def test_invalid_cookie_from_string(self): cookie = "_cookie_session1234c12d4p312341243" self.assertIsNone(utils.cookie_from_string(cookie)) cookie = "_cookie_session==1234c12d4p312341243" self.assertIsNone(utils.cookie_from_string(cookie)) cookie = "_cookie_session:123s234c1234d12" self.assertIsNone(utils.cookie_from_string(cookie))
def test_strict_cookies(self): valid_cookie = '_cookie_session="1234c12d4p=312341243";' \ 'expires=Thu, 29 Jan 2015 13:51:41 GMT; httponly;' \ 'secure;Path=/gitlab' self.assertDictContainsSubset( { 'expires': 'Thu, 29 Jan 2015 13:51:41 GMT', 'value': '1234c12d4p=312341243', }, utils.cookie_from_string(valid_cookie, strict_cookies=True), ) invalid_cookie = "_cookie_session:xyz" self.assertIsNone(utils.cookie_from_string(invalid_cookie, strict_cookies=True))
def test_strict_cookies(self): valid_cookie = '_cookie_session="1234c12d4p=312341243";' \ 'expires=Thu, 29 Jan 2015 13:51:41 GMT; httponly;' \ 'secure;Path=/gitlab' self.assertDictContainsSubset( { 'expires': 'Thu, 29 Jan 2015 13:51:41 GMT', 'value': '1234c12d4p=312341243', }, utils.cookie_from_string(valid_cookie, strict_cookies=True), ) invalid_cookie = "_cookie_session:xyz" self.assertIsNone( utils.cookie_from_string(invalid_cookie, strict_cookies=True))
def test_get_dict_in_cookie_from_string(self): cookie = "_cookie_session = 1266bb13c139cfba3ed1c9c68110bae9;" \ "expires=Thu, 29 Jan 2015 13:51:41 -0000; httponly;" \ "Path=/gitlab" my_dict = utils.cookie_from_string(cookie) self.assertIs(type(my_dict), dict)
def test_quoted_value_cookies(self): valid_cookie = '_cookie_session="1234c12d4p=312341243";' \ 'expires=Thu, 29 Jan 2015 13:51:41 GMT; httponly;' \ 'secure;Path="/gitlab"' self.assertDictContainsSubset( { 'expires': 'Thu, 29 Jan 2015 13:51:41 GMT', 'value': '1234c12d4p=312341243', 'path': '/gitlab', }, utils.cookie_from_string(valid_cookie), )
def test_invalid_attr_cookie_from_string(self): cookie = "_cookie=2j3d4k35f466l7fj9;path=/;None;" self.assertNotIn("None", utils.cookie_from_string(cookie)) self.assertIn("value", utils.cookie_from_string(cookie)) self.assertIn("2j3d4k35f466l7fj9", utils.cookie_from_string(cookie)["value"]) self.assertIn("key", utils.cookie_from_string(cookie)) self.assertIn("_cookie", utils.cookie_from_string(cookie)["key"]) self.assertIn("path", utils.cookie_from_string(cookie)) self.assertIn("/", utils.cookie_from_string(cookie)["path"])
def test_invalid_attr_cookie_from_string(self): cookie = "_cookie=2j3d4k35f466l7fj9;path=/;None;" self.assertNotIn('None', utils.cookie_from_string(cookie)) self.assertIn('value', utils.cookie_from_string(cookie)) self.assertIn('2j3d4k35f466l7fj9', utils.cookie_from_string(cookie)['value']) self.assertIn('key', utils.cookie_from_string(cookie)) self.assertIn('_cookie', utils.cookie_from_string(cookie)['key']) self.assertIn('path', utils.cookie_from_string(cookie)) self.assertIn('/', utils.cookie_from_string(cookie)['path'])
def get_django_response(proxy_response, strict_cookies=False): """This method is used to create an appropriate response based on the Content-Length of the proxy_response. If the content is bigger than MIN_STREAMING_LENGTH, which is found on utils.py, than django.http.StreamingHttpResponse will be created, else a django.http.HTTPResponse will be created instead :param proxy_response: An Instance of urllib3.response.HTTPResponse that will create an appropriate response :param strict_cookies: Whether to only accept RFC-compliant cookies :returns: Returns an appropriate response based on the proxy_response content-length """ status = proxy_response.status headers = proxy_response.headers logger.debug("Proxy response headers: %s", headers) content_type = headers.get("Content-Type") logger.debug("Content-Type: %s", content_type) if should_stream(proxy_response): logger.info("Content-Length is bigger than %s", DEFAULT_AMT) s = proxy_response.stream(DEFAULT_AMT) response = StreamingHttpResponse(s, status=status, content_type=content_type) else: content = proxy_response.data or b"" response = HttpResponse(content, status=status, content_type=content_type) logger.info("Normalizing response headers") set_response_headers(response, headers) logger.debug("Response headers: %s", getattr(response, "_headers")) cookies = proxy_response.headers.getlist("set-cookie") logger.info("Checking for invalid cookies") for cookie_string in cookies: cookie_dict = cookie_from_string(cookie_string, strict_cookies=strict_cookies) # if cookie is invalid cookie_dict will be None if cookie_dict: response.set_cookie(**cookie_dict) logger.debug("Response cookies: %s", response.cookies) return response
def test_None_value_cookie_from_string(self): cookie = "_cookie_session=" self.assertIn("_cookie_session", utils.cookie_from_string(cookie)["key"]) self.assertIn("", utils.cookie_from_string(cookie)["value"])
def test_valid_attr_in_cookie_from_string(self): cookie = ( "_cookie_session=1266bb13c139cfba3ed1c9c68110bae9;" "expires=Thu, 29 Jan 2015 13:51:41 -0000; httponly;" "secure;Path=/gitlab" ) self.assertIn("path", utils.cookie_from_string(cookie)) self.assertIn("/", utils.cookie_from_string(cookie)["path"]) self.assertIn("expires", utils.cookie_from_string(cookie)) self.assertIn("Thu, 29 Jan 2015 13:51:41 -0000", utils.cookie_from_string(cookie)["expires"]) self.assertIn("httponly", utils.cookie_from_string(cookie)) self.assertTrue(utils.cookie_from_string(cookie)["httponly"]) self.assertIn("secure", utils.cookie_from_string(cookie)) self.assertTrue(utils.cookie_from_string(cookie)["secure"]) self.assertIn("value", utils.cookie_from_string(cookie)) self.assertIn("1266bb13c139cfba3ed1c9c68110bae9", utils.cookie_from_string(cookie)["value"]) self.assertIn("key", utils.cookie_from_string(cookie)) self.assertIn("_cookie_session", utils.cookie_from_string(cookie)["key"])
def test_value_exeption_cookie_from_string(self): cookie = "_cookie=k2j3l;path=/,comment=teste;httponly" self.assertIsNotNone(utils.cookie_from_string(cookie))
def test_ignore_comment_cookie_from_string(self): cookie = "_cookie=k2j3l;path=/;comment=this is a new comment;secure" self.assertNotIn('comment', utils.cookie_from_string(cookie))
def test_valid_attr_in_cookie_from_string(self): cookie = "_cookie_session=1266bb13c139cfba3ed1c9c68110bae9;" \ "expires=Thu, 29 Jan 2015 13:51:41 -0000; httponly;" \ "secure;Path=/gitlab;max-age=60;samesite=lax" self.assertIn('path', utils.cookie_from_string(cookie)) self.assertIn('/', utils.cookie_from_string(cookie)['path']) self.assertIn('expires', utils.cookie_from_string(cookie)) self.assertIn('Thu, 29 Jan 2015 13:51:41 -0000', utils.cookie_from_string(cookie)['expires']) self.assertIn('httponly', utils.cookie_from_string(cookie)) self.assertTrue(utils.cookie_from_string(cookie)['httponly']) self.assertIn('secure', utils.cookie_from_string(cookie)) self.assertTrue(utils.cookie_from_string(cookie)['secure']) self.assertIn('samesite', utils.cookie_from_string(cookie)) self.assertIn('lax', utils.cookie_from_string(cookie)['samesite']) self.assertIn('max_age', utils.cookie_from_string(cookie)) self.assertIn('60', utils.cookie_from_string(cookie)['max_age']) self.assertIn('value', utils.cookie_from_string(cookie)) self.assertIn('1266bb13c139cfba3ed1c9c68110bae9', utils.cookie_from_string(cookie)['value']) self.assertIn('key', utils.cookie_from_string(cookie)) self.assertIn('_cookie_session', utils.cookie_from_string(cookie)['key'])
def test_None_value_cookie_from_string(self): cookie = "_cookie_session=" self.assertIn('_cookie_session', utils.cookie_from_string(cookie)['key']) self.assertIn('', utils.cookie_from_string(cookie)['value'])
def test_valid_attr_in_cookie_from_string(self): cookie = "_cookie_session=1266bb13c139cfba3ed1c9c68110bae9;" \ "expires=Thu, 29 Jan 2015 13:51:41 -0000; httponly;" \ "secure;Path=/gitlab" self.assertIn('path', utils.cookie_from_string(cookie)) self.assertIn('/', utils.cookie_from_string(cookie)['path']) self.assertIn('expires', utils.cookie_from_string(cookie)) self.assertIn('Thu, 29 Jan 2015 13:51:41 -0000', utils.cookie_from_string(cookie)['expires']) self.assertIn('httponly', utils.cookie_from_string(cookie)) self.assertTrue(utils.cookie_from_string(cookie)['httponly']) self.assertIn('secure', utils.cookie_from_string(cookie)) self.assertTrue(utils.cookie_from_string(cookie)['secure']) self.assertIn('value', utils.cookie_from_string(cookie)) self.assertIn('1266bb13c139cfba3ed1c9c68110bae9', utils.cookie_from_string(cookie)['value']) self.assertIn('key', utils.cookie_from_string(cookie)) self.assertIn('_cookie_session', utils.cookie_from_string(cookie)['key'])