def test_untrusted_Origins_are_not_allowed_with_OriginCheck_Trusted(agent):
# When using WebSocketOriginCheck Trusted, even a same-origin request isn't
# good enough if the origin is not on the whitelist.
response = yield make_request(agent, path='/origin-whitelist',
origin=make_root())
assert response.code == 403
client.readBody(response).cancel() # immediately close the connection
def test_untrusted_Origins_are_not_allowed_with_OriginCheck_Trusted(agent):
# When using WebSocketOriginCheck Trusted, even a same-origin request isn't
# good enough if the origin is not on the whitelist.
response = yield make_request(agent,
path='/origin-whitelist',
origin=make_root())
assert response.code == 403
client.readBody(response).cancel() # immediately close the connection
def good_origin_response(agent, request):
"""
A fixture that performs a handshake with an Origin that matches the server.
"""
host = make_authority(host=request.param[0])
origin = make_root(host=request.param[0])
version = request.param[1]
response = pytest.blockon(
make_request(agent, origin=origin, host=host, version=version))
yield response
client.readBody(response).cancel() # immediately close the connection
def good_origin_response(agent, request):
"""
A fixture that performs a handshake with an Origin that matches the server.
"""
host = make_authority(host=request.param[0])
origin = make_root(host=request.param[0])
version = request.param[1]
response = pytest.blockon(make_request(agent, origin=origin, host=host,
version=version))
yield response
client.readBody(response).cancel() # immediately close the connection
response = pytest.blockon(
make_request(agent, origin=origin, host=host, version=version))
yield response
client.readBody(response).cancel() # immediately close the connection
# For use in the mismatched Origin tests.
OPPOSITE_SCHEME = 'https' if (SCHEME == 'http') else 'http'
@pytest.yield_fixture(
params=[["http://not-my-origin.com", None, None],
["http://not-my-origin.com", None, '7'],
["http://not-my-origin.com", None, '8'],
[make_root(port=55), None, None],
[OPPOSITE_SCHEME + "://" + make_authority(), None, None],
[make_root(), make_authority(port=55), None]])
def bad_origin_response(agent, request):
"""
A fixture that performs a good handshake, but with an Origin that does not
match the server.
"""
origin = request.param[0]
host = request.param[1]
version = request.param[2]
response = pytest.blockon(
make_request(agent, origin=origin, host=host, version=version))
yield response
client.readBody(response).cancel() # immediately close the connection
import autobahn.twisted.websocket as ws
import pytest
import struct
from twisted.internet import defer
from testutil.websocket import make_root, SCHEME
CLOSE_CODE_NORMAL_CLOSURE = 1000
CLOSE_CODE_MESSAGE_TOO_BIG = 1009
OPCODE_CONTINUATION = 0x0
OPCODE_TEXT = 0x1
ROOT = make_root("wss" if (SCHEME == "https") else "ws")
#
# Autobahn Subclasses
#
class MessageTestProtocol(ws.WebSocketClientProtocol):
"""
Implements WebSocketClientProtocol for the message tests.
The opened and closed attributes are Deferreds that can be waited on. The
closed Deferred will return the received close code in its callback.
"""
def __init__(self):
ws.WebSocketClientProtocol.__init__(self)
origin = make_root(host=request.param[0])
version = request.param[1]
response = pytest.blockon(make_request(agent, origin=origin, host=host,
version=version))
yield response
client.readBody(response).cancel() # immediately close the connection
# For use in the mismatched Origin tests.
OPPOSITE_SCHEME = 'https' if (SCHEME == 'http') else 'http'
@pytest.yield_fixture(params=[
["http://not-my-origin.com", None, None],
["http://not-my-origin.com", None, '7'],
["http://not-my-origin.com", None, '8'],
[make_root(port=55), None, None],
[OPPOSITE_SCHEME + "://" + make_authority(), None, None],
[make_root(), make_authority(port=55), None]
])
def bad_origin_response(agent, request):
"""
A fixture that performs a good handshake, but with an Origin that does not
match the server.
"""
origin = request.param[0]
host = request.param[1]
version = request.param[2]
response = pytest.blockon(make_request(agent, origin=origin, host=host,
version=version))
yield response
import autobahn.twisted.websocket as ws
import pytest
from twisted.internet import defer
from testutil.websocket import make_root, SCHEME
CLOSE_CODE_PROTOCOL_ERROR = 1002
ROOT = make_root("wss" if (SCHEME == "https") else "ws")
#
# Autobahn Subclasses
#
class CloseTestProtocol(ws.WebSocketClientProtocol):
"""
Implements WebSocketClientProtocol for the close tests.
The opened and closed attributes are Deferreds that can be waited on. The
closed Deferred will return the received close code in its callback.
"""
def __init__(self):
ws.WebSocketClientProtocol.__init__(self)
self.opened = defer.Deferred()
self.closed = defer.Deferred()
def onOpen(self):
self.opened.callback(None)