11596Szelenkov@nginx.comimport pytest 21019Szelenkov@nginx.comfrom unit.applications.lang.python import TestApplicationPython 3578Szelenkov@nginx.com 41017Szelenkov@nginx.com 51019Szelenkov@nginx.comclass TestHTTPHeader(TestApplicationPython): 61467Szelenkov@nginx.com prerequisites = {'modules': {'python': 'any'}} 7578Szelenkov@nginx.com 8578Szelenkov@nginx.com def test_http_header_value_leading_sp(self): 9578Szelenkov@nginx.com self.load('custom_header') 10578Szelenkov@nginx.com 111017Szelenkov@nginx.com resp = self.get( 121017Szelenkov@nginx.com headers={ 131017Szelenkov@nginx.com 'Host': 'localhost', 141017Szelenkov@nginx.com 'Custom-Header': ' ,', 151017Szelenkov@nginx.com 'Connection': 'close', 161017Szelenkov@nginx.com } 171017Szelenkov@nginx.com ) 18578Szelenkov@nginx.com 191596Szelenkov@nginx.com assert resp['status'] == 200, 'value leading sp status' 201596Szelenkov@nginx.com assert ( 211596Szelenkov@nginx.com resp['headers']['Custom-Header'] == ',' 221596Szelenkov@nginx.com ), 'value leading sp custom header' 23578Szelenkov@nginx.com 24578Szelenkov@nginx.com def test_http_header_value_leading_htab(self): 25578Szelenkov@nginx.com self.load('custom_header') 26578Szelenkov@nginx.com 271017Szelenkov@nginx.com resp = self.get( 281017Szelenkov@nginx.com headers={ 291017Szelenkov@nginx.com 'Host': 'localhost', 301017Szelenkov@nginx.com 'Custom-Header': '\t,', 311017Szelenkov@nginx.com 'Connection': 'close', 321017Szelenkov@nginx.com } 331017Szelenkov@nginx.com ) 34578Szelenkov@nginx.com 351596Szelenkov@nginx.com assert resp['status'] == 200, 'value leading htab status' 361596Szelenkov@nginx.com assert ( 371596Szelenkov@nginx.com resp['headers']['Custom-Header'] == ',' 381596Szelenkov@nginx.com ), 'value leading htab custom header' 39578Szelenkov@nginx.com 40578Szelenkov@nginx.com def test_http_header_value_trailing_sp(self): 41578Szelenkov@nginx.com self.load('custom_header') 42578Szelenkov@nginx.com 431017Szelenkov@nginx.com resp = self.get( 441017Szelenkov@nginx.com headers={ 451017Szelenkov@nginx.com 'Host': 'localhost', 461017Szelenkov@nginx.com 'Custom-Header': ', ', 471017Szelenkov@nginx.com 'Connection': 'close', 481017Szelenkov@nginx.com } 491017Szelenkov@nginx.com ) 50578Szelenkov@nginx.com 511596Szelenkov@nginx.com assert resp['status'] == 200, 'value trailing sp status' 521596Szelenkov@nginx.com assert ( 531596Szelenkov@nginx.com resp['headers']['Custom-Header'] == ',' 541596Szelenkov@nginx.com ), 'value trailing sp custom header' 55578Szelenkov@nginx.com 56578Szelenkov@nginx.com def test_http_header_value_trailing_htab(self): 57578Szelenkov@nginx.com self.load('custom_header') 58578Szelenkov@nginx.com 591017Szelenkov@nginx.com resp = self.get( 601017Szelenkov@nginx.com headers={ 611017Szelenkov@nginx.com 'Host': 'localhost', 621017Szelenkov@nginx.com 'Custom-Header': ',\t', 631017Szelenkov@nginx.com 'Connection': 'close', 641017Szelenkov@nginx.com } 651017Szelenkov@nginx.com ) 66578Szelenkov@nginx.com 671596Szelenkov@nginx.com assert resp['status'] == 200, 'value trailing htab status' 681596Szelenkov@nginx.com assert ( 691596Szelenkov@nginx.com resp['headers']['Custom-Header'] == ',' 701596Szelenkov@nginx.com ), 'value trailing htab custom header' 71578Szelenkov@nginx.com 72578Szelenkov@nginx.com def test_http_header_value_both_sp(self): 73578Szelenkov@nginx.com self.load('custom_header') 74578Szelenkov@nginx.com 751017Szelenkov@nginx.com resp = self.get( 761017Szelenkov@nginx.com headers={ 771017Szelenkov@nginx.com 'Host': 'localhost', 781017Szelenkov@nginx.com 'Custom-Header': ' , ', 791017Szelenkov@nginx.com 'Connection': 'close', 801017Szelenkov@nginx.com } 811017Szelenkov@nginx.com ) 82578Szelenkov@nginx.com 831596Szelenkov@nginx.com assert resp['status'] == 200, 'value both sp status' 841596Szelenkov@nginx.com assert ( 851596Szelenkov@nginx.com resp['headers']['Custom-Header'] == ',' 861596Szelenkov@nginx.com ), 'value both sp custom header' 87578Szelenkov@nginx.com 88578Szelenkov@nginx.com def test_http_header_value_both_htab(self): 89578Szelenkov@nginx.com self.load('custom_header') 90578Szelenkov@nginx.com 911017Szelenkov@nginx.com resp = self.get( 921017Szelenkov@nginx.com headers={ 931017Szelenkov@nginx.com 'Host': 'localhost', 941017Szelenkov@nginx.com 'Custom-Header': '\t,\t', 951017Szelenkov@nginx.com 'Connection': 'close', 961017Szelenkov@nginx.com } 971017Szelenkov@nginx.com ) 98578Szelenkov@nginx.com 991596Szelenkov@nginx.com assert resp['status'] == 200, 'value both htab status' 1001596Szelenkov@nginx.com assert ( 1011596Szelenkov@nginx.com resp['headers']['Custom-Header'] == ',' 1021596Szelenkov@nginx.com ), 'value both htab custom header' 103578Szelenkov@nginx.com 104578Szelenkov@nginx.com def test_http_header_value_chars(self): 105578Szelenkov@nginx.com self.load('custom_header') 106578Szelenkov@nginx.com 1071017Szelenkov@nginx.com resp = self.get( 1081017Szelenkov@nginx.com headers={ 1091017Szelenkov@nginx.com 'Host': 'localhost', 1101635Szelenkov@nginx.com 'Custom-Header': r'(),/:;<=>?@[\]{}\t !#$%&\'*+-.^_`|~', 1111017Szelenkov@nginx.com 'Connection': 'close', 1121017Szelenkov@nginx.com } 1131017Szelenkov@nginx.com ) 114578Szelenkov@nginx.com 1151596Szelenkov@nginx.com assert resp['status'] == 200, 'value chars status' 1161596Szelenkov@nginx.com assert ( 1171596Szelenkov@nginx.com resp['headers']['Custom-Header'] 1181635Szelenkov@nginx.com == r'(),/:;<=>?@[\]{}\t !#$%&\'*+-.^_`|~' 1191596Szelenkov@nginx.com ), 'value chars custom header' 120578Szelenkov@nginx.com 121720Szelenkov@nginx.com def test_http_header_value_chars_edge(self): 122720Szelenkov@nginx.com self.load('custom_header') 123720Szelenkov@nginx.com 1241017Szelenkov@nginx.com resp = self.http( 1251017Szelenkov@nginx.com b"""GET / HTTP/1.1 126738Szelenkov@nginx.comHost: localhost 127738Szelenkov@nginx.comCustom-Header: \x20\xFF 128738Szelenkov@nginx.comConnection: close 129738Szelenkov@nginx.com 1301017Szelenkov@nginx.com""", 1311017Szelenkov@nginx.com raw=True, 1321017Szelenkov@nginx.com encoding='latin1', 1331017Szelenkov@nginx.com ) 134720Szelenkov@nginx.com 1351596Szelenkov@nginx.com assert resp['status'] == 200, 'value chars edge status' 1361596Szelenkov@nginx.com assert resp['headers']['Custom-Header'] == '\xFF', 'value chars edge' 137720Szelenkov@nginx.com 138720Szelenkov@nginx.com def test_http_header_value_chars_below(self): 139720Szelenkov@nginx.com self.load('custom_header') 140720Szelenkov@nginx.com 1411017Szelenkov@nginx.com resp = self.http( 1421017Szelenkov@nginx.com b"""GET / HTTP/1.1 143738Szelenkov@nginx.comHost: localhost 144738Szelenkov@nginx.comCustom-Header: \x1F 145738Szelenkov@nginx.comConnection: close 146738Szelenkov@nginx.com 1471017Szelenkov@nginx.com""", 1481017Szelenkov@nginx.com raw=True, 1491017Szelenkov@nginx.com ) 150720Szelenkov@nginx.com 1511596Szelenkov@nginx.com assert resp['status'] == 400, 'value chars below' 152720Szelenkov@nginx.com 153578Szelenkov@nginx.com def test_http_header_field_leading_sp(self): 154578Szelenkov@nginx.com self.load('empty') 155578Szelenkov@nginx.com 1561718Szelenkov@nginx.com assert ( 1571718Szelenkov@nginx.com self.get( 1581718Szelenkov@nginx.com headers={ 1591718Szelenkov@nginx.com 'Host': 'localhost', 1601718Szelenkov@nginx.com ' Custom-Header': 'blah', 1611718Szelenkov@nginx.com 'Connection': 'close', 1621718Szelenkov@nginx.com } 1631718Szelenkov@nginx.com )['status'] 1641718Szelenkov@nginx.com == 400 1651718Szelenkov@nginx.com ), 'field leading sp' 166578Szelenkov@nginx.com 167578Szelenkov@nginx.com def test_http_header_field_leading_htab(self): 168578Szelenkov@nginx.com self.load('empty') 169578Szelenkov@nginx.com 1701718Szelenkov@nginx.com assert ( 1711718Szelenkov@nginx.com self.get( 1721718Szelenkov@nginx.com headers={ 1731718Szelenkov@nginx.com 'Host': 'localhost', 1741718Szelenkov@nginx.com '\tCustom-Header': 'blah', 1751718Szelenkov@nginx.com 'Connection': 'close', 1761718Szelenkov@nginx.com } 1771718Szelenkov@nginx.com )['status'] 1781718Szelenkov@nginx.com == 400 1791718Szelenkov@nginx.com ), 'field leading htab' 180578Szelenkov@nginx.com 181578Szelenkov@nginx.com def test_http_header_field_trailing_sp(self): 182578Szelenkov@nginx.com self.load('empty') 183578Szelenkov@nginx.com 1841718Szelenkov@nginx.com assert ( 1851718Szelenkov@nginx.com self.get( 1861718Szelenkov@nginx.com headers={ 1871718Szelenkov@nginx.com 'Host': 'localhost', 1881718Szelenkov@nginx.com 'Custom-Header ': 'blah', 1891718Szelenkov@nginx.com 'Connection': 'close', 1901718Szelenkov@nginx.com } 1911718Szelenkov@nginx.com )['status'] 1921718Szelenkov@nginx.com == 400 1931718Szelenkov@nginx.com ), 'field trailing sp' 194578Szelenkov@nginx.com 195578Szelenkov@nginx.com def test_http_header_field_trailing_htab(self): 196578Szelenkov@nginx.com self.load('empty') 197578Szelenkov@nginx.com 1981718Szelenkov@nginx.com assert ( 1991718Szelenkov@nginx.com self.get( 2001718Szelenkov@nginx.com headers={ 2011718Szelenkov@nginx.com 'Host': 'localhost', 2021718Szelenkov@nginx.com 'Custom-Header\t': 'blah', 2031718Szelenkov@nginx.com 'Connection': 'close', 2041718Szelenkov@nginx.com } 2051718Szelenkov@nginx.com )['status'] 2061718Szelenkov@nginx.com == 400 2071718Szelenkov@nginx.com ), 'field trailing htab' 208578Szelenkov@nginx.com 209936Szelenkov@nginx.com def test_http_header_content_length_big(self): 210936Szelenkov@nginx.com self.load('empty') 211936Szelenkov@nginx.com 2121596Szelenkov@nginx.com assert ( 2131017Szelenkov@nginx.com self.post( 2141017Szelenkov@nginx.com headers={ 2151017Szelenkov@nginx.com 'Host': 'localhost', 216*2073Szelenkov@nginx.com 'Content-Length': str(2**64), 2171017Szelenkov@nginx.com 'Connection': 'close', 2181017Szelenkov@nginx.com }, 2191017Szelenkov@nginx.com body='X' * 1000, 2201596Szelenkov@nginx.com )['status'] 2211596Szelenkov@nginx.com == 400 2221596Szelenkov@nginx.com ), 'Content-Length big' 223936Szelenkov@nginx.com 224936Szelenkov@nginx.com def test_http_header_content_length_negative(self): 225936Szelenkov@nginx.com self.load('empty') 226936Szelenkov@nginx.com 2271596Szelenkov@nginx.com assert ( 2281017Szelenkov@nginx.com self.post( 2291017Szelenkov@nginx.com headers={ 2301017Szelenkov@nginx.com 'Host': 'localhost', 2311017Szelenkov@nginx.com 'Content-Length': '-100', 2321017Szelenkov@nginx.com 'Connection': 'close', 2331017Szelenkov@nginx.com }, 2341017Szelenkov@nginx.com body='X' * 1000, 2351596Szelenkov@nginx.com )['status'] 2361596Szelenkov@nginx.com == 400 2371596Szelenkov@nginx.com ), 'Content-Length negative' 238936Szelenkov@nginx.com 239936Szelenkov@nginx.com def test_http_header_content_length_text(self): 240936Szelenkov@nginx.com self.load('empty') 241936Szelenkov@nginx.com 2421596Szelenkov@nginx.com assert ( 2431017Szelenkov@nginx.com self.post( 2441017Szelenkov@nginx.com headers={ 2451017Szelenkov@nginx.com 'Host': 'localhost', 2461017Szelenkov@nginx.com 'Content-Length': 'blah', 2471017Szelenkov@nginx.com 'Connection': 'close', 2481017Szelenkov@nginx.com }, 2491017Szelenkov@nginx.com body='X' * 1000, 2501596Szelenkov@nginx.com )['status'] 2511596Szelenkov@nginx.com == 400 2521596Szelenkov@nginx.com ), 'Content-Length text' 253936Szelenkov@nginx.com 254936Szelenkov@nginx.com def test_http_header_content_length_multiple_values(self): 255936Szelenkov@nginx.com self.load('empty') 256936Szelenkov@nginx.com 2571596Szelenkov@nginx.com assert ( 2581017Szelenkov@nginx.com self.post( 2591017Szelenkov@nginx.com headers={ 2601017Szelenkov@nginx.com 'Host': 'localhost', 2611017Szelenkov@nginx.com 'Content-Length': '41, 42', 2621017Szelenkov@nginx.com 'Connection': 'close', 2631017Szelenkov@nginx.com }, 2641017Szelenkov@nginx.com body='X' * 1000, 2651596Szelenkov@nginx.com )['status'] 2661596Szelenkov@nginx.com == 400 2671596Szelenkov@nginx.com ), 'Content-Length multiple value' 268936Szelenkov@nginx.com 269936Szelenkov@nginx.com def test_http_header_content_length_multiple_fields(self): 270936Szelenkov@nginx.com self.load('empty') 271936Szelenkov@nginx.com 2721596Szelenkov@nginx.com assert ( 2731017Szelenkov@nginx.com self.post( 2741017Szelenkov@nginx.com headers={ 2751017Szelenkov@nginx.com 'Host': 'localhost', 2761017Szelenkov@nginx.com 'Content-Length': ['41', '42'], 2771017Szelenkov@nginx.com 'Connection': 'close', 2781017Szelenkov@nginx.com }, 2791017Szelenkov@nginx.com body='X' * 1000, 2801596Szelenkov@nginx.com )['status'] 2811596Szelenkov@nginx.com == 400 2821596Szelenkov@nginx.com ), 'Content-Length multiple fields' 283936Szelenkov@nginx.com 2841596Szelenkov@nginx.com @pytest.mark.skip('not yet') 285973Szelenkov@nginx.com def test_http_header_host_absent(self): 286973Szelenkov@nginx.com self.load('host') 287973Szelenkov@nginx.com 288973Szelenkov@nginx.com resp = self.get(headers={'Connection': 'close'}) 289973Szelenkov@nginx.com 2901596Szelenkov@nginx.com assert resp['status'] == 400, 'Host absent status' 291973Szelenkov@nginx.com 292973Szelenkov@nginx.com def test_http_header_host_empty(self): 293973Szelenkov@nginx.com self.load('host') 294973Szelenkov@nginx.com 2951017Szelenkov@nginx.com resp = self.get(headers={'Host': '', 'Connection': 'close'}) 296973Szelenkov@nginx.com 2971596Szelenkov@nginx.com assert resp['status'] == 200, 'Host empty status' 2981596Szelenkov@nginx.com assert resp['headers']['X-Server-Name'] != '', 'Host empty SERVER_NAME' 299973Szelenkov@nginx.com 300973Szelenkov@nginx.com def test_http_header_host_big(self): 301973Szelenkov@nginx.com self.load('empty') 302973Szelenkov@nginx.com 3031596Szelenkov@nginx.com assert ( 3041017Szelenkov@nginx.com self.get(headers={'Host': 'X' * 10000, 'Connection': 'close'})[ 3051017Szelenkov@nginx.com 'status' 3061596Szelenkov@nginx.com ] 3071596Szelenkov@nginx.com == 431 3081596Szelenkov@nginx.com ), 'Host big' 309973Szelenkov@nginx.com 310973Szelenkov@nginx.com def test_http_header_host_port(self): 311973Szelenkov@nginx.com self.load('host') 312973Szelenkov@nginx.com 3131017Szelenkov@nginx.com resp = self.get( 3141017Szelenkov@nginx.com headers={'Host': 'exmaple.com:7080', 'Connection': 'close'} 3151017Szelenkov@nginx.com ) 316973Szelenkov@nginx.com 3171596Szelenkov@nginx.com assert resp['status'] == 200, 'Host port status' 3181596Szelenkov@nginx.com assert ( 3191596Szelenkov@nginx.com resp['headers']['X-Server-Name'] == 'exmaple.com' 3201596Szelenkov@nginx.com ), 'Host port SERVER_NAME' 3211596Szelenkov@nginx.com assert ( 3221596Szelenkov@nginx.com resp['headers']['X-Http-Host'] == 'exmaple.com:7080' 3231596Szelenkov@nginx.com ), 'Host port HTTP_HOST' 324973Szelenkov@nginx.com 325973Szelenkov@nginx.com def test_http_header_host_port_empty(self): 326973Szelenkov@nginx.com self.load('host') 327973Szelenkov@nginx.com 328*2073Szelenkov@nginx.com resp = self.get(headers={'Host': 'exmaple.com:', 'Connection': 'close'}) 329973Szelenkov@nginx.com 3301596Szelenkov@nginx.com assert resp['status'] == 200, 'Host port empty status' 3311596Szelenkov@nginx.com assert ( 3321596Szelenkov@nginx.com resp['headers']['X-Server-Name'] == 'exmaple.com' 3331596Szelenkov@nginx.com ), 'Host port empty SERVER_NAME' 3341596Szelenkov@nginx.com assert ( 3351596Szelenkov@nginx.com resp['headers']['X-Http-Host'] == 'exmaple.com:' 3361596Szelenkov@nginx.com ), 'Host port empty HTTP_HOST' 337973Szelenkov@nginx.com 338973Szelenkov@nginx.com def test_http_header_host_literal(self): 339973Szelenkov@nginx.com self.load('host') 340973Szelenkov@nginx.com 3411017Szelenkov@nginx.com resp = self.get(headers={'Host': '127.0.0.1', 'Connection': 'close'}) 342973Szelenkov@nginx.com 3431596Szelenkov@nginx.com assert resp['status'] == 200, 'Host literal status' 3441596Szelenkov@nginx.com assert ( 3451596Szelenkov@nginx.com resp['headers']['X-Server-Name'] == '127.0.0.1' 3461596Szelenkov@nginx.com ), 'Host literal SERVER_NAME' 347973Szelenkov@nginx.com 348973Szelenkov@nginx.com def test_http_header_host_literal_ipv6(self): 349973Szelenkov@nginx.com self.load('host') 350973Szelenkov@nginx.com 3511017Szelenkov@nginx.com resp = self.get(headers={'Host': '[::1]:7080', 'Connection': 'close'}) 352973Szelenkov@nginx.com 3531596Szelenkov@nginx.com assert resp['status'] == 200, 'Host literal ipv6 status' 3541596Szelenkov@nginx.com assert ( 3551596Szelenkov@nginx.com resp['headers']['X-Server-Name'] == '[::1]' 3561596Szelenkov@nginx.com ), 'Host literal ipv6 SERVER_NAME' 3571596Szelenkov@nginx.com assert ( 3581596Szelenkov@nginx.com resp['headers']['X-Http-Host'] == '[::1]:7080' 3591596Szelenkov@nginx.com ), 'Host literal ipv6 HTTP_HOST' 360973Szelenkov@nginx.com 361973Szelenkov@nginx.com def test_http_header_host_trailing_period(self): 362973Szelenkov@nginx.com self.load('host') 363973Szelenkov@nginx.com 3641017Szelenkov@nginx.com resp = self.get(headers={'Host': '127.0.0.1.', 'Connection': 'close'}) 365973Szelenkov@nginx.com 3661596Szelenkov@nginx.com assert resp['status'] == 200, 'Host trailing period status' 3671596Szelenkov@nginx.com assert ( 3681596Szelenkov@nginx.com resp['headers']['X-Server-Name'] == '127.0.0.1' 3691596Szelenkov@nginx.com ), 'Host trailing period SERVER_NAME' 3701596Szelenkov@nginx.com assert ( 3711596Szelenkov@nginx.com resp['headers']['X-Http-Host'] == '127.0.0.1.' 3721596Szelenkov@nginx.com ), 'Host trailing period HTTP_HOST' 373973Szelenkov@nginx.com 374973Szelenkov@nginx.com def test_http_header_host_trailing_period_2(self): 375973Szelenkov@nginx.com self.load('host') 376973Szelenkov@nginx.com 377*2073Szelenkov@nginx.com resp = self.get(headers={'Host': 'EXAMPLE.COM.', 'Connection': 'close'}) 378973Szelenkov@nginx.com 3791596Szelenkov@nginx.com assert resp['status'] == 200, 'Host trailing period 2 status' 3801596Szelenkov@nginx.com assert ( 3811596Szelenkov@nginx.com resp['headers']['X-Server-Name'] == 'example.com' 3821596Szelenkov@nginx.com ), 'Host trailing period 2 SERVER_NAME' 3831596Szelenkov@nginx.com assert ( 3841596Szelenkov@nginx.com resp['headers']['X-Http-Host'] == 'EXAMPLE.COM.' 3851596Szelenkov@nginx.com ), 'Host trailing period 2 HTTP_HOST' 386973Szelenkov@nginx.com 387973Szelenkov@nginx.com def test_http_header_host_case_insensitive(self): 388973Szelenkov@nginx.com self.load('host') 389973Szelenkov@nginx.com 3901017Szelenkov@nginx.com resp = self.get(headers={'Host': 'EXAMPLE.COM', 'Connection': 'close'}) 391973Szelenkov@nginx.com 3921596Szelenkov@nginx.com assert resp['status'] == 200, 'Host case insensitive' 3931596Szelenkov@nginx.com assert ( 3941596Szelenkov@nginx.com resp['headers']['X-Server-Name'] == 'example.com' 3951596Szelenkov@nginx.com ), 'Host case insensitive SERVER_NAME' 396973Szelenkov@nginx.com 397973Szelenkov@nginx.com def test_http_header_host_double_dot(self): 398973Szelenkov@nginx.com self.load('empty') 399973Szelenkov@nginx.com 4001596Szelenkov@nginx.com assert ( 4011017Szelenkov@nginx.com self.get(headers={'Host': '127.0.0..1', 'Connection': 'close'})[ 4021017Szelenkov@nginx.com 'status' 4031596Szelenkov@nginx.com ] 4041596Szelenkov@nginx.com == 400 4051596Szelenkov@nginx.com ), 'Host double dot' 406973Szelenkov@nginx.com 407973Szelenkov@nginx.com def test_http_header_host_slash(self): 408973Szelenkov@nginx.com self.load('empty') 409973Szelenkov@nginx.com 4101596Szelenkov@nginx.com assert ( 4111017Szelenkov@nginx.com self.get(headers={'Host': '/localhost', 'Connection': 'close'})[ 4121017Szelenkov@nginx.com 'status' 4131596Szelenkov@nginx.com ] 4141596Szelenkov@nginx.com == 400 4151596Szelenkov@nginx.com ), 'Host slash' 416973Szelenkov@nginx.com 417973Szelenkov@nginx.com def test_http_header_host_multiple_fields(self): 418973Szelenkov@nginx.com self.load('empty') 419973Szelenkov@nginx.com 4201596Szelenkov@nginx.com assert ( 4211017Szelenkov@nginx.com self.get( 4221017Szelenkov@nginx.com headers={ 4231017Szelenkov@nginx.com 'Host': ['localhost', 'example.com'], 4241017Szelenkov@nginx.com 'Connection': 'close', 4251017Szelenkov@nginx.com } 4261596Szelenkov@nginx.com )['status'] 4271596Szelenkov@nginx.com == 400 4281596Szelenkov@nginx.com ), 'Host multiple fields' 4291719Szelenkov@nginx.com 4301719Szelenkov@nginx.com def test_http_discard_unsafe_fields(self): 4311719Szelenkov@nginx.com self.load('header_fields') 4321719Szelenkov@nginx.com 4331719Szelenkov@nginx.com def check_status(header): 4341719Szelenkov@nginx.com resp = self.get( 4351719Szelenkov@nginx.com headers={ 4361719Szelenkov@nginx.com 'Host': 'localhost', 4371719Szelenkov@nginx.com header: 'blah', 4381719Szelenkov@nginx.com 'Connection': 'close', 4391719Szelenkov@nginx.com } 4401719Szelenkov@nginx.com ) 4411719Szelenkov@nginx.com 4421719Szelenkov@nginx.com assert resp['status'] == 200 4431719Szelenkov@nginx.com return resp 4441719Szelenkov@nginx.com 4451719Szelenkov@nginx.com resp = check_status("!Custom-Header") 4461719Szelenkov@nginx.com assert 'CUSTOM' not in resp['headers']['All-Headers'] 4471719Szelenkov@nginx.com 4481719Szelenkov@nginx.com resp = check_status("Custom_Header") 4491719Szelenkov@nginx.com assert 'CUSTOM' not in resp['headers']['All-Headers'] 4501719Szelenkov@nginx.com 4511719Szelenkov@nginx.com assert 'success' in self.conf( 452*2073Szelenkov@nginx.com {'http': {'discard_unsafe_fields': False}}, 453*2073Szelenkov@nginx.com 'settings', 4541719Szelenkov@nginx.com ) 4551719Szelenkov@nginx.com 4561719Szelenkov@nginx.com resp = check_status("!#$%&'*+.^`|~Custom_Header") 4571719Szelenkov@nginx.com assert 'CUSTOM' in resp['headers']['All-Headers'] 4581719Szelenkov@nginx.com 4591719Szelenkov@nginx.com assert 'success' in self.conf( 460*2073Szelenkov@nginx.com {'http': {'discard_unsafe_fields': True}}, 461*2073Szelenkov@nginx.com 'settings', 4621719Szelenkov@nginx.com ) 4631719Szelenkov@nginx.com 4641719Szelenkov@nginx.com resp = check_status("!Custom-Header") 4651719Szelenkov@nginx.com assert 'CUSTOM' not in resp['headers']['All-Headers'] 4661719Szelenkov@nginx.com 4671719Szelenkov@nginx.com resp = check_status("Custom_Header") 4681719Szelenkov@nginx.com assert 'CUSTOM' not in resp['headers']['All-Headers'] 469