motion/http.rb in bubble-wrap-1.1.4 vs motion/http.rb in bubble-wrap-1.1.5

@@ -98,10 +98,11 @@
         @credentials = {:username => '', :password => ''}.merge(@credentials)
         @timeout = options.delete(:timeout) || 30.0
         @headers = escape_line_feeds(options.delete :headers)
         @format = options.delete(:format)
         @cache_policy = options.delete(:cache_policy) || NSURLRequestUseProtocolCachePolicy
+        @credential_persistence = options.delete(:credential_persistence) || NSURLCredentialPersistenceForSession
         @options = options
         @response = HTTP::Response.new
 
         @url = create_url(url_string)
         @body = create_request_body
@@ -173,13 +174,18 @@
         call_delegator_with_response
       end
 
       def connection(connection, didReceiveAuthenticationChallenge:challenge)
         if (challenge.previousFailureCount == 0)
-          new_credential = NSURLCredential.credentialWithUser(credentials[:username], password:credentials[:password], persistence:NSURLCredentialPersistenceForSession)
-          challenge.sender.useCredential(new_credential, forAuthenticationChallenge:challenge)
-          log "auth challenged, answered with credentials: #{credentials.inspect}"
+          if credentials[:username].to_s.empty? && credentials[:password].to_s.empty?
+            challenge.sender.continueWithoutCredentialForAuthenticationChallenge(challenge)
+            log 'Continue without credentials to get 401 status in response'
+          else
+            new_credential = NSURLCredential.credentialWithUser(credentials[:username], password:credentials[:password], persistence:@credential_persistence)
+            challenge.sender.useCredential(new_credential, forAuthenticationChallenge:challenge)
+            log "auth challenged, answered with credentials: #{credentials.inspect}"
+          end
         else
           challenge.sender.cancelAuthenticationChallenge(challenge)
           log 'Auth Failed :('
         end
       end
@@ -284,15 +290,16 @@
       def append_body_boundary(body)
         body.appendData("--#{@boundary}--\r\n".dataUsingEncoding NSUTF8StringEncoding)
       end
 
       def create_url(url_string)
+        url_string = url_string.stringByAddingPercentEscapesUsingEncoding NSUTF8StringEncoding
         if (@method == "GET" || @method == "HEAD") && @payload
           convert_payload_to_url if @payload.is_a?(Hash)
           url_string += "?#{@payload}"
         end
-        url = NSURL.URLWithString(url_string.stringByAddingPercentEscapesUsingEncoding NSUTF8StringEncoding)
+        url = NSURL.URLWithString(url_string)
 
         validate_url(url)
         url
       end
 
@@ -300,12 +307,18 @@
         if !NSURLConnection.canHandleRequest(NSURLRequest.requestWithURL(url))
           raise InvalidURLError, "Invalid URL provided (Make sure you include a valid URL scheme, e.g. http:// or similar)."
         end
       end
 
+      def escape(string)
+        if string
+          CFURLCreateStringByAddingPercentEscapes nil, string.to_s, "[]", ";=&,", KCFStringEncodingUTF8
+        end
+      end
+
       def convert_payload_to_url
         params_array = process_payload_hash(@payload)
-        params_array.map! { |key, value| "#{key}=#{value}" }
+        params_array.map! { |key, value| "#{escape key}=#{escape value}" }
         @payload = params_array.join("&")
       end
 
       def process_payload_hash(payload, prefix=nil)
         list = []