In some special cases, to prevent against Cross Site Script Inclusion (XSSI)
attacks, the JSON response body starts with a magic prefix line that must be
stripped before feeding the rest of the response body to the JSON parser.
Such prefix is now simply ignored from the parser but still printed in the
terminal.
* Fix Windows tests
* Fix the handling of cookies from session files
* Apply suggestions from code review
Co-authored-by: Jakub Roztocil <jakub@roztocil.co>
* Fix test docstring formatting
Co-authored-by: Jakub Roztocil <jakub@roztocil.co>
* Support `requests.response.raw` being a file-like object
Previously HTTPie relied on `requests.models.Response.raw` being
`urllib3.HTTPResponse`. The `requests` documentation specifies that
(requests.models.Response.raw)[https://docs.python-requests.org/en/master/api/#requests.Response.raw]
is a file-like object but allows for other types for internal use.
This change introduces graceful handling for scenarios when
`requests.models.Response.raw` is not `urllib3.HTTPResponse`. In such a scenario
HTTPie now falls back to extracting metadata from `requests.models.Response`
directly instead of direct access from protected protected members such as
`response.raw._original_response`. A side effect in this fallback procedure is
that we can no longer determine HTTP protocol version and report it as `1.1`.
This change is necessary to make it possible to implement `TransportPlugins`
without having to also needing to emulate internal behavior of `urlib3` and
`http.client`.
* Load cookies from `response.headers` instead of `response.raw._original_response.msg._headers`
`response.cookies` was not utilized as it not possible to construct original
payload from `http.cookiejar.Cookie`. Data is stored in lossy format. For example
`Cookie.secure` defaults to `False` so we cannot distinguish if `Cookie.secure` was
set to `False` or was not set at all. Same problem applies to other fields also.
* Simpler HTTP envelope data extraction
* Test cookie extraction and make cookie presentment backwards compatible
Co-authored-by: Mickaël Schoentgen <contact@tiger-222.fr>
Co-authored-by: Jakub Roztocil <jakub@roztocil.co>
* Add --raw to allow specifying the raw request body without extra processing
As an alternative to `stdin`.
Co-authored-by: Elena Lape <elapinskaite@gmail.com>
Co-authored-by: Jakub Roztocil <jakub@roztocil.co>
* Update README.rst
Co-authored-by: Jakub Roztocil <jakub@roztocil.co>
* Update README.rst
Co-authored-by: Jakub Roztocil <jakub@roztocil.co>
* Fix default HTTP method on empty data
Co-authored-by: Elena Lape <elapinskaite@gmail.com>
Co-authored-by: Jakub Roztocil <jakub@roztocil.co>