mirror of
https://github.com/autc04/Retro68.git
synced 2024-12-12 11:29:30 +00:00
413 lines
10 KiB
Go
413 lines
10 KiB
Go
// Copyright 2010 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package http
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/json"
|
|
"fmt"
|
|
"log"
|
|
"os"
|
|
"reflect"
|
|
"strings"
|
|
"testing"
|
|
"time"
|
|
)
|
|
|
|
var writeSetCookiesTests = []struct {
|
|
Cookie *Cookie
|
|
Raw string
|
|
}{
|
|
{
|
|
&Cookie{Name: "cookie-1", Value: "v$1"},
|
|
"cookie-1=v$1",
|
|
},
|
|
{
|
|
&Cookie{Name: "cookie-2", Value: "two", MaxAge: 3600},
|
|
"cookie-2=two; Max-Age=3600",
|
|
},
|
|
{
|
|
&Cookie{Name: "cookie-3", Value: "three", Domain: ".example.com"},
|
|
"cookie-3=three; Domain=example.com",
|
|
},
|
|
{
|
|
&Cookie{Name: "cookie-4", Value: "four", Path: "/restricted/"},
|
|
"cookie-4=four; Path=/restricted/",
|
|
},
|
|
{
|
|
&Cookie{Name: "cookie-5", Value: "five", Domain: "wrong;bad.abc"},
|
|
"cookie-5=five",
|
|
},
|
|
{
|
|
&Cookie{Name: "cookie-6", Value: "six", Domain: "bad-.abc"},
|
|
"cookie-6=six",
|
|
},
|
|
{
|
|
&Cookie{Name: "cookie-7", Value: "seven", Domain: "127.0.0.1"},
|
|
"cookie-7=seven; Domain=127.0.0.1",
|
|
},
|
|
{
|
|
&Cookie{Name: "cookie-8", Value: "eight", Domain: "::1"},
|
|
"cookie-8=eight",
|
|
},
|
|
// The "special" cookies have values containing commas or spaces which
|
|
// are disallowed by RFC 6265 but are common in the wild.
|
|
{
|
|
&Cookie{Name: "special-1", Value: "a z"},
|
|
`special-1=a z`,
|
|
},
|
|
{
|
|
&Cookie{Name: "special-2", Value: " z"},
|
|
`special-2=" z"`,
|
|
},
|
|
{
|
|
&Cookie{Name: "special-3", Value: "a "},
|
|
`special-3="a "`,
|
|
},
|
|
{
|
|
&Cookie{Name: "special-4", Value: " "},
|
|
`special-4=" "`,
|
|
},
|
|
{
|
|
&Cookie{Name: "special-5", Value: "a,z"},
|
|
`special-5=a,z`,
|
|
},
|
|
{
|
|
&Cookie{Name: "special-6", Value: ",z"},
|
|
`special-6=",z"`,
|
|
},
|
|
{
|
|
&Cookie{Name: "special-7", Value: "a,"},
|
|
`special-7="a,"`,
|
|
},
|
|
{
|
|
&Cookie{Name: "special-8", Value: ","},
|
|
`special-8=","`,
|
|
},
|
|
{
|
|
&Cookie{Name: "empty-value", Value: ""},
|
|
`empty-value=`,
|
|
},
|
|
}
|
|
|
|
func TestWriteSetCookies(t *testing.T) {
|
|
defer log.SetOutput(os.Stderr)
|
|
var logbuf bytes.Buffer
|
|
log.SetOutput(&logbuf)
|
|
|
|
for i, tt := range writeSetCookiesTests {
|
|
if g, e := tt.Cookie.String(), tt.Raw; g != e {
|
|
t.Errorf("Test %d, expecting:\n%s\nGot:\n%s\n", i, e, g)
|
|
continue
|
|
}
|
|
}
|
|
|
|
if got, sub := logbuf.String(), "dropping domain attribute"; !strings.Contains(got, sub) {
|
|
t.Errorf("Expected substring %q in log output. Got:\n%s", sub, got)
|
|
}
|
|
}
|
|
|
|
type headerOnlyResponseWriter Header
|
|
|
|
func (ho headerOnlyResponseWriter) Header() Header {
|
|
return Header(ho)
|
|
}
|
|
|
|
func (ho headerOnlyResponseWriter) Write([]byte) (int, error) {
|
|
panic("NOIMPL")
|
|
}
|
|
|
|
func (ho headerOnlyResponseWriter) WriteHeader(int) {
|
|
panic("NOIMPL")
|
|
}
|
|
|
|
func TestSetCookie(t *testing.T) {
|
|
m := make(Header)
|
|
SetCookie(headerOnlyResponseWriter(m), &Cookie{Name: "cookie-1", Value: "one", Path: "/restricted/"})
|
|
SetCookie(headerOnlyResponseWriter(m), &Cookie{Name: "cookie-2", Value: "two", MaxAge: 3600})
|
|
if l := len(m["Set-Cookie"]); l != 2 {
|
|
t.Fatalf("expected %d cookies, got %d", 2, l)
|
|
}
|
|
if g, e := m["Set-Cookie"][0], "cookie-1=one; Path=/restricted/"; g != e {
|
|
t.Errorf("cookie #1: want %q, got %q", e, g)
|
|
}
|
|
if g, e := m["Set-Cookie"][1], "cookie-2=two; Max-Age=3600"; g != e {
|
|
t.Errorf("cookie #2: want %q, got %q", e, g)
|
|
}
|
|
}
|
|
|
|
var addCookieTests = []struct {
|
|
Cookies []*Cookie
|
|
Raw string
|
|
}{
|
|
{
|
|
[]*Cookie{},
|
|
"",
|
|
},
|
|
{
|
|
[]*Cookie{{Name: "cookie-1", Value: "v$1"}},
|
|
"cookie-1=v$1",
|
|
},
|
|
{
|
|
[]*Cookie{
|
|
{Name: "cookie-1", Value: "v$1"},
|
|
{Name: "cookie-2", Value: "v$2"},
|
|
{Name: "cookie-3", Value: "v$3"},
|
|
},
|
|
"cookie-1=v$1; cookie-2=v$2; cookie-3=v$3",
|
|
},
|
|
}
|
|
|
|
func TestAddCookie(t *testing.T) {
|
|
for i, tt := range addCookieTests {
|
|
req, _ := NewRequest("GET", "http://example.com/", nil)
|
|
for _, c := range tt.Cookies {
|
|
req.AddCookie(c)
|
|
}
|
|
if g := req.Header.Get("Cookie"); g != tt.Raw {
|
|
t.Errorf("Test %d:\nwant: %s\n got: %s\n", i, tt.Raw, g)
|
|
continue
|
|
}
|
|
}
|
|
}
|
|
|
|
var readSetCookiesTests = []struct {
|
|
Header Header
|
|
Cookies []*Cookie
|
|
}{
|
|
{
|
|
Header{"Set-Cookie": {"Cookie-1=v$1"}},
|
|
[]*Cookie{{Name: "Cookie-1", Value: "v$1", Raw: "Cookie-1=v$1"}},
|
|
},
|
|
{
|
|
Header{"Set-Cookie": {"NID=99=YsDT5i3E-CXax-; expires=Wed, 23-Nov-2011 01:05:03 GMT; path=/; domain=.google.ch; HttpOnly"}},
|
|
[]*Cookie{{
|
|
Name: "NID",
|
|
Value: "99=YsDT5i3E-CXax-",
|
|
Path: "/",
|
|
Domain: ".google.ch",
|
|
HttpOnly: true,
|
|
Expires: time.Date(2011, 11, 23, 1, 5, 3, 0, time.UTC),
|
|
RawExpires: "Wed, 23-Nov-2011 01:05:03 GMT",
|
|
Raw: "NID=99=YsDT5i3E-CXax-; expires=Wed, 23-Nov-2011 01:05:03 GMT; path=/; domain=.google.ch; HttpOnly",
|
|
}},
|
|
},
|
|
{
|
|
Header{"Set-Cookie": {".ASPXAUTH=7E3AA; expires=Wed, 07-Mar-2012 14:25:06 GMT; path=/; HttpOnly"}},
|
|
[]*Cookie{{
|
|
Name: ".ASPXAUTH",
|
|
Value: "7E3AA",
|
|
Path: "/",
|
|
Expires: time.Date(2012, 3, 7, 14, 25, 6, 0, time.UTC),
|
|
RawExpires: "Wed, 07-Mar-2012 14:25:06 GMT",
|
|
HttpOnly: true,
|
|
Raw: ".ASPXAUTH=7E3AA; expires=Wed, 07-Mar-2012 14:25:06 GMT; path=/; HttpOnly",
|
|
}},
|
|
},
|
|
{
|
|
Header{"Set-Cookie": {"ASP.NET_SessionId=foo; path=/; HttpOnly"}},
|
|
[]*Cookie{{
|
|
Name: "ASP.NET_SessionId",
|
|
Value: "foo",
|
|
Path: "/",
|
|
HttpOnly: true,
|
|
Raw: "ASP.NET_SessionId=foo; path=/; HttpOnly",
|
|
}},
|
|
},
|
|
// Make sure we can properly read back the Set-Cookie headers we create
|
|
// for values containing spaces or commas:
|
|
{
|
|
Header{"Set-Cookie": {`special-1=a z`}},
|
|
[]*Cookie{{Name: "special-1", Value: "a z", Raw: `special-1=a z`}},
|
|
},
|
|
{
|
|
Header{"Set-Cookie": {`special-2=" z"`}},
|
|
[]*Cookie{{Name: "special-2", Value: " z", Raw: `special-2=" z"`}},
|
|
},
|
|
{
|
|
Header{"Set-Cookie": {`special-3="a "`}},
|
|
[]*Cookie{{Name: "special-3", Value: "a ", Raw: `special-3="a "`}},
|
|
},
|
|
{
|
|
Header{"Set-Cookie": {`special-4=" "`}},
|
|
[]*Cookie{{Name: "special-4", Value: " ", Raw: `special-4=" "`}},
|
|
},
|
|
{
|
|
Header{"Set-Cookie": {`special-5=a,z`}},
|
|
[]*Cookie{{Name: "special-5", Value: "a,z", Raw: `special-5=a,z`}},
|
|
},
|
|
{
|
|
Header{"Set-Cookie": {`special-6=",z"`}},
|
|
[]*Cookie{{Name: "special-6", Value: ",z", Raw: `special-6=",z"`}},
|
|
},
|
|
{
|
|
Header{"Set-Cookie": {`special-7=a,`}},
|
|
[]*Cookie{{Name: "special-7", Value: "a,", Raw: `special-7=a,`}},
|
|
},
|
|
{
|
|
Header{"Set-Cookie": {`special-8=","`}},
|
|
[]*Cookie{{Name: "special-8", Value: ",", Raw: `special-8=","`}},
|
|
},
|
|
|
|
// TODO(bradfitz): users have reported seeing this in the
|
|
// wild, but do browsers handle it? RFC 6265 just says "don't
|
|
// do that" (section 3) and then never mentions header folding
|
|
// again.
|
|
// Header{"Set-Cookie": {"ASP.NET_SessionId=foo; path=/; HttpOnly, .ASPXAUTH=7E3AA; expires=Wed, 07-Mar-2012 14:25:06 GMT; path=/; HttpOnly"}},
|
|
}
|
|
|
|
func toJSON(v interface{}) string {
|
|
b, err := json.Marshal(v)
|
|
if err != nil {
|
|
return fmt.Sprintf("%#v", v)
|
|
}
|
|
return string(b)
|
|
}
|
|
|
|
func TestReadSetCookies(t *testing.T) {
|
|
for i, tt := range readSetCookiesTests {
|
|
for n := 0; n < 2; n++ { // to verify readSetCookies doesn't mutate its input
|
|
c := readSetCookies(tt.Header)
|
|
if !reflect.DeepEqual(c, tt.Cookies) {
|
|
t.Errorf("#%d readSetCookies: have\n%s\nwant\n%s\n", i, toJSON(c), toJSON(tt.Cookies))
|
|
continue
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
var readCookiesTests = []struct {
|
|
Header Header
|
|
Filter string
|
|
Cookies []*Cookie
|
|
}{
|
|
{
|
|
Header{"Cookie": {"Cookie-1=v$1", "c2=v2"}},
|
|
"",
|
|
[]*Cookie{
|
|
{Name: "Cookie-1", Value: "v$1"},
|
|
{Name: "c2", Value: "v2"},
|
|
},
|
|
},
|
|
{
|
|
Header{"Cookie": {"Cookie-1=v$1", "c2=v2"}},
|
|
"c2",
|
|
[]*Cookie{
|
|
{Name: "c2", Value: "v2"},
|
|
},
|
|
},
|
|
{
|
|
Header{"Cookie": {"Cookie-1=v$1; c2=v2"}},
|
|
"",
|
|
[]*Cookie{
|
|
{Name: "Cookie-1", Value: "v$1"},
|
|
{Name: "c2", Value: "v2"},
|
|
},
|
|
},
|
|
{
|
|
Header{"Cookie": {"Cookie-1=v$1; c2=v2"}},
|
|
"c2",
|
|
[]*Cookie{
|
|
{Name: "c2", Value: "v2"},
|
|
},
|
|
},
|
|
{
|
|
Header{"Cookie": {`Cookie-1="v$1"; c2="v2"`}},
|
|
"",
|
|
[]*Cookie{
|
|
{Name: "Cookie-1", Value: "v$1"},
|
|
{Name: "c2", Value: "v2"},
|
|
},
|
|
},
|
|
}
|
|
|
|
func TestReadCookies(t *testing.T) {
|
|
for i, tt := range readCookiesTests {
|
|
for n := 0; n < 2; n++ { // to verify readCookies doesn't mutate its input
|
|
c := readCookies(tt.Header, tt.Filter)
|
|
if !reflect.DeepEqual(c, tt.Cookies) {
|
|
t.Errorf("#%d readCookies:\nhave: %s\nwant: %s\n", i, toJSON(c), toJSON(tt.Cookies))
|
|
continue
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestSetCookieDoubleQuotes(t *testing.T) {
|
|
res := &Response{Header: Header{}}
|
|
res.Header.Add("Set-Cookie", `quoted0=none; max-age=30`)
|
|
res.Header.Add("Set-Cookie", `quoted1="cookieValue"; max-age=31`)
|
|
res.Header.Add("Set-Cookie", `quoted2=cookieAV; max-age="32"`)
|
|
res.Header.Add("Set-Cookie", `quoted3="both"; max-age="33"`)
|
|
got := res.Cookies()
|
|
want := []*Cookie{
|
|
{Name: "quoted0", Value: "none", MaxAge: 30},
|
|
{Name: "quoted1", Value: "cookieValue", MaxAge: 31},
|
|
{Name: "quoted2", Value: "cookieAV"},
|
|
{Name: "quoted3", Value: "both"},
|
|
}
|
|
if len(got) != len(want) {
|
|
t.Fatal("got %d cookies, want %d", len(got), len(want))
|
|
}
|
|
for i, w := range want {
|
|
g := got[i]
|
|
if g.Name != w.Name || g.Value != w.Value || g.MaxAge != w.MaxAge {
|
|
t.Errorf("cookie #%d:\ngot %v\nwant %v", i, g, w)
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestCookieSanitizeValue(t *testing.T) {
|
|
defer log.SetOutput(os.Stderr)
|
|
var logbuf bytes.Buffer
|
|
log.SetOutput(&logbuf)
|
|
|
|
tests := []struct {
|
|
in, want string
|
|
}{
|
|
{"foo", "foo"},
|
|
{"foo;bar", "foobar"},
|
|
{"foo\\bar", "foobar"},
|
|
{"foo\"bar", "foobar"},
|
|
{"\x00\x7e\x7f\x80", "\x7e"},
|
|
{`"withquotes"`, "withquotes"},
|
|
{"a z", "a z"},
|
|
{" z", `" z"`},
|
|
{"a ", `"a "`},
|
|
}
|
|
for _, tt := range tests {
|
|
if got := sanitizeCookieValue(tt.in); got != tt.want {
|
|
t.Errorf("sanitizeCookieValue(%q) = %q; want %q", tt.in, got, tt.want)
|
|
}
|
|
}
|
|
|
|
if got, sub := logbuf.String(), "dropping invalid bytes"; !strings.Contains(got, sub) {
|
|
t.Errorf("Expected substring %q in log output. Got:\n%s", sub, got)
|
|
}
|
|
}
|
|
|
|
func TestCookieSanitizePath(t *testing.T) {
|
|
defer log.SetOutput(os.Stderr)
|
|
var logbuf bytes.Buffer
|
|
log.SetOutput(&logbuf)
|
|
|
|
tests := []struct {
|
|
in, want string
|
|
}{
|
|
{"/path", "/path"},
|
|
{"/path with space/", "/path with space/"},
|
|
{"/just;no;semicolon\x00orstuff/", "/justnosemicolonorstuff/"},
|
|
}
|
|
for _, tt := range tests {
|
|
if got := sanitizeCookiePath(tt.in); got != tt.want {
|
|
t.Errorf("sanitizeCookiePath(%q) = %q; want %q", tt.in, got, tt.want)
|
|
}
|
|
}
|
|
|
|
if got, sub := logbuf.String(), "dropping invalid bytes"; !strings.Contains(got, sub) {
|
|
t.Errorf("Expected substring %q in log output. Got:\n%s", sub, got)
|
|
}
|
|
}
|