diff options
Diffstat (limited to 'Lib/test/test_httpservers.py')
-rw-r--r-- | Lib/test/test_httpservers.py | 97 |
1 files changed, 9 insertions, 88 deletions
diff --git a/Lib/test/test_httpservers.py b/Lib/test/test_httpservers.py index d5a79ef..cc9b93c 100644 --- a/Lib/test/test_httpservers.py +++ b/Lib/test/test_httpservers.py @@ -31,7 +31,7 @@ class NoLogRequestHandler: # don't write log messages to stderr pass -class SocketlessRequestHandler(BaseHTTPRequestHandler): +class SocketlessRequestHandler(SimpleHTTPRequestHandler): def __init__(self): self.get_called = False self.protocol_version = "HTTP/1.1" @@ -41,13 +41,12 @@ class SocketlessRequestHandler(BaseHTTPRequestHandler): self.send_response(200) self.send_header('Content-Type', 'text/html') self.end_headers() - self.wfile.write('<html><body>Data</body></html>\r\n') + self.wfile.write(b'<html><body>Data</body></html>\r\n') def log_message(self, format, *args): pass - class TestServerThread(threading.Thread): def __init__(self, test_object, request_handler): threading.Thread.__init__(self) @@ -144,6 +143,13 @@ class BaseHTTPRequestHandlerTestCase(unittest.TestCase): self.verify_get_called() self.assertEqual(result[-1], '<html><body>Data</body></html>\r\n') + def test_request_length(self): + # Issue #10714: huge request lines are discarded, to avoid Denial + # of Service attacks. + result = self.send_typical_request(b'GET ' + b'x' * 65537) + self.assertEqual(result[0], b'HTTP/1.1 414 Request-URI Too Long\r\n') + self.assertFalse(self.handler.get_called) + class BaseHTTPServerTestCase(BaseTestCase): class request_handler(NoLogRequestHandler, BaseHTTPRequestHandler): @@ -485,91 +491,6 @@ class CGIHTTPServerTestCase(BaseTestCase): self.assertEqual(os.environ['SERVER_SOFTWARE'], signature) -class SocketlessRequestHandler(SimpleHTTPRequestHandler): - def __init__(self): - self.get_called = False - self.protocol_version = "HTTP/1.1" - - def do_GET(self): - self.get_called = True - self.send_response(200) - self.send_header('Content-Type', 'text/html') - self.end_headers() - self.wfile.write(b'<html><body>Data</body></html>\r\n') - - def log_message(self, format, *args): - pass - -class RejectingSocketlessRequestHandler(SocketlessRequestHandler): - def handle_expect_100(self): - self.send_error(417) - return False - -class BaseHTTPRequestHandlerTestCase(unittest.TestCase): - """Test the functionaility of the BaseHTTPServer. - - Test the support for the Expect 100-continue header. - """ - - HTTPResponseMatch = re.compile(b'HTTP/1.[0-9]+ 200 OK') - - def setUp (self): - self.handler = SocketlessRequestHandler() - - def send_typical_request(self, message): - input = StringIO(message) - output = StringIO() - self.handler.rfile = input - self.handler.wfile = output - self.handler.handle_one_request() - output.seek(0) - return output.readlines() - - def verify_get_called(self): - self.assertTrue(self.handler.get_called) - - def verify_expected_headers(self, headers): - for fieldName in b'Server: ', b'Date: ', b'Content-Type: ': - self.assertEqual(sum(h.startswith(fieldName) for h in headers), 1) - - def verify_http_server_response(self, response): - match = self.HTTPResponseMatch.search(response) - self.assertTrue(match is not None) - - def test_http_1_1(self): - result = self.send_typical_request(b'GET / HTTP/1.1\r\n\r\n') - self.verify_http_server_response(result[0]) - self.verify_expected_headers(result[1:-1]) - self.verify_get_called() - self.assertEqual(result[-1], b'<html><body>Data</body></html>\r\n') - - def test_http_1_0(self): - result = self.send_typical_request(b'GET / HTTP/1.0\r\n\r\n') - self.verify_http_server_response(result[0]) - self.verify_expected_headers(result[1:-1]) - self.verify_get_called() - self.assertEqual(result[-1], b'<html><body>Data</body></html>\r\n') - - def test_http_0_9(self): - result = self.send_typical_request(b'GET / HTTP/0.9\r\n\r\n') - self.assertEqual(len(result), 1) - self.assertEqual(result[0], b'<html><body>Data</body></html>\r\n') - self.verify_get_called() - - def test_with_continue_1_0(self): - result = self.send_typical_request(b'GET / HTTP/1.0\r\nExpect: 100-continue\r\n\r\n') - self.verify_http_server_response(result[0]) - self.verify_expected_headers(result[1:-1]) - self.verify_get_called() - self.assertEqual(result[-1], b'<html><body>Data</body></html>\r\n') - - def test_request_length(self): - # Issue #10714: huge request lines are discarded, to avoid Denial - # of Service attacks. - result = self.send_typical_request(b'GET ' + b'x' * 65537) - self.assertEqual(result[0], b'HTTP/1.1 414 Request-URI Too Long\r\n') - self.assertFalse(self.handler.get_called) - class SimpleHTTPRequestHandlerTestCase(unittest.TestCase): """ Test url parsing """ def setUp(self): |