75 lines
2.5 KiB
Ruby
75 lines
2.5 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
# This class is used as a proxy for all outbounding http connection
|
|
# coming from callbacks, services and hooks. The direct use of the HTTParty
|
|
# is discouraged because it can lead to several security problems, like SSRF
|
|
# calling internal IP or services.
|
|
module Gitlab
|
|
class HTTP
|
|
BlockedUrlError = Class.new(StandardError)
|
|
RedirectionTooDeep = Class.new(StandardError)
|
|
ReadTotalTimeout = Class.new(Net::ReadTimeout)
|
|
|
|
HTTP_TIMEOUT_ERRORS = [
|
|
Net::OpenTimeout, Net::ReadTimeout, Net::WriteTimeout, Gitlab::HTTP::ReadTotalTimeout
|
|
].freeze
|
|
HTTP_ERRORS = HTTP_TIMEOUT_ERRORS + [
|
|
SocketError, OpenSSL::SSL::SSLError, OpenSSL::OpenSSLError,
|
|
Errno::ECONNRESET, Errno::ECONNREFUSED, Errno::EHOSTUNREACH,
|
|
Gitlab::HTTP::BlockedUrlError, Gitlab::HTTP::RedirectionTooDeep
|
|
].freeze
|
|
|
|
DEFAULT_TIMEOUT_OPTIONS = {
|
|
open_timeout: 10,
|
|
read_timeout: 20,
|
|
write_timeout: 30
|
|
}.freeze
|
|
DEFAULT_READ_TOTAL_TIMEOUT = 20.seconds
|
|
|
|
include HTTParty # rubocop:disable Gitlab/HTTParty
|
|
|
|
class << self
|
|
alias_method :httparty_perform_request, :perform_request
|
|
end
|
|
|
|
connection_adapter HTTPConnectionAdapter
|
|
|
|
def self.perform_request(http_method, path, options, &block)
|
|
log_info = options.delete(:extra_log_info)
|
|
options_with_timeouts =
|
|
if !options.has_key?(:timeout)
|
|
options.with_defaults(DEFAULT_TIMEOUT_OPTIONS)
|
|
else
|
|
options
|
|
end
|
|
|
|
unless options.has_key?(:use_read_total_timeout)
|
|
return httparty_perform_request(http_method, path, options_with_timeouts, &block)
|
|
end
|
|
|
|
start_time = Gitlab::Metrics::System.monotonic_time
|
|
read_total_timeout = options.fetch(:timeout, DEFAULT_READ_TOTAL_TIMEOUT)
|
|
|
|
httparty_perform_request(http_method, path, options_with_timeouts) do |fragment|
|
|
elapsed = Gitlab::Metrics::System.monotonic_time - start_time
|
|
raise ReadTotalTimeout, "Request timed out after #{elapsed} seconds" if elapsed > read_total_timeout
|
|
|
|
block.call fragment if block
|
|
end
|
|
rescue HTTParty::RedirectionTooDeep
|
|
raise RedirectionTooDeep
|
|
rescue *HTTP_ERRORS => e
|
|
extra_info = log_info || {}
|
|
extra_info = log_info.call(e, path, options) if log_info.respond_to?(:call)
|
|
Gitlab::ErrorTracking.log_exception(e, extra_info)
|
|
raise e
|
|
end
|
|
|
|
def self.try_get(path, options = {}, &block)
|
|
self.get(path, options, &block)
|
|
rescue *HTTP_ERRORS
|
|
nil
|
|
end
|
|
end
|
|
end
|