def test_invalid_url_in_request(self):
"""
Tests that requests for "bad" urls are sent to the error page.
"Good" urls are defined as satisfying the default domain_regex from whitetrash.conf and using
a supported protocol (hardcoded in RedirectHandler._validate_request()
Some domains which don't match the default domain regular expression:
- more than 6 subdomains (i.e. everything apart from the top-level domain)
- any subdomain that's longer than 50 characters
- any top-level domain that's longer than 6 characters (longest is .museum)
Supported protocols are currently only HTTP and HTTPS
"""
expected = {"ssh://whitetrash.sf.net/ 10.133.9.60/- greg GET": RedirectMap.http_error_url,
"http://this.is.way.too.many.subdomains.to.be.reasonable.net/ " \
"10.133.9.60/- greg GET": RedirectMap.http_error_url,
"http://0123456789-0123456789-0123456789-0123456789-0123456789.net/ " \
"10.133.9.60/- greg GET": RedirectMap.http_error_url,
"http://whitetrash.sf.tldfail/ 10.133.9.60/- greg GET": RedirectMap.http_error_url}
self.write_stdin(expected.keys())
with squid.RedirectHandler(self.stdin, self.stdout) as redirect:
redirect.read_request()
redirects = self.read_redirects()
num_tests = 0
for input, ouput in redirects:
self.assertEqual(output, expected[input], "Squid input with bad client IP was accepted")
num_tests += 1
self.assertEqual(num_tests, len(redirects), "%s tests expected, only %s ran" % (len(redirects), num_tests))
def test_as_context_manager(self):
"""
Make sure the basic __enter__ and __exit__ of RedirectHandler work
"""
with squid.RedirectHandler() as redirect:
self.assertTrue(redirect)
self.assertTrue(redirect)
def test_invalid_http_method_in_request(self):
expected = {"http://whitetrash.sf.net/ 10.133.9.60/- greg TRACE": RedirectMap.http_error_url,
"http://whitetrash.sf.net/ 10.133.9.60/- greg ": RedirectMap.http_error_url}
self.write_stdin(expected.keys())
with squid.RedirectHandler(self.stdin, self.stdout) as redirect:
redirect.read_request()
redirects = self.read_redirects()
num_tests = 0
for input, ouput in redirects:
self.assertEqual(output, expected[input], "Squid input with bad client IP was accepted")
num_tests += 1
self.assertEqual(num_tests, len(redirects), "%s tests expected, only %s ran" % (len(redirects), num_tests))
def test_should_allow_whitelisted_domains(self):
expected = {"http://whitetrash.sf.net/ 10.133.9.60/- greg GET": "http://whitetrash.sf.net/",
"http://www.google.com/ 10.133.9.60/- greg ": "http://www.google.com/"}
self.write_stdin(expected.keys())
with squid.RedirectHandler(self.stdin, self.stdout) as redirect:
redirect.read_request()
redirect.evaluate_request()
redirects = self.read_redirects()
num_tests = 0
for input, ouput in redirects:
self.assertEqual(output, expected[input], "Whitelisted URL was not correctly forwarded")
num_tests += 1
self.assertEqual(num_tests, len(redirects), "%s tests expected, only %s ran" % (len(redirects), num_tests))
def test_read_request(self):
input = "http://whitetrash.sf.net/ 10.10.9.60/- greg GET"
url = "http://whitetrash.sf.net/"
client_ip = "10.10.9.60"
http_method = "GET"
protocol = Whitelist.get_protocol_choice("HTTP")
self.write_stdin(input)
with squid.RedirectHandler(self.stdin, self.stdout) as redirect:
redirect.read_request()
self.assertEqual(redirect.request.url, url, "Parsing URL from squid input failed")
self.assertEqual(redirect.request.client_ip, client_ip, "Parsing IP address from squid input failed")
self.assertEqual(redirect.request.http_method, http_method, "Parsing HTTP method from squid input failed")
self.assertEqual(redirect.protocol, protocol, "Parsing protocol from squid input failed")