You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
403 lines
12 KiB
403 lines
12 KiB
9 years ago
|
import pytest
|
||
|
|
|
||
|
9 years ago
|
from pappyproxy import context
|
||
|
|
from pappyproxy.http import Request, Response, ResponseCookie
|
||
|
9 years ago
|
|
||
|
|
@pytest.fixture
|
||
|
|
def http_request():
|
||
|
|
return Request('GET / HTTP/1.1\r\n')
|
||
|
|
|
||
|
|
def test_filter_reqs():
|
||
|
|
pass
|
||
|
|
|
||
|
|
def test_gen_filter_by_all_request():
|
||
|
|
f = context.gen_filter_by_all(context.cmp_contains, 'hello')
|
||
|
|
fn = context.gen_filter_by_all(context.cmp_contains, 'hello', negate=True)
|
||
|
|
|
||
|
|
# Nowhere
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
assert not f(r)
|
||
|
|
assert fn(r)
|
||
|
|
|
||
|
|
# Verb
|
||
|
|
r = Request('hello / HTTP/1.1\r\n')
|
||
|
|
assert f(r)
|
||
|
|
assert not fn(r)
|
||
|
|
|
||
|
|
# Path
|
||
|
|
r = Request('GET /hello HTTP/1.1\r\n')
|
||
|
|
assert f(r)
|
||
|
|
assert not fn(r)
|
||
|
|
|
||
|
|
# Data
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
r.raw_data = 'hello'
|
||
|
|
assert f(r)
|
||
|
|
assert not fn(r)
|
||
|
|
|
||
|
|
# Header key
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
r.headers['hello'] = 'goodbye'
|
||
|
|
assert f(r)
|
||
|
|
assert not fn(r)
|
||
|
|
|
||
|
|
# Header value
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
r.headers['goodbye'] = 'hello'
|
||
|
|
assert f(r)
|
||
|
|
assert not fn(r)
|
||
|
|
|
||
|
|
# Nowhere in headers
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
r.headers['goodbye'] = 'for real'
|
||
|
|
assert not f(r)
|
||
|
|
assert fn(r)
|
||
|
|
|
||
|
|
# Cookie key
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
r.cookies['hello'] = 'world'
|
||
|
|
r.update_from_objects()
|
||
|
|
assert f(r)
|
||
|
|
assert not fn(r)
|
||
|
|
|
||
|
|
# Cookie value
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
r.cookies['world'] = 'hello'
|
||
|
|
r.update_from_objects()
|
||
|
|
assert f(r)
|
||
|
|
assert not fn(r)
|
||
|
|
|
||
|
|
# Nowhere in cookie
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
r.cookies['world'] = 'sucks'
|
||
|
|
r.update_from_objects()
|
||
|
|
assert not f(r)
|
||
|
|
assert fn(r)
|
||
|
|
|
||
|
|
|
||
|
|
def test_gen_filter_by_all_response(http_request):
|
||
|
|
f = context.gen_filter_by_all(context.cmp_contains, 'hello')
|
||
|
|
fn = context.gen_filter_by_all(context.cmp_contains, 'hello', negate=True)
|
||
|
|
|
||
|
|
# Nowhere
|
||
|
|
r = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
http_request.response = r
|
||
|
|
assert not f(http_request)
|
||
|
|
assert fn(http_request)
|
||
|
|
|
||
|
|
# Response text
|
||
|
|
r = Response('HTTP/1.1 200 hello\r\n')
|
||
|
|
http_request.response = r
|
||
|
|
assert f(http_request)
|
||
|
|
assert not fn(http_request)
|
||
|
|
|
||
|
|
# Data
|
||
|
|
r = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
http_request.response = r
|
||
|
|
r.raw_data = 'hello'
|
||
|
|
assert f(http_request)
|
||
|
|
assert not fn(http_request)
|
||
|
|
|
||
|
|
# Header key
|
||
|
|
r = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
http_request.response = r
|
||
|
|
r.headers['hello'] = 'goodbye'
|
||
|
|
assert f(http_request)
|
||
|
|
assert not fn(http_request)
|
||
|
|
|
||
|
|
# Header value
|
||
|
|
r = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
http_request.response = r
|
||
|
|
r.headers['goodbye'] = 'hello'
|
||
|
|
assert f(http_request)
|
||
|
|
assert not fn(http_request)
|
||
|
|
|
||
|
|
# Nowhere in headers
|
||
|
|
r = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
http_request.response = r
|
||
|
|
r.headers['goodbye'] = 'for real'
|
||
|
|
assert not f(http_request)
|
||
|
|
assert fn(http_request)
|
||
|
|
|
||
|
|
# Cookie key
|
||
|
|
r = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
http_request.response = r
|
||
|
|
r.add_cookie(ResponseCookie('hello=goodbye'))
|
||
|
|
r.update_from_objects()
|
||
|
|
assert f(http_request)
|
||
|
|
assert not fn(http_request)
|
||
|
|
|
||
|
|
# Cookie value
|
||
|
|
r = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
http_request.response = r
|
||
|
|
r.add_cookie(ResponseCookie('goodbye=hello'))
|
||
|
|
r.update_from_objects()
|
||
|
|
assert f(http_request)
|
||
|
|
assert not fn(http_request)
|
||
|
|
|
||
|
|
# Nowhere in cookie
|
||
|
|
r = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
http_request.response = r
|
||
|
|
r.add_cookie(ResponseCookie('goodbye=for real'))
|
||
|
|
r.update_from_objects()
|
||
|
|
assert not f(http_request)
|
||
|
|
assert fn(http_request)
|
||
|
|
|
||
|
|
def test_filter_by_host(http_request):
|
||
|
|
f = context.gen_filter_by_host(context.cmp_contains, 'sexy')
|
||
|
|
fn = context.gen_filter_by_host(context.cmp_contains, 'sexy', negate=True)
|
||
|
|
|
||
|
|
http_request.headers['Host'] = 'google.com'
|
||
|
|
http_request.headers['MiscHeader'] = 'vim.sexy'
|
||
|
|
assert not f(http_request)
|
||
|
|
assert fn(http_request)
|
||
|
|
|
||
|
|
http_request.headers['Host'] = 'vim.sexy'
|
||
|
|
http_request.update_from_text()
|
||
|
|
assert http_request.host == 'vim.sexy'
|
||
|
|
assert f(http_request)
|
||
|
|
assert not fn(http_request)
|
||
|
|
|
||
|
|
def test_filter_by_body():
|
||
|
|
f = context.gen_filter_by_body(context.cmp_contains, 'sexy')
|
||
|
|
fn = context.gen_filter_by_body(context.cmp_contains, 'sexy', negate=True)
|
||
|
|
|
||
|
|
# Test request bodies
|
||
|
|
r = Request()
|
||
|
|
r.status_line = 'GET /sexy HTTP/1.1'
|
||
|
|
r.headers['Header'] = 'sexy'
|
||
|
|
r.raw_data = 'foo'
|
||
|
|
assert not f(r)
|
||
|
|
assert fn(r)
|
||
|
|
|
||
|
|
r.raw_data = 'sexy'
|
||
|
|
assert f(r)
|
||
|
|
assert not fn(r)
|
||
|
|
|
||
|
|
# Test response bodies
|
||
|
|
r = Request()
|
||
|
|
rsp = Response()
|
||
|
|
rsp.status_line = 'HTTP/1.1 200 OK'
|
||
|
|
rsp.headers['sexy'] = 'sexy'
|
||
|
|
r.status_line = 'GET /sexy HTTP/1.1'
|
||
|
|
r.headers['Header'] = 'sexy'
|
||
|
|
r.response = rsp
|
||
|
|
assert not f(r)
|
||
|
|
assert fn(r)
|
||
|
|
|
||
|
|
rsp.raw_data = 'sexy'
|
||
|
|
assert f(r)
|
||
|
|
assert not fn(r)
|
||
|
|
|
||
|
|
def test_filter_by_response_code(http_request):
|
||
|
|
f = context.gen_filter_by_response_code(context.cmp_eq, 200)
|
||
|
|
fn = context.gen_filter_by_response_code(context.cmp_eq, 200, negate=True)
|
||
|
|
|
||
|
|
r = Response()
|
||
|
|
http_request.response = r
|
||
|
|
r.status_line = 'HTTP/1.1 404 Not Found'
|
||
|
|
assert not f(http_request)
|
||
|
|
assert fn(http_request)
|
||
|
|
|
||
|
|
r.status_line = 'HTTP/1.1 200 OK'
|
||
|
|
assert f(http_request)
|
||
|
|
assert not fn(http_request)
|
||
|
|
|
||
|
|
def test_filter_by_raw_headers_request():
|
||
|
|
f1 = context.gen_filter_by_raw_headers(context.cmp_contains, 'Sexy:')
|
||
|
|
fn1 = context.gen_filter_by_raw_headers(context.cmp_contains, 'Sexy:', negate=True)
|
||
|
|
f2 = context.gen_filter_by_raw_headers(context.cmp_contains, 'sexy\r\nHeader')
|
||
|
|
fn2 = context.gen_filter_by_raw_headers(context.cmp_contains, 'sexy\r\nHeader', negate=True)
|
||
|
|
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
rsp = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
r.response = rsp
|
||
|
|
r.headers['Header'] = 'Sexy'
|
||
|
|
assert not f1(r)
|
||
|
|
assert fn1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
assert fn2(r)
|
||
|
|
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
rsp = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
r.response = rsp
|
||
|
|
r.headers['Sexy'] = 'sexy'
|
||
|
|
assert f1(r)
|
||
|
|
assert not fn1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
assert fn2(r)
|
||
|
|
|
||
|
|
r.headers['OtherHeader'] = 'sexy'
|
||
|
|
r.headers['Header'] = 'foo'
|
||
|
|
assert f1(r)
|
||
|
|
assert not fn1(r)
|
||
|
|
assert f2(r)
|
||
|
|
assert not fn2(r)
|
||
|
|
|
||
|
|
def test_filter_by_raw_headers_response():
|
||
|
|
f1 = context.gen_filter_by_raw_headers(context.cmp_contains, 'Sexy:')
|
||
|
|
fn1 = context.gen_filter_by_raw_headers(context.cmp_contains, 'Sexy:', negate=True)
|
||
|
|
f2 = context.gen_filter_by_raw_headers(context.cmp_contains, 'sexy\r\nHeader')
|
||
|
|
fn2 = context.gen_filter_by_raw_headers(context.cmp_contains, 'sexy\r\nHeader', negate=True)
|
||
|
|
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
rsp = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
r.response = rsp
|
||
|
|
rsp.headers['Header'] = 'Sexy'
|
||
|
|
assert not f1(r)
|
||
|
|
assert fn1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
assert fn2(r)
|
||
|
|
|
||
|
|
r = Request('GET / HTTP/1.1\r\n')
|
||
|
|
rsp = Response('HTTP/1.1 200 OK\r\n')
|
||
|
|
r.response = rsp
|
||
|
|
rsp.headers['Sexy'] = 'sexy'
|
||
|
|
assert f1(r)
|
||
|
|
assert not fn1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
assert fn2(r)
|
||
|
|
|
||
|
|
rsp.headers['OtherHeader'] = 'sexy'
|
||
|
|
rsp.headers['Header'] = 'foo'
|
||
|
|
assert f1(r)
|
||
|
|
assert not fn1(r)
|
||
|
|
assert f2(r)
|
||
|
|
assert not fn2(r)
|
||
|
|
|
||
|
|
def test_filter_by_path(http_request):
|
||
|
|
f = context.gen_filter_by_path(context.cmp_contains, 'porn') # find the fun websites
|
||
|
|
fn = context.gen_filter_by_path(context.cmp_contains, 'porn', negate=True) # find the boring websites
|
||
|
|
|
||
|
|
http_request.status_line = 'GET / HTTP/1.1'
|
||
|
|
assert not f(http_request)
|
||
|
|
assert fn(http_request)
|
||
|
|
|
||
|
|
http_request.status_line = 'GET /path/to/great/porn HTTP/1.1'
|
||
|
|
assert f(http_request)
|
||
|
|
assert not fn(http_request)
|
||
|
|
|
||
|
|
http_request.status_line = 'GET /path/to/porn/great HTTP/1.1'
|
||
|
|
assert f(http_request)
|
||
|
|
assert not fn(http_request)
|
||
|
|
|
||
|
|
def test_gen_filter_by_submitted_cookies():
|
||
|
|
f1 = context.gen_filter_by_submitted_cookies(context.cmp_contains, 'Session')
|
||
|
|
f2 = context.gen_filter_by_submitted_cookies(context.cmp_contains, 'Cookie',
|
||
|
|
context.cmp_contains, 'CookieVal')
|
||
|
|
r = Request(('GET / HTTP/1.1\r\n'
|
||
|
|
'Cookie: foo=bar\r\n'
|
||
|
|
'\r\n'))
|
||
|
|
assert not f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request(('GET / HTTP/1.1\r\n'
|
||
|
|
'Cookie: Session=bar\r\n'
|
||
|
|
'\r\n'))
|
||
|
|
assert f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request(('GET / HTTP/1.1\r\n'
|
||
|
|
'Cookie: Session=bar; CookieThing=NoMatch\r\n'
|
||
|
|
'\r\n'))
|
||
|
|
assert f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request(('GET / HTTP/1.1\r\n'
|
||
|
|
'Cookie: Session=bar; CookieThing=CookieValue\r\n'
|
||
|
|
'\r\n'))
|
||
|
|
assert f1(r)
|
||
|
|
assert f2(r)
|
||
|
|
|
||
|
|
def test_gen_filter_by_set_cookies():
|
||
|
|
f1 = context.gen_filter_by_set_cookies(context.cmp_contains, 'Session')
|
||
|
|
f2 = context.gen_filter_by_set_cookies(context.cmp_contains, 'Cookie',
|
||
|
|
context.cmp_contains, 'CookieVal')
|
||
|
|
|
||
|
|
r = Request('GET / HTTP/1.1\r\n\r\n')
|
||
|
|
rsp = Response(('HTTP/1.1 200 OK\r\n'
|
||
|
|
'Set-Cookie: foo=bar\r\n'
|
||
|
|
'\r\n'))
|
||
|
|
r.response = rsp
|
||
|
|
assert not f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request('GET / HTTP/1.1\r\n\r\n')
|
||
|
|
rsp = Response(('HTTP/1.1 200 OK\r\n'
|
||
|
|
'Set-Cookie: foo=bar\r\n'
|
||
|
|
'Set-Cookie: Session=Banana\r\n'
|
||
|
|
'\r\n'))
|
||
|
|
r.response = rsp
|
||
|
|
assert f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request('GET / HTTP/1.1\r\n\r\n')
|
||
|
|
rsp = Response(('HTTP/1.1 200 OK\r\n'
|
||
|
|
'Set-Cookie: foo=bar\r\n'
|
||
|
|
'Set-Cookie: Session=Banana\r\n'
|
||
|
|
'Set-Cookie: CookieThing=NoMatch\r\n'
|
||
|
|
'\r\n'))
|
||
|
|
r.response = rsp
|
||
|
|
assert f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request('GET / HTTP/1.1\r\n\r\n')
|
||
|
|
rsp = Response(('HTTP/1.1 200 OK\r\n'
|
||
|
|
'Set-Cookie: foo=bar\r\n'
|
||
|
|
'Set-Cookie: Session=Banana\r\n'
|
||
|
|
'Set-Cookie: CookieThing=CookieValue\r\n'
|
||
|
|
'\r\n'))
|
||
|
|
r.response = rsp
|
||
|
|
assert f1(r)
|
||
|
|
assert f2(r)
|
||
|
|
|
||
|
|
def test_filter_by_params_get():
|
||
|
|
f1 = context.gen_filter_by_params(context.cmp_contains, 'Session')
|
||
|
|
f2 = context.gen_filter_by_params(context.cmp_contains, 'Cookie',
|
||
|
|
context.cmp_contains, 'CookieVal')
|
||
|
|
|
||
|
|
r = Request('GET / HTTP/1.1\r\n\r\n')
|
||
|
|
assert not f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request('GET /?Session=foo HTTP/1.1\r\n\r\n')
|
||
|
|
assert f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request('GET /?Session=foo&CookieThing=Fail HTTP/1.1\r\n\r\n')
|
||
|
|
assert f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request('GET /?Session=foo&CookieThing=CookieValue HTTP/1.1\r\n\r\n')
|
||
|
|
assert f1(r)
|
||
|
|
assert f2(r)
|
||
|
|
|
||
|
|
def test_filter_by_params_post():
|
||
|
|
f1 = context.gen_filter_by_params(context.cmp_contains, 'Session')
|
||
|
|
f2 = context.gen_filter_by_params(context.cmp_contains, 'Cookie',
|
||
|
|
context.cmp_contains, 'CookieVal')
|
||
|
|
|
||
|
|
r = Request(('GET / HTTP/1.1\r\n'
|
||
|
|
'Content-Type: application/x-www-form-urlencoded\r\n\r\n'))
|
||
|
|
r.raw_data = 'foo=bar'
|
||
|
|
assert not f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request(('GET / HTTP/1.1\r\n'
|
||
|
|
'Content-Type: application/x-www-form-urlencoded\r\n\r\n'))
|
||
|
|
r.raw_data = 'Session=bar'
|
||
|
|
assert f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request(('GET / HTTP/1.1\r\n'
|
||
|
|
'Content-Type: application/x-www-form-urlencoded\r\n\r\n'))
|
||
|
|
r.raw_data = 'Session=bar&Cookie=foo'
|
||
|
|
assert f1(r)
|
||
|
|
assert not f2(r)
|
||
|
|
|
||
|
|
r = Request(('GET / HTTP/1.1\r\n'
|
||
|
|
'Content-Type: application/x-www-form-urlencoded\r\n\r\n'))
|
||
|
|
r.raw_data = 'Session=bar&CookieThing=CookieValue'
|
||
|
|
assert f1(r)
|
||
|
|
assert f2(r)
|