strategy#page_content: allow cURL to --fail-with-body
#16741
Conversation
since `curl_output` (introduced in Homebrew#15351) sets `show_output: true`, it doesn’t let it unless some form of --fail[...] is passed explicitly
|
This appears to work as expected with the proposed |
|
Thanks @samford! 😁 |
There was a problem hiding this comment.
I finished doing comparative runs across homebrew/core and homebrew/cask and this looks like a beneficial change overall. I'm happy to merge after we work out the comment language.
As you mentioned in the PR description, this allows a few checks to benefit from the user agent fallback logic and I saw that in a few checks. I didn't see any new failures that weren't already occurring without the --fail-with-body option.
The other difference was that livecheck surfaces a better error (from curl) in some cases where we were simply returning an Unable to get versions error before. The error from curl includes the HTTP response code, which gives us an immediate idea why the check is failing. Since --fail-with-body continues to return the body content like normal, we can benefit from the better error messages while maintaining livecheck's existing behavior.
The differences I observed are below. [Note that I was using a VPN and some of these checks only failed for that reason.]
homebrew/core
Fixed by change
acpica: needs a :browser user agent to work (Unable to get versions error before)
Same failure but better error
ansifilter: curl: (22) The requested URL returned error: 502
highlight: curl: (22) The requested URL returned error: 502
libsmi: curl: (22) The requested URL returned error: 403
homebrew/cask
Fixed by change
jt-bridge: needs a :browser user agent to work (555 response before, with "555 Security Incident Detected" in body HTML content)
outguess: needs a :browser user agent to work (403 (Forbidden) response before)
Same failure but better error
elasticwolf: curl: (22) The requested URL returned error: 404
fing-cli: curl: (22) The requested URL returned error: 404
firestorm: curl: (22) The requested URL returned error: 403
gamemaker: curl: (22) The requested URL returned error: 403
grids: curl: (22) The requested URL returned error: 403
opal-composer: curl: (22) The requested URL returned error: 403
preference-manager: curl: (22) The requested URL returned error: 403
@samford is working on the ability to specify custom UA (among other things) in livecheck blocks; "retrying" will cease to be relevant Co-authored-by: Sam Ford <1584702+samford@users.noreply.github.com>
|
Great! I’m glad I brought about something positive (however small 😂). Thanks for doing those long comparative runs across all of core and cask! xD |
|
Thanks @mavenor, great work here! |
|
@MikeMcQuaid my pleasure! Shout out to y'all for making Homebrew such a welcoming place for prospective contributors xD (and also for the mere existence of Homebrew lol) |
TL;DR
livecheckfor sites behind DDoS protection is broken. We need an error code from cURL for #11517 to work; #15351 seems to have broken that. This explicitly adds--fail-with-bodyto thePAGE_CONTENT_CURL_ARGSso thatstrategy#page_contentcalls return an error code, but sidestep potentially misguiding HTTP codes from… confused servers (see this part of @samford’s comment on #15437).Have you written new tests for your changes? Here's an example.No. Should I? 😅 (I’d need help coming up with them)brew stylewith your changes locally?brew typecheckwith your changes locally?brew testswith your changes locally?Huh?
livecheckfailing for some sites that are protected by e.g. Cloudflare, by having us try the URL again with a fake Safari-like UA string. ([:default, :browser].each do)strategy#page_contentandstrategy#page_headersused the (relatively) rawcurl_with_workaroundsfunction, and notcurl_output(introduced in Usecurl_headersandcurl_outputforLivecheckstrategies. #15351).curl_outputby default doesn’t pass--failunlike its incumbentcurl_with_workarounds: I’m guessing this is since--failomits printing any body received at all — I’m led to believe from the struck-out portion of @samford’s comments on Strategy: Pass --max-redirs to #curl_headers #15437 that this is undesirable for some servers, which may provide useful content despite a 400+ HTTP status code. (While the struck-out portion was, in fact, inapplicable topage_headers— which the PR is all about, it seems like it might have an impact onpage_content?)*strategy#page_headersdoesn’t face this issue at all, sincecurl_headersdoesn’t setshow_output, and in turn, the—-failflag is passed to cURL.--fail[...]means that 400+ error codes don’t trigger non-zero exit codes. Fromcurl(1),--fail-with-bodyallows cURL to exit with an error code, while still printing whatever body it received; the servers that don’t play nice that @samford spoke of should still be fetched from, whilelivecheckwill at least try again on error, which it doesn’t do right now.🧪?
I’ve tested this with
vitalsource-bookshelf(which brought me to it in the first place). On forcingverbose: truein thecurl_outputcall, I noticed that only a single cURL call was made, despite a 403:status.success?was returningtruewhen it shouldn’t! Unfortunately, I couldn’t test this elsewhere, as none of the original examples in #11517 hold good anymore; e.g.,camo-studio’s URL seems perfectly happy responding to cURL with Homebrew’s:defaultUA (e.g.Homebrew/4.2.9-92-gd0a3f09-dirty...),keycuedoesn’t seem to mind receiving no UA at all, and the other two casks were removed.I also ran
grep -r ':fake' <cask-tap>and tried a few random samples, but everything I tried fell under the above two categories. TL;DR I’m unsure how to properly test this out 🥲*If that isn’t the case, we could probably consider simply adding
--failI feel silly, like I’m literally making a huge deal of a single line of code, so if you’ve reached here, thanks for bearing with my rant xD. I want to help, not be a burden, so I did as much digging as I could to compensate for me being new and my lack of Ruby skill. I hope this is, indeed, helpful like I intended it to be