def test_cookie_monitoring_max_group(self, mock_set_custom_attribute, mock_capture_cookie_sizes):
mock_capture_cookie_sizes.is_enabled.return_value = True
middleware = CookieMonitoringMiddleware()
mock_request = Mock()
mock_request.COOKIES = {
"a": "." * 10,
"b_a": "." * 15,
"b_c": "." * 20,
}
middleware.process_request(mock_request)
mock_set_custom_attribute.assert_has_calls([
call('cookies.1.name', 'b_c'),
call('cookies.1.size', 20),
call('cookies.2.name', 'b_a'),
call('cookies.2.size', 15),
call('cookies.3.name', 'a'),
call('cookies.3.size', 10),
call('cookies.group.1.name', 'b'),
call('cookies.group.1.size', 35),
call('cookies.max.name', 'b_c'),
call('cookies.max.size', 20),
call('cookies.max.group.name', 'b'),
call('cookies.max.group.size', 35),
call('cookies_total_size', 45)
])
def test_cookie_monitoring_no_groups(self, mock_set_custom_attribute,
mock_capture_cookie_sizes):
mock_capture_cookie_sizes.is_enabled.return_value = True
middleware = CookieMonitoringMiddleware()
cookies_dict = {
"a": "." * 10,
"b": "." * 15,
}
factory = RequestFactory()
for name, value in cookies_dict.items():
factory.cookies[name] = value
mock_request = factory.request()
middleware.process_request(mock_request)
mock_set_custom_attribute.assert_has_calls([
call('cookies.max.name', 'b'),
call('cookies.max.size', 15),
call('cookies.1.name', 'b'),
call('cookies.1.size', 15),
call('cookies.2.name', 'a'),
call('cookies.2.size', 10),
call('cookies_total_size', 25),
],
any_order=True)
def test_cookie_monitoring(self, mock_set_custom_attribute,
mock_capture_cookie_sizes):
mock_capture_cookie_sizes.is_enabled.return_value = True
middleware = CookieMonitoringMiddleware()
cookies_dict = {
"a": "." * 100,
"_b": "." * 13,
"_c_": "." * 13,
"a.b": "." * 10,
"a.c": "." * 10,
"b.": "." * 13,
"b_a": "." * 15,
"b_c": "." * 15,
"d": "." * 3,
}
factory = RequestFactory()
for name, value in cookies_dict.items():
factory.cookies[name] = value
mock_request = factory.request()
middleware.process_request(mock_request)
mock_set_custom_attribute.assert_has_calls([
call('cookies.1.name', 'a'),
call('cookies.1.size', 100),
call('cookies.2.name', 'b_a'),
call('cookies.2.size', 15),
call('cookies.3.name', 'b_c'),
call('cookies.3.size', 15),
call('cookies.4.name', '_b'),
call('cookies.4.size', 13),
call('cookies.5.name', '_c_'),
call('cookies.5.size', 13),
call('cookies.6.name', 'b.'),
call('cookies.6.size', 13),
call('cookies.7.name', 'a.b'),
call('cookies.7.size', 10),
call('cookies.8.name', 'a.c'),
call('cookies.8.size', 10),
call('cookies.group.1.name', 'b'),
call('cookies.group.1.size', 43),
call('cookies.group.2.name', 'a'),
call('cookies.group.2.size', 20),
call('cookies.max.name', 'a'),
call('cookies.max.size', 100),
call('cookies.max.group.name', 'a'),
call('cookies.max.group.size', 100),
call('cookies_total_size', 192),
call('cookies_unaccounted_size', 3),
call('cookies_total_num', 9),
call('cookies.header.size', 238)
],
any_order=True)
def test_cookie_monitoring_no_cookies(self, mock_set_custom_attribute, mock_capture_cookie_sizes):
mock_capture_cookie_sizes.is_enabled.return_value = True
middleware = CookieMonitoringMiddleware()
mock_request = Mock()
mock_request.COOKIES = {}
middleware.process_request(mock_request)
mock_set_custom_attribute.assert_has_calls([call('cookies_total_size', 0)], any_order=True)
def test_cookie_monitoring(self, mock_set_custom_attribute, mock_capture_cookie_sizes):
mock_capture_cookie_sizes.is_enabled.return_value = True
middleware = CookieMonitoringMiddleware()
mock_request = Mock()
mock_request.COOKIES = {
"a": "." * 100,
"_b": "." * 13,
"_c_": "." * 13,
"a.b": "." * 10,
"a.c": "." * 10,
"b.": "." * 13,
"b_a": "." * 15,
"b_c": "." * 15,
"d": "." * 3,
}
middleware.process_request(mock_request)
mock_set_custom_attribute.assert_has_calls([
call('cookies.1.name', 'a'),
call('cookies.1.size', 100),
call('cookies.2.name', 'b_a'),
call('cookies.2.size', 15),
call('cookies.3.name', 'b_c'),
call('cookies.3.size', 15),
call('cookies.4.name', '_b'),
call('cookies.4.size', 13),
call('cookies.5.name', '_c_'),
call('cookies.5.size', 13),
call('cookies.6.name', 'b.'),
call('cookies.6.size', 13),
call('cookies.7.name', 'a.b'),
call('cookies.7.size', 10),
call('cookies.8.name', 'a.c'),
call('cookies.8.size', 10),
call('cookies.group.1.name', 'b'),
call('cookies.group.1.size', 43),
call('cookies.group.2.name', 'a'),
call('cookies.group.2.size', 20),
call('cookies.max.name', 'a'),
call('cookies.max.size', 100),
call('cookies.max.group.name', 'a'),
call('cookies.max.group.size', 100),
call('cookies_total_size', 192),
call('cookies_unaccounted_size', 3),
call('cookies_total_num', 9),
], any_order=True)
def test_basic_cookie_monitoring(self, mock_set_custom_attribute, mock_capture_cookie_sizes):
mock_capture_cookie_sizes.is_enabled.return_value = False
middleware = CookieMonitoringMiddleware()
cookies_dict = {'a': 'b'}
factory = RequestFactory()
for name, value in cookies_dict.items():
factory.cookies[name] = value
mock_request = factory.request()
middleware.process_request(mock_request)
mock_set_custom_attribute.assert_called_once_with('cookies.header.size', 3)
def test_log_encrypted_cookies_no_key(self, mock_encrypt,
mock_capture_cookie_sizes):
middleware = CookieMonitoringMiddleware()
cookies_dict = {
"a": "." * 10,
"b": "." * 15,
}
factory = RequestFactory()
for name, value in cookies_dict.items():
factory.cookies[name] = value
mock_request = factory.request()
middleware.process_request(mock_request)
mock_encrypt.assert_not_called()
def test_log_encrypted_cookies(self, mock_encrypt,
mock_capture_cookie_sizes):
middleware = CookieMonitoringMiddleware()
cookies_dict = {
"a": "." * 10,
"b": "." * 15,
}
factory = RequestFactory()
for name, value in cookies_dict.items():
factory.cookies[name] = value
mock_request = factory.request()
cookie_header = str(mock_request.META.get('HTTP_COOKIE', ''))
middleware.process_request(mock_request)
mock_encrypt.assert_has_calls([call(cookie_header, "fake-key")])
def test_cookie_monitoring_no_cookies(self, mock_set_custom_attribute, mock_capture_cookie_sizes):
mock_capture_cookie_sizes.is_enabled.return_value = True
middleware = CookieMonitoringMiddleware()
cookies_dict = {}
factory = RequestFactory()
for name, value in cookies_dict.items():
factory.cookies[name] = value
mock_request = factory.request()
middleware.process_request(mock_request)
mock_set_custom_attribute.assert_has_calls([
call('cookies_total_size', 0),
call('cookies.header.size', 0)
], any_order=True)
def test_empty_cookie_header_skips_sampling(self, mock_set_custom_attribute, mock_logger):
middleware = CookieMonitoringMiddleware(self.mock_response)
cookies_dict = {}
middleware(self.get_mock_request(cookies_dict))
mock_set_custom_attribute.assert_has_calls([
call('cookies.header.size', 0),
])
mock_logger.info.assert_not_called()
def test_cookie_monitoring_no_groups(self, mock_set_custom_attribute, mock_capture_cookie_sizes):
mock_capture_cookie_sizes.is_enabled.return_value = True
middleware = CookieMonitoringMiddleware()
mock_request = Mock()
mock_request.COOKIES = {
"a": "." * 10,
"b": "." * 15,
}
middleware.process_request(mock_request)
mock_set_custom_attribute.assert_has_calls([
call('cookies.max.name', 'b'),
call('cookies.max.size', 15),
call('cookies.1.name', 'b'),
call('cookies.1.size', 15),
call('cookies.2.name', 'a'),
call('cookies.2.size', 10),
call('cookies_total_size', 25),
], any_order=True)
def test_cookie_header_corrupt_monitoring(
self, corrupt_cookie_header, expected_corrupt_count, expected_corrupt_key_count, mock_set_custom_attribute
):
middleware = CookieMonitoringMiddleware(self.mock_response)
request = RequestFactory().request()
request.META['HTTP_COOKIE'] = corrupt_cookie_header
middleware(request)
mock_set_custom_attribute.assert_has_calls([
call('cookies.header.size', len(request.META['HTTP_COOKIE'])),
call('cookies.header.corrupt_count', expected_corrupt_count),
call('cookies.header.corrupt_key_count', expected_corrupt_key_count),
])
def test_cookie_monitoring_with_no_logging(
self, logging_threshold, sampling_request_count, mock_set_custom_attribute, mock_logger
):
middleware = CookieMonitoringMiddleware(self.mock_response)
cookies_dict = {'a': 'y'}
with override_settings(COOKIE_HEADER_SIZE_LOGGING_THRESHOLD=logging_threshold):
with override_settings(COOKIE_SAMPLING_REQUEST_COUNT=sampling_request_count):
middleware(self.get_mock_request(cookies_dict))
# expect monitoring of header size for all requests
mock_set_custom_attribute.assert_called_once_with('cookies.header.size', 3)
# cookie logging was not enabled, so nothing should be logged
mock_logger.info.assert_not_called()
def test_log_cookie_with_sampling(self, mock_set_custom_attribute, mock_logger):
middleware = CookieMonitoringMiddleware(self.mock_response)
cookies_dict = {
"a": "yy",
"b": "xxx",
"c": "z",
}
middleware(self.get_mock_request(cookies_dict))
mock_set_custom_attribute.assert_has_calls([
call('cookies.header.size', 16),
call('cookies.header.size.computed', 16)
])
mock_logger.info.assert_called_once_with(
"Sampled small (< 9999) cookie header. BEGIN-COOKIE-SIZES(total=16) b: 3, a: 2, c: 1 END-COOKIE-SIZES"
)
