if @read_timeout http.write_timeout = @write_timeout if @write_timeout && http.respond_to?(:write_timeout=) return yield connection rescue Errno::ECONNREFUSED if http.proxy? address = http.proxy_address port = http.proxy_port else address = http.address port = http.port end raise Error, "connection refused: #{address}:#{port}" rescue Errno::EHOSTDOWN if http.proxy? address = http.proxy_address port = http.proxy_port else address = http.address port = http.port end raise Error, "host down: #{address}:#{port}" ensure @pool.checkin net_http_args end
CGI::escape wrapper
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 654 def escape str CGI.escape str if str end
Returns true if the connection should be reset due to an idle timeout, or maximum request count, false otherwise.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 670 def expired? connection return true if @max_requests && connection.requests >= @max_requests return false unless @idle_timeout return true if @idle_timeout.zero? Time.now - connection.last_use > @idle_timeout end
Finishes the Gem::Net::HTTP
connection
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 699 def finish connection connection.finish connection.http.instance_variable_set :@last_communicated, nil connection.http.instance_variable_set :@ssl_session, nil unless @reuse_ssl_sessions end
Returns the HTTP protocol version for uri
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 710 def http_version uri @http_versions["#{uri.hostname}:#{uri.port}"] end
Set the maximum number of retries for a request.
Defaults to one retry.
Set this to 0 to disable retries.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 728 def max_retries= retries retries = retries.to_int raise ArgumentError, "max_retries must be positive" if retries < 0 @max_retries = retries reconnect end
maximum SSL version to use
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 1063 def max_version= max_version @max_version = max_version reconnect_ssl end
Minimum SSL version to use
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 1054 def min_version= min_version @min_version = min_version reconnect_ssl end
Adds “http://” to the String uri
if it is missing.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 717 def normalize_uri uri (uri =~ /^https?:/) ? uri : "http://#{uri}" end
Sets this client’s SSL private key
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 741 def private_key= key @private_key = key reconnect_ssl end
Sets the proxy server. The proxy
may be the Gem::URI
of the proxy server, the symbol :ENV
which will read the proxy from the environment or nil to disable use of a proxy. See proxy_from_env
for details on setting the proxy from the environment.
If the proxy Gem::URI
is set after requests have been made, the next request will shut-down and re-open all connections.
The no_proxy
query parameter can be used to specify hosts which shouldn’t be reached via proxy; if set it should be a comma separated list of hostname suffixes, optionally with :port
appended, for example example.com,some.host:8080
.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 764 def proxy= proxy @proxy_uri = case proxy when :ENV then proxy_from_env when Gem::URI::HTTP then proxy when nil then # ignore else raise ArgumentError, 'proxy must be :ENV or a Gem::URI::HTTP' end @no_proxy.clear if @proxy_uri then @proxy_args = [ @proxy_uri.hostname, @proxy_uri.port, unescape(@proxy_uri.user), unescape(@proxy_uri.password), ] @proxy_connection_id = [nil, *@proxy_args].join ':' if @proxy_uri.query then @no_proxy = CGI.parse(@proxy_uri.query)['no_proxy'].join(',').downcase.split(',').map { |x| x.strip }.reject { |x| x.empty? } end end reconnect reconnect_ssl end
Returns true when proxy should by bypassed for host.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 838 def proxy_bypass? host, port host = host.downcase host_port = [host, port].join ':' @no_proxy.each do |name| return true if host[-name.length, name.length] == name or host_port[-name.length, name.length] == name end false end
Creates a Gem::URI
for an HTTP proxy server from ENV variables.
If HTTP_PROXY
is set a proxy will be returned.
If HTTP_PROXY_USER
or HTTP_PROXY_PASS
are set the Gem::URI
is given the indicated user and password unless HTTP_PROXY contains either of these in the Gem::URI
.
The NO_PROXY
ENV variable can be used to specify hosts which shouldn’t be reached via proxy; if set it should be a comma separated list of hostname suffixes, optionally with :port
appended, for example example.com,some.host:8080
. When set to *
no proxy will be returned.
For Windows users, lowercase ENV variables are preferred over uppercase ENV variables.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 811 def proxy_from_env env_proxy = ENV['http_proxy'] || ENV['HTTP_PROXY'] return nil if env_proxy.nil? or env_proxy.empty? uri = Gem::URI normalize_uri env_proxy env_no_proxy = ENV['no_proxy'] || ENV['NO_PROXY'] # '*' is special case for always bypass return nil if env_no_proxy == '*' if env_no_proxy then uri.query = "no_proxy=#{escape(env_no_proxy)}" end unless uri.user or uri.password then uri.user = escape ENV['http_proxy_user'] || ENV['HTTP_PROXY_USER'] uri.password = escape ENV['http_proxy_pass'] || ENV['HTTP_PROXY_PASS'] end uri end
Forces reconnection of all HTTP connections, including TLS/SSL connections.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 854 def reconnect @generation += 1 end
Forces reconnection of only TLS/SSL connections.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 861 def reconnect_ssl @ssl_generation += 1 end
Makes a request on uri
. If req
is nil a Gem::Net::HTTP::Get is performed against uri
.
If a block is passed request
behaves like Gem::Net::HTTP#request (the body of the response will not have been read).
req
must be a Gem::Net::HTTPGenericRequest subclass (see Gem::Net::HTTP
for a list).
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 893 def request uri, req = nil, &block uri = Gem::URI uri req = request_setup req || uri response = nil connection_for uri do |connection| http = connection.http begin connection.requests += 1 response = http.request req, &block if req.connection_close? or (response.http_version <= '1.0' and not response.connection_keep_alive?) or response.connection_close? then finish connection end rescue Exception # make sure to close the connection when it was interrupted finish connection raise ensure connection.last_use = Time.now end end @http_versions["#{uri.hostname}:#{uri.port}"] ||= response.http_version response end
Finishes then restarts the Gem::Net::HTTP
connection
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 868 def reset connection http = connection.http finish connection start http rescue Errno::ECONNREFUSED e = Error.new "connection refused: #{http.address}:#{http.port}" e.set_backtrace $@ raise e rescue Errno::EHOSTDOWN e = Error.new "host down: #{http.address}:#{http.port}" e.set_backtrace $@ raise e end
Shuts down all connections
NOTE: Calling shutdown for can be dangerous!
If any thread is still using a connection it may cause an error! Call shutdown
when you are completely done making requests!
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 963 def shutdown @pool.shutdown { |http| http.finish } end
Enables SSL on connection
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 970 def ssl connection connection.use_ssl = true connection.ciphers = @ciphers if @ciphers connection.ssl_timeout = @ssl_timeout if @ssl_timeout connection.ssl_version = @ssl_version if @ssl_version connection.min_version = @min_version if @min_version connection.max_version = @max_version if @max_version connection.verify_depth = @verify_depth connection.verify_mode = @verify_mode connection.verify_hostname = @verify_hostname if @verify_hostname != nil && connection.respond_to?(:verify_hostname=) if OpenSSL::SSL::VERIFY_PEER == OpenSSL::SSL::VERIFY_NONE and not Object.const_defined?(:I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG) then warn <<-WARNING !!!SECURITY WARNING!!! The SSL HTTP connection to: #{connection.address}:#{connection.port} !!!MAY NOT BE VERIFIED!!! On your platform your OpenSSL implementation is broken. There is no difference between the values of VERIFY_NONE and VERIFY_PEER. This means that attempting to verify the security of SSL connections may not work. This exposes you to man-in-the-middle exploits, snooping on the contents of your connection and other dangers to the security of your data. To disable this warning define the following constant at top-level in your application: I_KNOW_THAT_OPENSSL_VERIFY_PEER_EQUALS_VERIFY_NONE_IS_WRONG = nil WARNING end connection.ca_file = @ca_file if @ca_file connection.ca_path = @ca_path if @ca_path if @ca_file or @ca_path then connection.verify_mode = OpenSSL::SSL::VERIFY_PEER connection.verify_callback = @verify_callback if @verify_callback end if @certificate and @private_key then connection.cert = @certificate connection.key = @private_key end connection.cert_store = if @cert_store then @cert_store else store = OpenSSL::X509::Store.new store.set_default_paths store end end
SSL session lifetime
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 1036 def ssl_timeout= ssl_timeout @ssl_timeout = ssl_timeout reconnect_ssl end
SSL version to use
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 1045 def ssl_version= ssl_version @ssl_version = ssl_version reconnect_ssl end
Starts the Gem::Net::HTTP
connection
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 681 def start http http.set_debug_output @debug_output if @debug_output http.open_timeout = @open_timeout if @open_timeout http.start socket = http.instance_variable_get :@socket if socket then # for fakeweb @socket_options.each do |option| socket.io.setsockopt(*option) end end end
CGI::unescape wrapper
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 661 def unescape str CGI.unescape str if str end
SSL verification callback.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 1103 def verify_callback= callback @verify_callback = callback reconnect_ssl end
Sets the depth of SSL certificate verification
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 1072 def verify_depth= verify_depth @verify_depth = verify_depth reconnect_ssl end
Sets the HTTPS verify_hostname.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 1094 def verify_hostname= verify_hostname @verify_hostname = verify_hostname reconnect_ssl end
Sets the HTTPS verify mode. Defaults to OpenSSL::SSL::VERIFY_PEER.
Setting this to VERIFY_NONE is a VERY BAD IDEA and should NEVER be used. Securely transfer the correct certificate and update the default certificate store or set the ca file instead.
# File bundler/vendor/net-http-persistent/lib/net/http/persistent.rb, line 1085 def verify_mode= verify_mode @verify_mode = verify_mode reconnect_ssl end