| Safe Haskell | None |
|---|---|
| Language | Haskell2010 |
Distribution.Client.Security.HTTP
Description
Implementation of HttpLib using cabal-install's own HttpTransport
Synopsis
- data HttpLib
- transportAdapter :: Verbosity -> IO HttpTransport -> HttpLib
Documentation
Abstraction over HTTP clients
This avoids insisting on a particular implementation (such as the HTTP package) and allows for other implementations (such as a conduit based one).
NOTE: Library-specific exceptions MUST be wrapped in SomeRemoteError.
transportAdapter :: Verbosity -> IO HttpTransport -> HttpLib Source #
Translate from hackage-security's HttpLib to cabal-install's HttpTransport
NOTE: The match between these two APIs is currently not perfect:
- We don't get any response headers back from the
HttpTransport, so we don't know if the server supports range requests. For now we optimistically assume that it does. - The
HttpTransportwants to know where to place the resulting file, whereas theHttpLibexpects anIOaction which streams the download; the security library then makes sure that the file gets written to a location which is suitable (in particular, to a temporary file in the directory where the file needs to end up, so that it can "finalize" the file simply by doingrenameFile). Right now we write the file to a temporary file in the system temp directory here and then read it again to pass it to the security library; this is a problem for two reasons: it is a source of inefficiency; and it means that the security library cannot insist on a minimum download rate (potential security attack). Fixing it however would require changing theHttpTransport.