def test_untrusted_Origins_are_not_allowed_with_OriginCheck_Trusted(agent): # When using WebSocketOriginCheck Trusted, even a same-origin request isn't # good enough if the origin is not on the whitelist. response = yield make_request(agent, path='/origin-whitelist', origin=make_root()) assert response.code == 403 client.readBody(response).cancel() # immediately close the connection
def good_origin_response(agent, request): """ A fixture that performs a handshake with an Origin that matches the server. """ host = make_authority(host=request.param[0]) origin = make_root(host=request.param[0]) version = request.param[1] response = pytest.blockon( make_request(agent, origin=origin, host=host, version=version)) yield response client.readBody(response).cancel() # immediately close the connection
def good_origin_response(agent, request): """ A fixture that performs a handshake with an Origin that matches the server. """ host = make_authority(host=request.param[0]) origin = make_root(host=request.param[0]) version = request.param[1] response = pytest.blockon(make_request(agent, origin=origin, host=host, version=version)) yield response client.readBody(response).cancel() # immediately close the connection
response = pytest.blockon( make_request(agent, origin=origin, host=host, version=version)) yield response client.readBody(response).cancel() # immediately close the connection # For use in the mismatched Origin tests. OPPOSITE_SCHEME = 'https' if (SCHEME == 'http') else 'http' @pytest.yield_fixture( params=[["http://not-my-origin.com", None, None], ["http://not-my-origin.com", None, '7'], ["http://not-my-origin.com", None, '8'], [make_root(port=55), None, None], [OPPOSITE_SCHEME + "://" + make_authority(), None, None], [make_root(), make_authority(port=55), None]]) def bad_origin_response(agent, request): """ A fixture that performs a good handshake, but with an Origin that does not match the server. """ origin = request.param[0] host = request.param[1] version = request.param[2] response = pytest.blockon( make_request(agent, origin=origin, host=host, version=version)) yield response client.readBody(response).cancel() # immediately close the connection
import autobahn.twisted.websocket as ws import pytest import struct from twisted.internet import defer from testutil.websocket import make_root, SCHEME CLOSE_CODE_NORMAL_CLOSURE = 1000 CLOSE_CODE_MESSAGE_TOO_BIG = 1009 OPCODE_CONTINUATION = 0x0 OPCODE_TEXT = 0x1 ROOT = make_root("wss" if (SCHEME == "https") else "ws") # # Autobahn Subclasses # class MessageTestProtocol(ws.WebSocketClientProtocol): """ Implements WebSocketClientProtocol for the message tests. The opened and closed attributes are Deferreds that can be waited on. The closed Deferred will return the received close code in its callback. """ def __init__(self): ws.WebSocketClientProtocol.__init__(self)
origin = make_root(host=request.param[0]) version = request.param[1] response = pytest.blockon(make_request(agent, origin=origin, host=host, version=version)) yield response client.readBody(response).cancel() # immediately close the connection # For use in the mismatched Origin tests. OPPOSITE_SCHEME = 'https' if (SCHEME == 'http') else 'http' @pytest.yield_fixture(params=[ ["http://not-my-origin.com", None, None], ["http://not-my-origin.com", None, '7'], ["http://not-my-origin.com", None, '8'], [make_root(port=55), None, None], [OPPOSITE_SCHEME + "://" + make_authority(), None, None], [make_root(), make_authority(port=55), None] ]) def bad_origin_response(agent, request): """ A fixture that performs a good handshake, but with an Origin that does not match the server. """ origin = request.param[0] host = request.param[1] version = request.param[2] response = pytest.blockon(make_request(agent, origin=origin, host=host, version=version)) yield response
import autobahn.twisted.websocket as ws import pytest from twisted.internet import defer from testutil.websocket import make_root, SCHEME CLOSE_CODE_PROTOCOL_ERROR = 1002 ROOT = make_root("wss" if (SCHEME == "https") else "ws") # # Autobahn Subclasses # class CloseTestProtocol(ws.WebSocketClientProtocol): """ Implements WebSocketClientProtocol for the close tests. The opened and closed attributes are Deferreds that can be waited on. The closed Deferred will return the received close code in its callback. """ def __init__(self): ws.WebSocketClientProtocol.__init__(self) self.opened = defer.Deferred() self.closed = defer.Deferred() def onOpen(self): self.opened.callback(None)