2016-06-21 09:59:29 -05:00
|
|
|
package httpserver
|
|
|
|
|
|
|
|
import (
|
httpserver/all: Clean up and standardize request URL handling (#1633)
* httpserver/all: Clean up and standardize request URL handling
The HTTP server now always creates a context value on the request which
is a copy of the request's URL struct. It should not be modified by
middlewares, but it is safe to get the value out of the request and make
changes to it locally-scoped. Thus, the value in the context always
stores the original request URL information as it was received. Any
rewrites that happen will be to the request's URL field directly.
The HTTP server no longer cleans /sanitizes the request URL. It made too
many strong assumptions and ended up making a lot of middleware more
complicated, including upstream proxying (and fastcgi). To alleviate
this complexity, we no longer change the request URL. Middlewares are
responsible to access the disk safely by using http.Dir or, if not
actually opening files, they can use httpserver.SafePath().
I'm hoping this will address issues with #1624, #1584, #1582, and others.
* staticfiles: Fix test on Windows
@abiosoft: I still can't figure out exactly what this is for. 😅
* Use (potentially) changed URL for browse redirects, as before
* Use filepath.ToSlash, clean up a couple proxy test cases
* Oops, fix variable name
2017-05-02 00:11:10 -05:00
|
|
|
"context"
|
2016-06-21 09:59:29 -05:00
|
|
|
"net/http"
|
2017-07-30 10:33:59 -05:00
|
|
|
"regexp"
|
2016-06-21 09:59:29 -05:00
|
|
|
"strings"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/mholt/caddy"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestConditions(t *testing.T) {
|
|
|
|
tests := []struct {
|
|
|
|
condition string
|
|
|
|
isTrue bool
|
2017-07-30 10:33:59 -05:00
|
|
|
shouldErr bool
|
2016-06-21 09:59:29 -05:00
|
|
|
}{
|
2017-07-30 10:33:59 -05:00
|
|
|
{"a is b", false, false},
|
|
|
|
{"a is a", true, false},
|
|
|
|
{"a not b", true, false},
|
|
|
|
{"a not a", false, false},
|
|
|
|
{"a has a", true, false},
|
|
|
|
{"a has b", false, false},
|
|
|
|
{"ba has b", true, false},
|
|
|
|
{"bab has b", true, false},
|
|
|
|
{"bab has bb", false, false},
|
|
|
|
{"a not_has a", false, false},
|
|
|
|
{"a not_has b", true, false},
|
|
|
|
{"ba not_has b", false, false},
|
|
|
|
{"bab not_has b", false, false},
|
|
|
|
{"bab not_has bb", true, false},
|
|
|
|
{"bab starts_with bb", false, false},
|
|
|
|
{"bab starts_with ba", true, false},
|
|
|
|
{"bab starts_with bab", true, false},
|
|
|
|
{"bab not_starts_with bb", true, false},
|
|
|
|
{"bab not_starts_with ba", false, false},
|
|
|
|
{"bab not_starts_with bab", false, false},
|
|
|
|
{"bab ends_with bb", false, false},
|
|
|
|
{"bab ends_with bab", true, false},
|
|
|
|
{"bab ends_with ab", true, false},
|
|
|
|
{"bab not_ends_with bb", true, false},
|
|
|
|
{"bab not_ends_with ab", false, false},
|
|
|
|
{"bab not_ends_with bab", false, false},
|
|
|
|
{"a match *", false, true},
|
|
|
|
{"a match a", true, false},
|
|
|
|
{"a match .*", true, false},
|
|
|
|
{"a match a.*", true, false},
|
|
|
|
{"a match b.*", false, false},
|
|
|
|
{"ba match b.*", true, false},
|
|
|
|
{"ba match b[a-z]", true, false},
|
|
|
|
{"b0 match b[a-z]", false, false},
|
|
|
|
{"b0a match b[a-z]", false, false},
|
|
|
|
{"b0a match b[a-z]+", false, false},
|
|
|
|
{"b0a match b[a-z0-9]+", true, false},
|
|
|
|
{"bac match b[a-z]{2}", true, false},
|
|
|
|
{"a not_match *", false, true},
|
|
|
|
{"a not_match a", false, false},
|
|
|
|
{"a not_match .*", false, false},
|
|
|
|
{"a not_match a.*", false, false},
|
|
|
|
{"a not_match b.*", true, false},
|
|
|
|
{"ba not_match b.*", false, false},
|
|
|
|
{"ba not_match b[a-z]", false, false},
|
|
|
|
{"b0 not_match b[a-z]", true, false},
|
|
|
|
{"b0a not_match b[a-z]", true, false},
|
|
|
|
{"b0a not_match b[a-z]+", true, false},
|
|
|
|
{"b0a not_match b[a-z0-9]+", false, false},
|
|
|
|
{"bac not_match b[a-z]{2}", false, false},
|
2016-06-21 09:59:29 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
for i, test := range tests {
|
|
|
|
str := strings.Fields(test.condition)
|
|
|
|
ifCond, err := newIfCond(str[0], str[1], str[2])
|
|
|
|
if err != nil {
|
2017-07-30 10:33:59 -05:00
|
|
|
if !test.shouldErr {
|
|
|
|
t.Error(err)
|
|
|
|
}
|
|
|
|
continue
|
2016-06-21 09:59:29 -05:00
|
|
|
}
|
|
|
|
isTrue := ifCond.True(nil)
|
|
|
|
if isTrue != test.isTrue {
|
2017-07-30 10:33:59 -05:00
|
|
|
t.Errorf("Test %d: '%s' expected %v found %v", i, test.condition, test.isTrue, isTrue)
|
2016-06-21 09:59:29 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
invalidOperators := []string{"ss", "and", "if"}
|
|
|
|
for _, op := range invalidOperators {
|
|
|
|
_, err := newIfCond("a", op, "b")
|
|
|
|
if err == nil {
|
|
|
|
t.Errorf("Invalid operator %v used, expected error.", op)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
replaceTests := []struct {
|
|
|
|
url string
|
|
|
|
condition string
|
|
|
|
isTrue bool
|
|
|
|
}{
|
|
|
|
{"/home", "{uri} match /home", true},
|
|
|
|
{"/hom", "{uri} match /home", false},
|
|
|
|
{"/hom", "{uri} starts_with /home", false},
|
|
|
|
{"/hom", "{uri} starts_with /h", true},
|
|
|
|
{"/home/.hiddenfile", `{uri} match \/\.(.*)`, true},
|
|
|
|
{"/home/.hiddendir/afile", `{uri} match \/\.(.*)`, true},
|
|
|
|
}
|
|
|
|
|
|
|
|
for i, test := range replaceTests {
|
|
|
|
r, err := http.NewRequest("GET", test.url, nil)
|
|
|
|
if err != nil {
|
httpserver/all: Clean up and standardize request URL handling (#1633)
* httpserver/all: Clean up and standardize request URL handling
The HTTP server now always creates a context value on the request which
is a copy of the request's URL struct. It should not be modified by
middlewares, but it is safe to get the value out of the request and make
changes to it locally-scoped. Thus, the value in the context always
stores the original request URL information as it was received. Any
rewrites that happen will be to the request's URL field directly.
The HTTP server no longer cleans /sanitizes the request URL. It made too
many strong assumptions and ended up making a lot of middleware more
complicated, including upstream proxying (and fastcgi). To alleviate
this complexity, we no longer change the request URL. Middlewares are
responsible to access the disk safely by using http.Dir or, if not
actually opening files, they can use httpserver.SafePath().
I'm hoping this will address issues with #1624, #1584, #1582, and others.
* staticfiles: Fix test on Windows
@abiosoft: I still can't figure out exactly what this is for. 😅
* Use (potentially) changed URL for browse redirects, as before
* Use filepath.ToSlash, clean up a couple proxy test cases
* Oops, fix variable name
2017-05-02 00:11:10 -05:00
|
|
|
t.Errorf("Test %d: failed to create request: %v", i, err)
|
|
|
|
continue
|
2016-06-21 09:59:29 -05:00
|
|
|
}
|
httpserver/all: Clean up and standardize request URL handling (#1633)
* httpserver/all: Clean up and standardize request URL handling
The HTTP server now always creates a context value on the request which
is a copy of the request's URL struct. It should not be modified by
middlewares, but it is safe to get the value out of the request and make
changes to it locally-scoped. Thus, the value in the context always
stores the original request URL information as it was received. Any
rewrites that happen will be to the request's URL field directly.
The HTTP server no longer cleans /sanitizes the request URL. It made too
many strong assumptions and ended up making a lot of middleware more
complicated, including upstream proxying (and fastcgi). To alleviate
this complexity, we no longer change the request URL. Middlewares are
responsible to access the disk safely by using http.Dir or, if not
actually opening files, they can use httpserver.SafePath().
I'm hoping this will address issues with #1624, #1584, #1582, and others.
* staticfiles: Fix test on Windows
@abiosoft: I still can't figure out exactly what this is for. 😅
* Use (potentially) changed URL for browse redirects, as before
* Use filepath.ToSlash, clean up a couple proxy test cases
* Oops, fix variable name
2017-05-02 00:11:10 -05:00
|
|
|
ctx := context.WithValue(r.Context(), OriginalURLCtxKey, *r.URL)
|
|
|
|
r = r.WithContext(ctx)
|
2016-06-21 09:59:29 -05:00
|
|
|
str := strings.Fields(test.condition)
|
|
|
|
ifCond, err := newIfCond(str[0], str[1], str[2])
|
|
|
|
if err != nil {
|
httpserver/all: Clean up and standardize request URL handling (#1633)
* httpserver/all: Clean up and standardize request URL handling
The HTTP server now always creates a context value on the request which
is a copy of the request's URL struct. It should not be modified by
middlewares, but it is safe to get the value out of the request and make
changes to it locally-scoped. Thus, the value in the context always
stores the original request URL information as it was received. Any
rewrites that happen will be to the request's URL field directly.
The HTTP server no longer cleans /sanitizes the request URL. It made too
many strong assumptions and ended up making a lot of middleware more
complicated, including upstream proxying (and fastcgi). To alleviate
this complexity, we no longer change the request URL. Middlewares are
responsible to access the disk safely by using http.Dir or, if not
actually opening files, they can use httpserver.SafePath().
I'm hoping this will address issues with #1624, #1584, #1582, and others.
* staticfiles: Fix test on Windows
@abiosoft: I still can't figure out exactly what this is for. 😅
* Use (potentially) changed URL for browse redirects, as before
* Use filepath.ToSlash, clean up a couple proxy test cases
* Oops, fix variable name
2017-05-02 00:11:10 -05:00
|
|
|
t.Errorf("Test %d: failed to create 'if' condition %v", i, err)
|
|
|
|
continue
|
2016-06-21 09:59:29 -05:00
|
|
|
}
|
|
|
|
isTrue := ifCond.True(r)
|
|
|
|
if isTrue != test.isTrue {
|
|
|
|
t.Errorf("Test %v: expected %v found %v", i, test.isTrue, isTrue)
|
httpserver/all: Clean up and standardize request URL handling (#1633)
* httpserver/all: Clean up and standardize request URL handling
The HTTP server now always creates a context value on the request which
is a copy of the request's URL struct. It should not be modified by
middlewares, but it is safe to get the value out of the request and make
changes to it locally-scoped. Thus, the value in the context always
stores the original request URL information as it was received. Any
rewrites that happen will be to the request's URL field directly.
The HTTP server no longer cleans /sanitizes the request URL. It made too
many strong assumptions and ended up making a lot of middleware more
complicated, including upstream proxying (and fastcgi). To alleviate
this complexity, we no longer change the request URL. Middlewares are
responsible to access the disk safely by using http.Dir or, if not
actually opening files, they can use httpserver.SafePath().
I'm hoping this will address issues with #1624, #1584, #1582, and others.
* staticfiles: Fix test on Windows
@abiosoft: I still can't figure out exactly what this is for. 😅
* Use (potentially) changed URL for browse redirects, as before
* Use filepath.ToSlash, clean up a couple proxy test cases
* Oops, fix variable name
2017-05-02 00:11:10 -05:00
|
|
|
continue
|
2016-06-21 09:59:29 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestIfMatcher(t *testing.T) {
|
|
|
|
tests := []struct {
|
|
|
|
conditions []string
|
|
|
|
isOr bool
|
|
|
|
isTrue bool
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
[]string{
|
|
|
|
"a is a",
|
|
|
|
"b is b",
|
|
|
|
"c is c",
|
|
|
|
},
|
|
|
|
false,
|
|
|
|
true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
[]string{
|
|
|
|
"a is b",
|
|
|
|
"b is c",
|
|
|
|
"c is c",
|
|
|
|
},
|
|
|
|
true,
|
|
|
|
true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
[]string{
|
|
|
|
"a is a",
|
|
|
|
"b is a",
|
|
|
|
"c is c",
|
|
|
|
},
|
|
|
|
false,
|
|
|
|
false,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
[]string{
|
|
|
|
"a is b",
|
|
|
|
"b is c",
|
|
|
|
"c is a",
|
|
|
|
},
|
|
|
|
true,
|
|
|
|
false,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
[]string{},
|
|
|
|
false,
|
|
|
|
true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
[]string{},
|
|
|
|
true,
|
|
|
|
false,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
for i, test := range tests {
|
|
|
|
matcher := IfMatcher{isOr: test.isOr}
|
|
|
|
for _, condition := range test.conditions {
|
|
|
|
str := strings.Fields(condition)
|
|
|
|
ifCond, err := newIfCond(str[0], str[1], str[2])
|
|
|
|
if err != nil {
|
|
|
|
t.Error(err)
|
|
|
|
}
|
|
|
|
matcher.ifs = append(matcher.ifs, ifCond)
|
|
|
|
}
|
|
|
|
isTrue := matcher.Match(nil)
|
|
|
|
if isTrue != test.isTrue {
|
|
|
|
t.Errorf("Test %d: expected %v found %v", i, test.isTrue, isTrue)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestSetupIfMatcher(t *testing.T) {
|
2017-07-30 10:33:59 -05:00
|
|
|
rex_b, _ := regexp.Compile("b")
|
2016-06-21 09:59:29 -05:00
|
|
|
tests := []struct {
|
|
|
|
input string
|
|
|
|
shouldErr bool
|
|
|
|
expected IfMatcher
|
|
|
|
}{
|
|
|
|
{`test {
|
|
|
|
if a match b
|
|
|
|
}`, false, IfMatcher{
|
|
|
|
ifs: []ifCond{
|
2017-07-30 10:33:59 -05:00
|
|
|
{a: "a", op: "match", b: "b", neg: false, rex: rex_b},
|
2016-06-21 09:59:29 -05:00
|
|
|
},
|
|
|
|
}},
|
|
|
|
{`test {
|
|
|
|
if a match b
|
|
|
|
if_op or
|
|
|
|
}`, false, IfMatcher{
|
|
|
|
ifs: []ifCond{
|
2017-07-30 10:33:59 -05:00
|
|
|
{a: "a", op: "match", b: "b", neg: false, rex: rex_b},
|
2016-06-21 09:59:29 -05:00
|
|
|
},
|
|
|
|
isOr: true,
|
|
|
|
}},
|
|
|
|
{`test {
|
|
|
|
if a match
|
|
|
|
}`, true, IfMatcher{},
|
|
|
|
},
|
|
|
|
{`test {
|
2016-09-05 11:20:34 -05:00
|
|
|
if a isn't b
|
2016-06-21 09:59:29 -05:00
|
|
|
}`, true, IfMatcher{},
|
|
|
|
},
|
|
|
|
{`test {
|
|
|
|
if a match b c
|
|
|
|
}`, true, IfMatcher{},
|
|
|
|
},
|
|
|
|
{`test {
|
|
|
|
if goal has go
|
2017-05-25 07:01:24 -05:00
|
|
|
if cook not_has go
|
2016-06-21 09:59:29 -05:00
|
|
|
}`, false, IfMatcher{
|
|
|
|
ifs: []ifCond{
|
2017-06-15 17:45:42 -05:00
|
|
|
{a: "goal", op: "has", b: "go", neg: false},
|
|
|
|
{a: "cook", op: "has", b: "go", neg: true},
|
2016-06-21 09:59:29 -05:00
|
|
|
},
|
|
|
|
}},
|
|
|
|
{`test {
|
|
|
|
if goal has go
|
2017-05-25 07:01:24 -05:00
|
|
|
if cook not_has go
|
2016-06-21 09:59:29 -05:00
|
|
|
if_op and
|
|
|
|
}`, false, IfMatcher{
|
|
|
|
ifs: []ifCond{
|
2017-06-15 17:45:42 -05:00
|
|
|
{a: "goal", op: "has", b: "go", neg: false},
|
|
|
|
{a: "cook", op: "has", b: "go", neg: true},
|
2016-06-21 09:59:29 -05:00
|
|
|
},
|
|
|
|
}},
|
|
|
|
{`test {
|
|
|
|
if goal has go
|
2017-05-25 07:01:24 -05:00
|
|
|
if cook not_has go
|
2016-06-21 09:59:29 -05:00
|
|
|
if_op not
|
|
|
|
}`, true, IfMatcher{},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
for i, test := range tests {
|
|
|
|
c := caddy.NewTestController("http", test.input)
|
|
|
|
c.Next()
|
2017-07-30 10:33:59 -05:00
|
|
|
|
2016-07-21 09:42:38 -05:00
|
|
|
matcher, err := SetupIfMatcher(c)
|
2016-06-21 09:59:29 -05:00
|
|
|
if err == nil && test.shouldErr {
|
|
|
|
t.Errorf("Test %d didn't error, but it should have", i)
|
|
|
|
} else if err != nil && !test.shouldErr {
|
|
|
|
t.Errorf("Test %d errored, but it shouldn't have; got '%v'", i, err)
|
|
|
|
} else if err != nil && test.shouldErr {
|
|
|
|
continue
|
|
|
|
}
|
2017-07-30 10:33:59 -05:00
|
|
|
|
|
|
|
test_if, ok := matcher.(IfMatcher)
|
|
|
|
if !ok {
|
2016-06-21 09:59:29 -05:00
|
|
|
t.Error("RequestMatcher should be of type IfMatcher")
|
|
|
|
}
|
2017-07-30 10:33:59 -05:00
|
|
|
|
2016-06-21 09:59:29 -05:00
|
|
|
if err != nil {
|
|
|
|
t.Errorf("Expected no error, but got: %v", err)
|
|
|
|
}
|
2017-07-30 10:33:59 -05:00
|
|
|
|
|
|
|
if len(test_if.ifs) != len(test.expected.ifs) {
|
|
|
|
t.Errorf("Test %d: Expected %d ifConditions, found %v", i,
|
|
|
|
len(test.expected.ifs), len(test_if.ifs))
|
|
|
|
}
|
|
|
|
|
|
|
|
for j, if_c := range test_if.ifs {
|
|
|
|
expected_c := test.expected.ifs[j]
|
|
|
|
|
|
|
|
if if_c.a != expected_c.a {
|
|
|
|
t.Errorf("Test %d, ifCond %d: Expected A=%s, got %s",
|
|
|
|
i, j, if_c.a, expected_c.a)
|
|
|
|
}
|
|
|
|
|
|
|
|
if if_c.op != expected_c.op {
|
|
|
|
t.Errorf("Test %d, ifCond %d: Expected Op=%s, got %s",
|
|
|
|
i, j, if_c.op, expected_c.op)
|
|
|
|
}
|
|
|
|
|
|
|
|
if if_c.b != expected_c.b {
|
|
|
|
t.Errorf("Test %d, ifCond %d: Expected B=%s, got %s",
|
|
|
|
i, j, if_c.b, expected_c.b)
|
|
|
|
}
|
|
|
|
|
|
|
|
if if_c.neg != expected_c.neg {
|
|
|
|
t.Errorf("Test %d, ifCond %d: Expected Neg=%v, got %v",
|
|
|
|
i, j, if_c.neg, expected_c.neg)
|
|
|
|
}
|
|
|
|
|
|
|
|
if expected_c.rex != nil && if_c.rex == nil {
|
|
|
|
t.Errorf("Test %d, ifCond %d: Expected Rex=%v, got <nil>",
|
|
|
|
i, j, expected_c.rex)
|
|
|
|
}
|
|
|
|
|
|
|
|
if expected_c.rex == nil && if_c.rex != nil {
|
|
|
|
t.Errorf("Test %d, ifCond %d: Expected Rex=<nil>, got %v",
|
|
|
|
i, j, if_c.rex)
|
|
|
|
}
|
|
|
|
|
|
|
|
if expected_c.rex != nil && if_c.rex != nil {
|
|
|
|
if if_c.rex.String() != expected_c.rex.String() {
|
|
|
|
t.Errorf("Test %d, ifCond %d: Expected Rex=%v, got %v",
|
|
|
|
i, j, if_c.rex, expected_c.rex)
|
|
|
|
}
|
|
|
|
}
|
2016-06-21 09:59:29 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2016-06-21 14:41:09 -05:00
|
|
|
|
|
|
|
func TestIfMatcherKeyword(t *testing.T) {
|
|
|
|
tests := []struct {
|
|
|
|
keyword string
|
|
|
|
expected bool
|
|
|
|
}{
|
|
|
|
{"if", true},
|
|
|
|
{"ifs", false},
|
|
|
|
{"tls", false},
|
|
|
|
{"http", false},
|
|
|
|
{"if_op", true},
|
|
|
|
{"if_type", false},
|
|
|
|
{"if_cond", false},
|
|
|
|
}
|
2016-07-21 09:42:38 -05:00
|
|
|
|
2016-06-21 14:41:09 -05:00
|
|
|
for i, test := range tests {
|
2016-07-21 09:42:38 -05:00
|
|
|
c := caddy.NewTestController("http", test.keyword)
|
|
|
|
c.Next()
|
|
|
|
valid := IfMatcherKeyword(c)
|
2016-06-21 14:41:09 -05:00
|
|
|
if valid != test.expected {
|
|
|
|
t.Errorf("Test %d: expected %v found %v", i, test.expected, valid)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|