Errata

The last two links with classes zoom_in and zoom_out have their link body exchanged. So the link with class "zoom_in" has the link text "Zoom out" and the link with class "zoom_out" has the link text "Zoom in"

so instead of
<a class="zoom_in" href="[...]">Zoom out</a>
<a class="zoom_out" href="[...]">Zoom in</a>

it should read
<a class="zoom_in" href="[...]">Zoom in</a>
<a class="zoom_out" href="[...]">Zoom out</a>

If you run that script against a site that does not return ' Last-Modified' or 'Etag' values, you get a nasty crash (I had the case with www.yahoo.com):

First request:
Status code: ["200", "OK"]
Representation size: 90776
Last-Modified:
Etag:
Second request:
G:/usr/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:1435:in `block in initialize_http_header': undefined method `strip' for nil:NilClass (NoMethodError)
...

The solution is to check for nil when constructung your hash, something like:

#!/usr/bin/ruby
# fetch-oreilly-conditional.rb

require 'rubygems'
require 'rest-open-uri'
uri = 'http://www.oreilly.org'

# Make an HTTP request and then describe the response.
def request(uri, *args)
begin
response = open(uri, *args)
rescue OpenURI::HTTPError => e
response = e.io
end

puts " Status code: #{response.status.inspect}"
puts " Representation size: #{response.size}"
last_modified = response.meta['last-modified']
etag = response.meta['etag']
puts " Last-Modified: #{last_modified}"
puts " Etag: #{etag}"
return last_modified, etag
end


puts "First request:"
last_modified, etag = request(uri)

puts "Second request:"
# Build the hash, making sure it has no nil values
hash = {}
unless last_modified.nil?
hash['If-Modified-Since'] = last_modified
end
unless etag.nil?
hash['If-None-Match'] = etag
end
# ended building the hash
request(uri, hash)

...and now we get:

First request:
Status code: ["200", "OK"]
Representation size: 90488
Last-Modified:
Etag:
Second request:
Status code: ["200", "OK"]
Representation size: 95456
Last-Modified:
Etag:

...instead of a crash.

Running that same script against a site with proper return of ' Last-Modified' and 'Etag' values (say www.w3.com), we get:

First request:
Status code: ["200", "OK"]
Representation size: 37614
Last-Modified: Wed, 20 Mar 2013 19:45:22 GMT
Etag: "92ee-4d860766a9880;89-3f26bd17a2f00"
Second request:
Status code: ["304", "Not Modified"]
Representation size: 0
Last-Modified:
Etag: "92ee-4d860766a9880;89-3f26bd17a2f00"

...as expected.

On Windows:

C:/RailsInstaller/Ruby1.9.3/lib/ruby/1.9.1/net/http.rb:799:in `connect': SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed (OpenSSL::SSL::SSLError)

I found that this is simply due to a lack of certificate authority in my Ruby installation.

To solve this, you need to download a cacert.pem for RailsInstaller. It is all very well explained in https://gist.github.com/867550.

Then the script in Example 2-4 did run just fine.

Varus
January 2013

The Yahoo web search example does not work. Yahoo has discontinued the accessed service. I'm surprised I didn't see it mentioned already.

I *think* there is an error in the signed_uri method.

The "expires" variable is carefully set but never
passed to the "signature" method (as the last argument)
where it can be passed thru to "canonical_string" to set the
Date: header. Yet on the next page (69) the need to override
the Date: header with the "expires" time is emphasized with
a direct reference to the code for "canonical_string"
in Example 3-18.

Either I missed something subtle or there's a mistake.

The authors use the term headers instead of header fields when refering to HTTP envelopes. I think they should stick to the RFC2616 terminology which is: a header is a block of header fields.

"This response has 11 headers"
SHOULD BE "...10 headers"

I receive an authentication failure:

Authentication fails.
:/InstantRails/ruby/lib/ruby/1.8/net/http.rb:567: warning: using default DH parameters.
C:/InstantRails/ruby/lib/ruby/1.8/net/http.rb:586:in `connect': certificate verify failed
(OpenSSL::SSL::SSLError)
from C:/InstantRails/ruby/lib/ruby/1.8/net/http.rb:586:in `connect'

(username and password is provided in lowercase without square brackets and with a space in between (no
comma))

Code: See http://ruby.about.com/od/tutorials/ss/delicious_tags_4.htm provides xml output
<?xml version='1.0' standalone='yes'?>
<tags>
<tag count="1" tag="for:adobe" />
<tag count="1" tag="rails" />
<tag count="1" tag="restful" />
<tag count="2" tag="ruby" />
<tag count="1" tag="rubyonrails" />
<tag count="1" tag="system:unfiled" />
</tags>
warning: peer certificate won't be verified in this SSL session

This code also provides post by changing to posts/recent as in the example of page 31.

You map the Amazon "Access Key ID" to @@public_key and the "Secret Access Key" to @@private key in your Authorized module.

The steps "4.) Expose a Subset of a Uniform Interface" and "5.) Design the Representations Accepted from
the Client" are not supposed to be introduced until Chapter 6 p.148 (and are not discussed in Chapter 5).

As a result later in Chapter 6 p148 the list is identical to p109 even though it is declared that two
steps have been added.

Given the established convention of including the zoom level on the portion of the URI containing the map
type, the caption for figure 5-1 on page 127 should be

/road.3/Earth/images/37.0,-95.png

instead of what is printed:

/road/Earth.3/images/37.0,-95.png

Given the established convention of including the zoom level on the portion of the URI containing the map
type, the URI in paragraph 3 on page 128 should be:

http://maps.example.com/road.8/Earth/images/37.0,-95.png

instead of what is printed:

http://maps.example.com/road/Earth.8/images/37.0,-95.png

Also, the zoom level should be 3 instead of 8 since this URI is meant to be referencing the example on the
previous page.

p.s. - In the body of the last error report I sent, I mentionded page 127 instead of the correct page for
the error 128.

To confirm and add to an existing report: the XHTML is poorly formed. For example, the opening <dd> tag is missing for the "maps" unnumbered list.

The "repeat" attribute on the input element (<input name="show" repeat="template") is astonishing to
people familiar with (X)HTML. It gets explained on page 136 after it's used again, but it should be
explained when first used.

The note explains the use of the "repeat" attribute on (X)HTML input elements. While it's true that this
is part of the nascent XHTML 5 specification, the documents in the book claim to be XHTML 1.1. Those that
use features introduced in XHTML 5 are not valid XHTML 1.1. The note makes it clear that this is a
convenient shorthand; it should also point out that the resulting documents are not useful in the real
world. (In fact, they should never be, as written; they'll need to be modified to use the XHTML 5 doc type
once it exists.)

I think "CGI::escape("password=#{password}") should be whatever the Ruby syntax is for "password="
concatenated with CGI::escape("#{password}"). The note that follows says that the password is form-
encoded, which is the correct behavior. If the equals sign is form-encoded, the server will see a name
that includes an encoded equals sign instead of a name=value pair.

'<input class="password"' -> '<input type="password"'
'<input class="submit"' -> '<input type="submit"'

ruby/ch7/service/config/routes.rb is missing in source archive RESTful_Web_Services_sample_code.zip

The "user_id_from_username" filter was not mentioned anywhere in the book.

This should be "must_specify_user".

The "<screen>" element appears to be a mistake. It's never closed, and I couldn't find any such element in
the Atom spec.

"index and show simply delegate to the show_bookmarks action" does not agree with the code. While index
calls show_bookmarks, show actually (and somewhat perversely) calls render_bookmarks.

The response to the second request has a different Etag than the first. Since the second response
indicates that the entity was not modified, shouldn't the tags be the same? In a testing with a few Web
sites, I found that the Etag in a 304 response always matched the Etag in the request.

The example wadl file for del.icio.us uses a mix of two different wadl specifications: 20061109 (https://
wadl.dev.java.net/wadl20061109.pdf) and 20060802 (https://wadl.dev.java.net/wadl20060802.pdf). The example
does not validate with either schema.

The application has the namespace for the earlier version, but the "header" value for param node's "style"
attribute is not defined in this version. It is used in example 9-10.

For the later revision, "header" is defined, but the "style" attribute is required for all params. The
param in example 9-12 would need a "style" attribute.