Ticket #156 (closed defect: fixed)

Opened 2 months ago

Last modified 1 month ago

ruby-openid gem doesn't enforce a timeout on Net::HTTP connection

Reported by: http://techno-weenie.net/ Assigned to:
Priority: major Milestone:
Keywords: Cc: technoweenie@gmail.com
Project: ruby-openid OpenID Protocol:
Series: Web Browser:

Description

A firewall issue on my server revealed a problem with the OpenID::StandardFetcher?. I'd like to add a nicer timeout to the Net::HTTP connections, with an optional method to configure them. Here's my suggestion: 

module OpenID
  # default timeout that the ruby-yadis lib uses
  @@timeout_threshold = 20

  def timeout_threshold
    @@timeout_threashold
  end

  def timeout_threshold=(value)
    @@timeout_threashold = value
  end

  class StandardFetcher
    def make_http(uri)
      http = @proxy.new(uri.host, uri.port)
      http.read_timeout = http.open_timeout = OpenID.timeout_threshold
      http
    end
  end
end

Let me know if this is kosher. I'd be happy to turn this into a full tested patch with any suggestions. Thanks.

Change History

04/21/08 20:35:48 changed by http://techno-weenie.net/

  • cc set to technoweenie@gmail.com.

04/21/08 21:21:32 changed by http://techno-weenie.net/

I've fixed the rails plugin with the snippet from above (minus spelling errors)

http://github.com/technoweenie/open_id_authentication/tree/master/lib/open_id_authentication/timeout_fixes.rb

05/20/08 14:00:05 changed by http://dag.myopenid.com/

  • status changed from new to closed.
  • resolution set to fixed.

The timeout in seconds is now an instance variable with an attr_accessor (fetcher.timeout) defaulting to 60.