Mercurial > hg > nginx-tests
changeset 1823:1e1d0f3874b0
Tests: expect HTTP 400 on HTTP/2 header validation errors.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Fri, 10 Mar 2023 07:30:28 +0300 |
parents | de6aeda5c274 |
children | 5d3aee48ed8e |
files | h2_headers.t |
diffstat | 1 files changed, 20 insertions(+), 24 deletions(-) [+] |
line wrap: on
line diff
--- a/h2_headers.t Mon Feb 06 09:36:14 2023 -0800 +++ b/h2_headers.t Fri Mar 10 07:30:28 2023 +0300 @@ -23,7 +23,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/http http_v2 proxy rewrite/)->plan(107) +my $t = Test::Nginx->new()->has(qw/http http_v2 proxy rewrite/)->plan(103) ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -943,7 +943,7 @@ { name => ':path', value => '/proxy2/', mode => 1 }, { name => ':authority', value => 'localhost', mode => 1 }, { name => 'x-foo', value => "x-bar\r\nreferer:see-this", mode => 2 }]}); -$frames = $s->read(all => [{ type => 'RST_STREAM' }]); +$frames = $s->read(all => [{ sid => $sid, fin => 1 }]); # 10.3. Intermediary Encapsulation Attacks # An intermediary therefore cannot translate an HTTP/2 request or response @@ -952,15 +952,12 @@ ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; isnt($frame->{headers}->{'x-referer'}, 'see-this', 'newline in request header'); -# 8.1.2.6. Malformed Requests and Responses -# Malformed requests or responses that are detected MUST be treated -# as a stream error (Section 5.4.2) of type PROTOCOL_ERROR. +TODO: { +local $TODO = 'not yet' unless $t->has_version('1.23.4'); -($frame) = grep { $_->{type} eq "RST_STREAM" } @$frames; -is($frame->{sid}, $sid, 'newline in request header - RST_STREAM sid'); -is($frame->{length}, 4, 'newline in request header - RST_STREAM length'); -is($frame->{flags}, 0, 'newline in request header - RST_STREAM flags'); -is($frame->{code}, 1, 'newline in request header - RST_STREAM code'); +is($frame->{headers}->{':status'}, 400, 'newline in request header - bad request'); + +} # invalid header name as seen with underscore should not lead to ignoring rest @@ -977,7 +974,10 @@ ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; is($frame->{headers}->{'x-referer'}, 'see-this', 'after invalid header name'); -# other invalid header name characters as seen with ':' result in RST_STREAM +# other invalid header name characters as seen with ':' + +TODO: { +local $TODO = 'not yet' unless $t->has_version('1.23.4'); $s = Test::Nginx::HTTP2->new(); $sid = $s->new_stream({ headers => [ @@ -987,14 +987,10 @@ { name => ':authority', value => 'localhost', mode => 1 }, { name => 'x:foo', value => "x-bar", mode => 2 }, { name => 'referer', value => "see-this", mode => 1 }]}); -$frames = $s->read(all => [{ type => 'RST_STREAM' }]); +$frames = $s->read(all => [{ sid => $sid, fin => 1 }]); -($frame) = grep { $_->{type} eq "RST_STREAM" } @$frames; -is($frame->{sid}, $sid, 'colon in header name - RST_STREAM sid'); -is($frame->{code}, 1, 'colon in header name - RST_STREAM code'); - -TODO: { -local $TODO = 'not yet' unless $t->has_version('1.21.1'); +($frame) = grep { $_->{type} eq "HEADERS" } @$frames; +is($frame->{headers}->{':status'}, 400, 'colon in header name'); $s = Test::Nginx::HTTP2->new(); $sid = $s->new_stream({ headers => [ @@ -1003,10 +999,10 @@ { name => ':path', value => '/', mode => 0 }, { name => ':authority', value => 'localhost', mode => 1 }, { name => 'x foo', value => "bar", mode => 2 }]}); -$frames = $s->read(all => [{ type => 'RST_STREAM' }]); +$frames = $s->read(all => [{ sid => $sid, fin => 1 }]); -($frame) = grep { $_->{type} eq "RST_STREAM" } @$frames; -ok($frame, 'space in header name - RST_STREAM sid'); +($frame) = grep { $_->{type} eq "HEADERS" } @$frames; +is($frame->{headers}->{':status'}, 400, 'space in header name'); $s = Test::Nginx::HTTP2->new(); $sid = $s->new_stream({ headers => [ @@ -1015,10 +1011,10 @@ { name => ':path', value => '/', mode => 0 }, { name => ':authority', value => 'localhost', mode => 1 }, { name => "foo\x02", value => "bar", mode => 2 }]}); -$frames = $s->read(all => [{ type => 'RST_STREAM' }]); +$frames = $s->read(all => [{ sid => $sid, fin => 1 }]); -($frame) = grep { $_->{type} eq "RST_STREAM" } @$frames; -ok($frame, 'control in header name - RST_STREAM sid'); +($frame) = grep { $_->{type} eq "HEADERS" } @$frames; +is($frame->{headers}->{':status'}, 400, 'control in header name'); }