def TestOneInput(data): fdp = atheris.FuzzedDataProvider(data) app = FuzzFlask("flask_test", root_path=os.path.dirname(__file__)) app.config["DEBUG"] = True app.config["TRAP_BAD_REQUEST_ERRORS"] = False @app.route("/json", methods=["POST"]) def post_json(): flask.request.get_json() return None parse_set_header(fdp.ConsumeUnicode(sys.maxsize)) client = app.test_client() try: app.add_url_rule( fdp.ConsumeUnicode(sys.maxsize), endpoint = "randomendpoint" ) except ValueError: None try: client.post( "/json", data=fdp.ConsumeUnicode(sys.maxsize), content_type="application/json" ) except (TypeError, UnicodeEncodeError): None
def TestOneInput(data): fdp = atheris.FuzzedDataProvider(data) whttp.parse_content_range_header(fdp.ConsumeUnicode(100)) whttp.parse_range_header(fdp.ConsumeUnicode(100)) whttp.parse_set_header(fdp.ConsumeUnicode(100)) whttp.parse_etags(fdp.ConsumeUnicode(100)) whttp.parse_if_range_header(fdp.ConsumeUnicode(100)) whttp.parse_dict_header(fdp.ConsumeUnicode(100))
def fget(self): def on_update(header_set): if not header_set and name in self.headers: del self.headers[name] elif header_set: self.headers[name] = header_set.to_header() return parse_set_header(self.headers.get(name), on_update)
def fix_headers(self, environ, headers, status=None): if self.fix_vary: header = headers.get("content-type", "") mimetype, options = parse_options_header(header) if mimetype not in ("text/html", "text/plain", "text/sgml"): headers.pop("vary", None) if self.fix_attach and "content-disposition" in headers: pragma = parse_set_header(headers.get("pragma", "")) pragma.discard("no-cache") header = pragma.to_header() if not header: headers.pop("pragma", "") else: headers["Pragma"] = header header = headers.get("cache-control", "") if header: cc = parse_cache_control_header(header, cls=ResponseCacheControl) cc.no_cache = None cc.no_store = False header = cc.to_header() if not header: headers.pop("cache-control", "") else: headers["Cache-Control"] = header
def fix_headers(self, environ, headers, status=None): if self.fix_vary: header = headers.get('content-type', '') mimetype, options = parse_options_header(header) if mimetype not in ('text/html', 'text/plain', 'text/sgml'): headers.pop('vary', None) if self.fix_attach and 'content-disposition' in headers: pragma = parse_set_header(headers.get('pragma', '')) pragma.discard('no-cache') header = pragma.to_header() if not header: headers.pop('pragma', '') else: headers['Pragma'] = header header = headers.get('cache-control', '') if header: cc = parse_cache_control_header(header, cls=ResponseCacheControl) cc.no_cache = None cc.no_store = False header = cc.to_header() if not header: headers.pop('cache-control', '') else: headers['Cache-Control'] = header
def common_asserts(app): c = app.test_client() assert c.get('/').data == b'GET' assert c.post('/').data == b'POST' assert c.put('/').status_code == 405 meths = parse_set_header(c.open('/', method='OPTIONS').headers['Allow']) assert sorted(meths) == ['GET', 'HEAD', 'OPTIONS', 'POST']
def test_typed_binding(self): @self.app.route('/x/<continent>') @self.app.bind('continent', CONTINENTS['<continent>#<continent>'], types=(LDP.RDFSource,)) def c0(continent): return '%s' % (continent) @self.app.route('/y/<continent>') @self.app.bind('continent', CONTINENTS['<continent>#<continent>'], types=(LDP.Resource,)) def c1(continent): return '%s' % (continent) @self.app.route('/z/<continent>') def c2(continent): return '%s' % (continent) headers = parse_set_header( self.client.open('/x/AF', method='PUT', data=PUT.format('AF')).headers['Link']) self.assertIn('RDFSource', ''.join(headers)) self.assertIn('Resource', ''.join(headers)) headers = parse_set_header( self.client.open('/y/AF', method='PUT', data=PUT.format('AF')).headers['Link']) self.assertIn('Resource', ''.join(headers)) self.assertNotIn('RDFSource', ''.join(headers)) headers = parse_set_header( self.client.get('/x/AF').headers['Link']) self.assertIn('Resource', ''.join(headers)) self.assertIn('NonRDFSource', ''.join(headers)) headers = parse_set_header( self.client.get('/y/AF').headers['Link']) self.assertIn('Resource', ''.join(headers)) self.assertIn('NonRDFSource', ''.join(headers)) headers = parse_set_header( self.client.get('/y/AF').headers['Link']) self.assertFalse(self.client.get('/z/AF').headers['Link'])
def common_test(self, app): c = app.test_client() self.assert_equal(c.get('/').data, b'GET') self.assert_equal(c.post('/').data, b'POST') self.assert_equal(c.put('/').status_code, 405) meths = parse_set_header(c.open('/', method='OPTIONS').headers['Allow']) self.assert_equal(sorted(meths), ['GET', 'HEAD', 'OPTIONS', 'POST'])
def make_default_options_response(self, *args, **kwargs): ''' Add `Accept-Patch` headers to default options ''' response = super(LDP, self).make_default_options_response(*args, **kwargs) if 'PATCH' in response.allow: header = parse_set_header(response.headers.get('Accept-Patch', '')) header.update(MIME_FORMAT.keys()) response.headers['Accept-Patch'] = header if 'POST' in response.allow: header = parse_set_header(response.headers.get('Accept-Post', '')) header.update(MIME_FORMAT.keys()) response.headers['Accept-Post'] = header return response
def common_test(self, app): c = app.test_client() self.assert_equal(c.get("/").data, b"GET") self.assert_equal(c.post("/").data, b"POST") self.assert_equal(c.put("/").status_code, 405) meths = parse_set_header(c.open("/", method="OPTIONS").headers["Allow"]) self.assert_equal(sorted(meths), ["GET", "HEAD", "OPTIONS", "POST"])
def test_set_header(self): hs = http.parse_set_header('foo, Bar, "Blah baz", Hehe') self.assert_true('blah baz' in hs) self.assert_true('foobar' not in hs) self.assert_true('foo' in hs) self.assert_equal(list(hs), ['foo', 'Bar', 'Blah baz', 'Hehe']) hs.add('Foo') self.assert_equal(hs.to_header(), 'foo, Bar, "Blah baz", Hehe')
def test_set_header(self): hs = http.parse_set_header('foo, Bar, "Blah baz", Hehe') assert "blah baz" in hs assert "foobar" not in hs assert "foo" in hs assert list(hs) == ["foo", "Bar", "Blah baz", "Hehe"] hs.add("Foo") assert hs.to_header() == 'foo, Bar, "Blah baz", Hehe'
def common_test(app): c = app.test_client() assert c.get("/").data == b"GET" assert c.post("/").data == b"POST" assert c.put("/").status_code == 405 meths = parse_set_header(c.open("/", method="OPTIONS").headers["Allow"]) assert sorted(meths) == ["GET", "HEAD", "OPTIONS", "POST"]
def test_set_header(self): hs = http.parse_set_header('foo, Bar, "Blah baz", Hehe') assert 'blah baz' in hs assert 'foobar' not in hs assert 'foo' in hs assert list(hs) == ['foo', 'Bar', 'Blah baz', 'Hehe'] hs.add('Foo') assert hs.to_header() == 'foo, Bar, "Blah baz", Hehe'
def fget(self: "Response") -> HeaderSet: def on_update(header_set: HeaderSet) -> None: if not header_set and name in self.headers: del self.headers[name] elif header_set: self.headers[name] = header_set.to_header() return parse_set_header(self.headers.get(name), on_update)
def test_set_header(self): hs = http.parse_set_header('foo, Bar, "Blah baz", Hehe') self.assert_('blah baz' in hs) self.assert_('foobar' not in hs) self.assert_('foo' in hs) self.assert_equal(list(hs), ['foo', 'Bar', 'Blah baz', 'Hehe']) hs.add('Foo') self.assert_equal(hs.to_header(), 'foo, Bar, "Blah baz", Hehe')
def test_set_header(self): hs = http.parse_set_header('foo, Bar, "Blah baz", Hehe') self.assert_true("blah baz" in hs) self.assert_true("foobar" not in hs) self.assert_true("foo" in hs) self.assert_equal(list(hs), ["foo", "Bar", "Blah baz", "Hehe"]) hs.add("Foo") self.assert_equal(hs.to_header(), 'foo, Bar, "Blah baz", Hehe')
def common_test(app): c = app.test_client() assert c.get('/').data == b'GET' assert c.post('/').data == b'POST' assert c.put('/').status_code == 405 meths = parse_set_header(c.open('/', method='OPTIONS').headers['Allow']) assert sorted(meths) == ['GET', 'HEAD', 'OPTIONS', 'POST']
def qop(self): def on_update(header_set): if not header_set and 'qop' in self: del self['qop'] elif header_set: self['qop'] = header_set.to_header() return parse_set_header(self.get('qop'), on_update)
def test_view_inheritance(app, client): class Index(flask.views.MethodView): def get(self): return 'GET' def post(self): return 'POST' class BetterIndex(Index): def delete(self): return 'DELETE' app.add_url_rule('/', view_func=BetterIndex.as_view('index')) meths = parse_set_header(client.open('/', method='OPTIONS').headers['Allow']) assert sorted(meths) == ['DELETE', 'GET', 'HEAD', 'OPTIONS', 'POST']
def test_view_inheritance(app, client): class Index(flask.views.MethodView): def get(self): return "GET" def post(self): return "POST" class BetterIndex(Index): def delete(self): return "DELETE" app.add_url_rule("/", view_func=BetterIndex.as_view("index")) meths = parse_set_header(client.open("/", method="OPTIONS").headers["Allow"]) assert sorted(meths) == ["DELETE", "GET", "HEAD", "OPTIONS", "POST"]
def test_view_inheritance(self): app = flask.Flask(__name__) class Index(flask.views.MethodView): def get(self): return 'GET' def post(self): return 'POST' class BetterIndex(Index): def delete(self): return 'DELETE' app.add_url_rule('/', view_func=BetterIndex.as_view('index')) c = app.test_client() meths = parse_set_header(c.open('/', method='OPTIONS').headers['Allow']) self.assert_equal(sorted(meths), ['DELETE', 'GET', 'HEAD', 'OPTIONS', 'POST'])
def resource_link_type(response): link = parse_set_header(response.headers.get('Link', '')) if request.url_rule is None: return response if request.url_rule.bound_to: link.update(('%s;rel=type' % t for t in request.url_rule.bound_to.resource_types)) elif request.url_rule in\ [getattr(r, 'bound_to', []) for r in current_app.url_map._rules]: link.update( ('%s;rel=type' % t for t in request.url_rule.resource_types)) response.headers['Link'] = link.to_header() return response
def test_view_inheritance(self): app = flask.Flask(__name__) class Index(flask.views.MethodView): def get(self): return "GET" def post(self): return "POST" class BetterIndex(Index): def delete(self): return "DELETE" app.add_url_rule("/", view_func=BetterIndex.as_view("index")) c = app.test_client() meths = parse_set_header(c.open("/", method="OPTIONS").headers["Allow"]) self.assert_equal(sorted(meths), ["DELETE", "GET", "HEAD", "OPTIONS", "POST"])
def access_control_allow_methods(self) -> Optional[HeaderSet]: if "Access-Control-Allow-Methods" in self.headers: return parse_set_header( self.headers["Access-Control-Allow-Methods"]) return None
def pragma(self): return parse_set_header(self.environ.get('HTTP_PRAGMA', ''))
def vary(self) -> HeaderSet: def on_update(header_set: HeaderSet) -> None: self.vary = header_set return parse_set_header(self.headers.get("Vary"), on_update=on_update)
def content_language(self) -> HeaderSet: def on_update(header_set: HeaderSet) -> None: self.content_language = header_set return parse_set_header(self.headers.get("Content-Language"), on_update=on_update)
def allow(self) -> HeaderSet: def on_update(header_set: HeaderSet) -> None: self.allow = header_set return parse_set_header(self.headers.get("Allow"), on_update=on_update)
def access_control_expose_headers(self) -> Optional[HeaderSet]: if "Access-Control-Expose-Headers" in self.headers: return parse_set_header( self.headers["Access-Control-Expose-Headers"]) return None
def access_control_request_headers(self) -> Optional[HeaderSet]: if "Access-Control-Request-Headers" in self.headers: return parse_set_header( self.headers["Access-Control-Request-Headers"]) return None
def pragma(self): return parse_set_header(self.environ.get("HTTP_PRAGMA", ""))
def pragma(self) -> HeaderSet: return parse_set_header(self.headers.get("Pragma"))