def test_is_forbidden(self):
handler = MixinHandler()
handler.is_open_to_public = True
handler.forbid_public_http = True
request = HTTPRequest('http://example.com/')
handler.request = request
context = Mock(address=('8.8.8.8', 8888),
trusted_downstream=['127.0.0.1'],
_orig_protocol='http')
request.connection = Mock(context=context)
self.assertTrue(handler.is_forbidden())
context = Mock(address=('8.8.8.8', 8888),
trusted_downstream=[],
_orig_protocol='http')
request.connection = Mock(context=context)
self.assertTrue(handler.is_forbidden())
context = Mock(address=('192.168.1.1', 8888),
trusted_downstream=[],
_orig_protocol='http')
request.connection = Mock(context=context)
self.assertIsNone(handler.is_forbidden())
context = Mock(address=('8.8.8.8', 8888),
trusted_downstream=[],
_orig_protocol='https')
request.connection = Mock(context=context)
self.assertIsNone(handler.is_forbidden())
def test_get_redirect_url(self):
mhandler = MixinHandler()
hostname = 'www.example.com'
uri = '/'
port = 443
self.assertEqual(mhandler.get_redirect_url(hostname, port, uri=uri),
'https://www.example.com/')
port = 4433
self.assertEqual(mhandler.get_redirect_url(hostname, port, uri),
'https://www.example.com:4433/')
def test_is_forbidden(self):
mhandler = MixinHandler()
handler.redirecting = True
options.fbidhttp = True
context = Mock(
address=('8.8.8.8', 8888),
trusted_downstream=['127.0.0.1'],
_orig_protocol='http'
)
hostname = '4.4.4.4'
self.assertTrue(mhandler.is_forbidden(context, hostname))
context = Mock(
address=('8.8.8.8', 8888),
trusted_downstream=[],
_orig_protocol='http'
)
hostname = 'www.google.com'
self.assertEqual(mhandler.is_forbidden(context, hostname), False)
context = Mock(
address=('8.8.8.8', 8888),
trusted_downstream=[],
_orig_protocol='http'
)
hostname = '4.4.4.4'
self.assertTrue(mhandler.is_forbidden(context, hostname))
context = Mock(
address=('192.168.1.1', 8888),
trusted_downstream=[],
_orig_protocol='http'
)
hostname = 'www.google.com'
self.assertIsNone(mhandler.is_forbidden(context, hostname))
options.fbidhttp = False
self.assertIsNone(mhandler.is_forbidden(context, hostname))
hostname = '4.4.4.4'
self.assertIsNone(mhandler.is_forbidden(context, hostname))
handler.redirecting = False
self.assertIsNone(mhandler.is_forbidden(context, hostname))
context._orig_protocol = 'https'
self.assertIsNone(mhandler.is_forbidden(context, hostname))
def test_is_forbidden(self):
handler = MixinHandler()
open_to_public['http'] = True
open_to_public['https'] = True
options.fbidhttp = True
options.redirect = True
context = Mock(address=('8.8.8.8', 8888),
trusted_downstream=['127.0.0.1'],
_orig_protocol='http')
self.assertTrue(handler.is_forbidden(context, ''))
context = Mock(address=('8.8.8.8', 8888),
trusted_downstream=[],
_orig_protocol='http')
hostname = 'www.google.com'
self.assertEqual(handler.is_forbidden(context, hostname), False)
context = Mock(address=('192.168.1.1', 8888),
trusted_downstream=[],
_orig_protocol='http')
self.assertIsNone(handler.is_forbidden(context, ''))
context = Mock(address=('8.8.8.8', 8888),
trusted_downstream=[],
_orig_protocol='https')
self.assertIsNone(handler.is_forbidden(context, ''))
context = Mock(address=('8.8.8.8', 8888),
trusted_downstream=[],
_orig_protocol='http')
hostname = '8.8.8.8'
self.assertTrue(handler.is_forbidden(context, hostname))
def test_get_real_client_addr(self):
x_forwarded_for = '1.1.1.1'
x_forwarded_port = 1111
x_real_ip = '2.2.2.2'
x_real_port = 2222
fake_port = 65535
mhandler = MixinHandler()
mhandler.request = HTTPServerRequest(uri='/')
mhandler.request.remote_ip = x_forwarded_for
self.assertIsNone(mhandler.get_real_client_addr())
mhandler.request.headers.add('X-Forwarded-For', x_forwarded_for)
self.assertEqual(mhandler.get_real_client_addr(),
(x_forwarded_for, fake_port))
mhandler.request.headers.add('X-Forwarded-Port', fake_port + 1)
self.assertEqual(mhandler.get_real_client_addr(),
(x_forwarded_for, fake_port))
mhandler.request.headers['X-Forwarded-Port'] = x_forwarded_port
self.assertEqual(mhandler.get_real_client_addr(),
(x_forwarded_for, x_forwarded_port))
mhandler.request.remote_ip = x_real_ip
mhandler.request.headers.add('X-Real-Ip', x_real_ip)
self.assertEqual(mhandler.get_real_client_addr(),
(x_real_ip, fake_port))
mhandler.request.headers.add('X-Real-Port', fake_port + 1)
self.assertEqual(mhandler.get_real_client_addr(),
(x_real_ip, fake_port))
mhandler.request.headers['X-Real-Port'] = x_real_port
self.assertEqual(mhandler.get_real_client_addr(),
(x_real_ip, x_real_port))
def test_get_real_client_addr(self):
handler = MixinHandler()
handler.request = HTTPServerRequest(uri='/')
self.assertIsNone(handler.get_real_client_addr())
ip = '127.0.0.1'
handler.request.headers.add('X-Real-Ip', ip)
self.assertEqual(handler.get_real_client_addr(), False)
handler.request.headers.add('X-Real-Port', '12345x')
self.assertEqual(handler.get_real_client_addr(), False)
handler.request.headers.update({'X-Real-Port': '12345'})
self.assertEqual(handler.get_real_client_addr(), (ip, 12345))
handler.request.headers.update({'X-Real-ip': None})
self.assertEqual(handler.get_real_client_addr(), False)
handler.request.headers.update({'X-Real-Port': '12345x'})
self.assertEqual(handler.get_real_client_addr(), False)
def test_get_client_addr(self):
mhandler = MixinHandler()
client_addr = ('8.8.8.8', 8888)
context_addr = ('127.0.0.1', 1234)
options.xheaders = True
mhandler.context = Mock(address=context_addr)
mhandler.get_real_client_addr = lambda: None
self.assertEqual(mhandler.get_client_addr(), context_addr)
mhandler.context = Mock(address=context_addr)
mhandler.get_real_client_addr = lambda: client_addr
self.assertEqual(mhandler.get_client_addr(), client_addr)
options.xheaders = False
mhandler.context = Mock(address=context_addr)
mhandler.get_real_client_addr = lambda: client_addr
self.assertEqual(mhandler.get_client_addr(), context_addr)
def test_get_real_client_addr(self):
x_forwarded_for = 'a.a.a.a, 1.1.1.1'
x_forwarded_port = 1111
x_real_ip = '2.2.2.2'
x_real_port = 2222
fake_port = 65535
mhandler = MixinHandler()
mhandler.request = HTTPServerRequest(uri='/')
mhandler.request.remote_ip = '4.4.4.4'
self.assertIsNone(mhandler.get_real_client_addr())
mhandler.request.headers.add('X-Forwarded-For', x_forwarded_for)
self.assertIsNone(mhandler.get_real_client_addr())
self.assertIsNone(mhandler.get_real_client_addr(True))
x_forwarded_for = '1.1.1.1, 4.4.4.4'
lst = [i.strip() for i in x_forwarded_for.split(',')]
x_forwarded_first, x_forwarded_last = lst[0], lst[-1]
mhandler.request.headers['X-Forwarded-For'] = x_forwarded_for
self.assertEqual(mhandler.get_real_client_addr(),
(x_forwarded_last, fake_port))
self.assertEqual(mhandler.get_real_client_addr(True),
(x_forwarded_first, fake_port))
mhandler.request.headers.add('X-Forwarded-Port', fake_port + 1)
self.assertEqual(mhandler.get_real_client_addr(),
(x_forwarded_last, fake_port))
self.assertEqual(mhandler.get_real_client_addr(True),
(x_forwarded_first, fake_port))
mhandler.request.headers['X-Forwarded-Port'] = x_forwarded_port
self.assertEqual(mhandler.get_real_client_addr(),
(x_forwarded_last, x_forwarded_port))
self.assertEqual(mhandler.get_real_client_addr(True),
(x_forwarded_first, x_forwarded_port))
mhandler.request.remote_ip = x_real_ip
mhandler.request.headers.add('X-Real-Ip', x_real_ip)
self.assertEqual(mhandler.get_real_client_addr(),
(x_real_ip, fake_port))
mhandler.request.headers.add('X-Real-Port', fake_port + 1)
self.assertEqual(mhandler.get_real_client_addr(),
(x_real_ip, fake_port))
mhandler.request.headers['X-Real-Port'] = x_real_port
self.assertEqual(mhandler.get_real_client_addr(),
(x_real_ip, x_real_port))
