diff options
author | Andrei Zeliankou <zelenkov@nginx.com> | 2020-11-19 05:21:48 +0000 |
---|---|---|
committer | Andrei Zeliankou <zelenkov@nginx.com> | 2020-11-19 05:21:48 +0000 |
commit | 18ddb747725d24a65b61e0b8ca5d072f52724190 (patch) | |
tree | a13078724a3359d090ca5b39dc8dc8e6f32e2a42 /test/test_http_header.py | |
parent | e154d7a3a26359e60544b2b578990fc3514422a4 (diff) | |
download | unit-18ddb747725d24a65b61e0b8ca5d072f52724190.tar.gz unit-18ddb747725d24a65b61e0b8ca5d072f52724190.tar.bz2 |
Tests: added tests for a "discard_unsafe_fields" option.
Diffstat (limited to 'test/test_http_header.py')
-rw-r--r-- | test/test_http_header.py | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/test/test_http_header.py b/test/test_http_header.py index b1c77066..fdb557cf 100644 --- a/test/test_http_header.py +++ b/test/test_http_header.py @@ -431,3 +431,41 @@ Connection: close )['status'] == 400 ), 'Host multiple fields' + + def test_http_discard_unsafe_fields(self): + self.load('header_fields') + + def check_status(header): + resp = self.get( + headers={ + 'Host': 'localhost', + header: 'blah', + 'Connection': 'close', + } + ) + + assert resp['status'] == 200 + return resp + + resp = check_status("!Custom-Header") + assert 'CUSTOM' not in resp['headers']['All-Headers'] + + resp = check_status("Custom_Header") + assert 'CUSTOM' not in resp['headers']['All-Headers'] + + assert 'success' in self.conf( + {'http': {'discard_unsafe_fields': False}}, 'settings', + ) + + resp = check_status("!#$%&'*+.^`|~Custom_Header") + assert 'CUSTOM' in resp['headers']['All-Headers'] + + assert 'success' in self.conf( + {'http': {'discard_unsafe_fields': True}}, 'settings', + ) + + resp = check_status("!Custom-Header") + assert 'CUSTOM' not in resp['headers']['All-Headers'] + + resp = check_status("Custom_Header") + assert 'CUSTOM' not in resp['headers']['All-Headers'] |