Bug #14664
closedAfter upgrade to 2.4.4: header field value cannot include CR/LF
Description
We are experiencing this issue after upgrading from ruby 2.4.3p205 (2017-12-14 revision 61247) [x86_64-linux] to ruby 2.4.4p296 (2018-03-28 revision 63013) [x86_64-linux]. Reverting back to 2.4.3 the code works.
header field value cannot include CR/LF
/home/anselm-dashboard/.rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/net/http/header.rb:23:in `block in initialize_http_header'
/home/anselm-dashboard/.rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/net/http/header.rb:16:in `each'
/home/anselm-dashboard/.rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/net/http/header.rb:16:in `initialize_http_header'
/home/anselm-dashboard/.rvm/rubies/ruby-2.4.4/lib/ruby/2.4.0/net/http/generic_request.rb:44:in `initialize'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/faraday-0.9.2/lib/faraday/adapter/net_http.rb:62:in `new'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/faraday-0.9.2/lib/faraday/adapter/net_http.rb:62:in `create_request'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/faraday-0.9.2/lib/faraday/adapter/net_http.rb:82:in `perform_request'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/faraday-0.9.2/lib/faraday/adapter/net_http.rb:40:in `block in call'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/faraday-0.9.2/lib/faraday/adapter/net_http.rb:87:in `with_net_http_connection'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/faraday-0.9.2/lib/faraday/adapter/net_http.rb:32:in `call'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/faraday-0.9.2/lib/faraday/response.rb:8:in `call'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google-api-client-0.8.6/lib/google/api_client/request.rb:163:in `send'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google-api-client-0.8.6/lib/google/api_client.rb:648:in `block (2 levels) in execute!'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/retriable-1.4.1/lib/retriable/retry.rb:27:in `perform'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/retriable-1.4.1/lib/retriable.rb:15:in `retriable'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google-api-client-0.8.6/lib/google/api_client.rb:645:in `block in execute!'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/retriable-1.4.1/lib/retriable/retry.rb:27:in `perform'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/retriable-1.4.1/lib/retriable.rb:15:in `retriable'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google-api-client-0.8.6/lib/google/api_client.rb:636:in `execute!'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google-api-client-0.8.6/lib/google/api_client.rb:368:in `discovery_document'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google-api-client-0.8.6/lib/google/api_client.rb:413:in `discovered_api'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google_drive-1.0.6/lib/google_drive/api_client_fetcher.rb:36:in `initialize'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google_drive-1.0.6/lib/google_drive/session.rb:78:in `new'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google_drive-1.0.6/lib/google_drive/session.rb:78:in `initialize'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google_drive-1.0.6/lib/google_drive.rb:77:in `new'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/google_drive-1.0.6/lib/google_drive.rb:77:in `login_with_oauth'
/opt/anselm-dashboard/jobs/google_spreadsheet.rb:60:in `block in <top (required)>'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/rufus-scheduler-2.0.24/lib/rufus/sc/jobs.rb:230:in `trigger_block'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/rufus-scheduler-2.0.24/lib/rufus/sc/jobs.rb:204:in `block in trigger'
/home/anselm-dashboard/.rvm/gems/ruby-2.4.4/gems/rufus-scheduler-2.0.24/lib/rufus/sc/scheduler.rb:430:in `block in trigger_job'
1 require 'google/api_client'
2 require 'google/api_client/client_secrets'
3 require 'google/api_client/auth/file_storage'
4 require 'google/api_client/auth/installed_app'
5 require 'google_drive'
6
7 CELLS_ROW_NUMBER = 3
8 CELLS_COLUMN_NUMBER = 3
9
10 SUPERVISORS = {
29 }
30
31 SUPERVISORS.default = 'N/A'
32
33 def authorize
34 client = Google::APIClient.new(
35 :application_name => 'Get Value from Google SpreadSheet for Dashing',
36 :application_version => '1.0.0')
37
38 file_storage = Google::APIClient::FileStorage.new('credential-oauth2.json')
39 if file_storage.authorization.nil?
40 flow = Google::APIClient::InstalledAppFlow.new(
41 :client_id => ENV['GOOGLE_DRIVE_CLIENT_ID'],
42 :client_secret => ENV['GOOGLE_DRIVE_CLIENT_SECRET'],
43 :scope => %w(
44 https://www.googleapis.com/auth/drive
45 https://docs.google.com/feeds/
46 https://docs.googleusercontent.com/
47 https://spreadsheets.google.com/feeds/
48 ),
49 )
50 client.authorization = flow.authorize(file_storage)
51 else
52 client.authorization = file_storage.authorization
53 end
54
55 client
56 end
57
58 SCHEDULER.every '10m', :first_in => 0 do |job|
59 client = authorize
60 session = GoogleDrive.login_with_oauth(client.authorization.access_token)
61 people=[]
62 for day in -1..1 do
79 end
80 end
Updated by naruse (Yui NARUSE) over 6 years ago
- Status changed from Open to Rejected
It's from r61359 because HTTP doesn't allow CRLF in their header value.
I think your application was silently broken from before.
Updated by Tietew (Toru Iwase) over 6 years ago
Upgrade google-api-client gem to 0.20.0.
cf. https://github.com/google/google-api-ruby-client/pull/648
Updated by normalperson (Eric Wong) over 6 years ago
naruse@airemix.jp wrote:
It's from r61359 because HTTP doesn't allow CRLF in their header value.
I think your application was silently broken from before.
CRLF followed by leading-whitespace (LWS) should be allowed
"Host:\r\n\texample.com\r\n"
"Host:\r\n example.com\r\n"
I think it's necessary for some base64-encoded proxy
certificates embedded in headers