mirror of
https://github.com/frappe/gunicorn.git
synced 2026-07-02 18:51:31 +08:00
Merge pull request #3599 from benoitc/test/rfc9112-chunked-edge-cases
test: codify chunked size/extension edge cases (RFC 9112 §7.1)
This commit is contained in:
commit
5d0f1e9b15
@ -0,0 +1,8 @@
|
|||||||
|
POST /upload HTTP/1.1\r\n
|
||||||
|
Host: example.com\r\n
|
||||||
|
Transfer-Encoding: chunked\r\n
|
||||||
|
\r\n
|
||||||
|
-5\r\n
|
||||||
|
hello\r\n
|
||||||
|
0\r\n
|
||||||
|
\r\n
|
||||||
@ -0,0 +1,7 @@
|
|||||||
|
#
|
||||||
|
# This file is part of gunicorn released under the MIT license.
|
||||||
|
# See the NOTICE for more information.
|
||||||
|
|
||||||
|
# RFC 9112 section 7.1: chunk-size = 1*HEXDIG; negative sign is invalid.
|
||||||
|
from gunicorn.http.errors import InvalidChunkSize
|
||||||
|
request = InvalidChunkSize
|
||||||
@ -0,0 +1,8 @@
|
|||||||
|
POST /upload HTTP/1.1\r\n
|
||||||
|
Host: example.com\r\n
|
||||||
|
Transfer-Encoding: chunked\r\n
|
||||||
|
\r\n
|
||||||
|
+5\r\n
|
||||||
|
hello\r\n
|
||||||
|
0\r\n
|
||||||
|
\r\n
|
||||||
@ -0,0 +1,8 @@
|
|||||||
|
#
|
||||||
|
# This file is part of gunicorn released under the MIT license.
|
||||||
|
# See the NOTICE for more information.
|
||||||
|
|
||||||
|
# RFC 9112 section 7.1: chunk-size = 1*HEXDIG; a leading sign ("+" or "-")
|
||||||
|
# is not valid and has been used in request-smuggling vectors.
|
||||||
|
from gunicorn.http.errors import InvalidChunkSize
|
||||||
|
request = InvalidChunkSize
|
||||||
8
tests/requests/valid/rfc9112_chunked_ext_quoted_01.http
Normal file
8
tests/requests/valid/rfc9112_chunked_ext_quoted_01.http
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
POST /upload HTTP/1.1\r\n
|
||||||
|
Host: example.com\r\n
|
||||||
|
Transfer-Encoding: chunked\r\n
|
||||||
|
\r\n
|
||||||
|
5;foo="bar baz"\r\n
|
||||||
|
hello\r\n
|
||||||
|
0\r\n
|
||||||
|
\r\n
|
||||||
15
tests/requests/valid/rfc9112_chunked_ext_quoted_01.py
Normal file
15
tests/requests/valid/rfc9112_chunked_ext_quoted_01.py
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
#
|
||||||
|
# This file is part of gunicorn released under the MIT license.
|
||||||
|
# See the NOTICE for more information.
|
||||||
|
|
||||||
|
# RFC 9112 section 7.1.1: chunk-ext-val can be token or quoted-string.
|
||||||
|
request = {
|
||||||
|
"method": "POST",
|
||||||
|
"uri": uri("/upload"),
|
||||||
|
"version": (1, 1),
|
||||||
|
"headers": [
|
||||||
|
("HOST", "example.com"),
|
||||||
|
("TRANSFER-ENCODING", "chunked"),
|
||||||
|
],
|
||||||
|
"body": b"hello",
|
||||||
|
}
|
||||||
@ -0,0 +1,8 @@
|
|||||||
|
POST /upload HTTP/1.1\r\n
|
||||||
|
Host: example.com\r\n
|
||||||
|
Transfer-Encoding: chunked\r\n
|
||||||
|
\r\n
|
||||||
|
0005\r\n
|
||||||
|
hello\r\n
|
||||||
|
0\r\n
|
||||||
|
\r\n
|
||||||
@ -0,0 +1,16 @@
|
|||||||
|
#
|
||||||
|
# This file is part of gunicorn released under the MIT license.
|
||||||
|
# See the NOTICE for more information.
|
||||||
|
|
||||||
|
# RFC 9112 section 7.1: chunk-size is 1*HEXDIG. Leading zeros are permitted
|
||||||
|
# but have been used in smuggling vectors; fixture pins accepted behavior.
|
||||||
|
request = {
|
||||||
|
"method": "POST",
|
||||||
|
"uri": uri("/upload"),
|
||||||
|
"version": (1, 1),
|
||||||
|
"headers": [
|
||||||
|
("HOST", "example.com"),
|
||||||
|
("TRANSFER-ENCODING", "chunked"),
|
||||||
|
],
|
||||||
|
"body": b"hello",
|
||||||
|
}
|
||||||
@ -0,0 +1,8 @@
|
|||||||
|
POST /upload HTTP/1.1\r\n
|
||||||
|
Host: example.com\r\n
|
||||||
|
Transfer-Encoding: chunked\r\n
|
||||||
|
\r\n
|
||||||
|
A\r\n
|
||||||
|
0123456789\r\n
|
||||||
|
0\r\n
|
||||||
|
\r\n
|
||||||
@ -0,0 +1,15 @@
|
|||||||
|
#
|
||||||
|
# This file is part of gunicorn released under the MIT license.
|
||||||
|
# See the NOTICE for more information.
|
||||||
|
|
||||||
|
# RFC 9112 section 7.1: chunk-size = 1*HEXDIG, which allows both cases.
|
||||||
|
request = {
|
||||||
|
"method": "POST",
|
||||||
|
"uri": uri("/upload"),
|
||||||
|
"version": (1, 1),
|
||||||
|
"headers": [
|
||||||
|
("HOST", "example.com"),
|
||||||
|
("TRANSFER-ENCODING", "chunked"),
|
||||||
|
],
|
||||||
|
"body": b"0123456789",
|
||||||
|
}
|
||||||
Loading…
x
Reference in New Issue
Block a user