2018-11-14 10:18:03 +01:00
|
|
|
package headers
|
|
|
|
|
|
|
|
// Middleware tests based on https://github.com/unrolled/secure
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2023-06-14 17:42:44 +02:00
|
|
|
"io"
|
2018-11-14 10:18:03 +01:00
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
2023-06-14 17:42:44 +02:00
|
|
|
"net/http/httptrace"
|
|
|
|
"net/textproto"
|
2018-11-14 10:18:03 +01:00
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/stretchr/testify/require"
|
2023-02-03 15:24:05 +01:00
|
|
|
"github.com/traefik/traefik/v3/pkg/config/dynamic"
|
|
|
|
"github.com/traefik/traefik/v3/pkg/tracing"
|
2018-11-14 10:18:03 +01:00
|
|
|
)
|
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
func TestNew_withoutOptions(t *testing.T) {
|
|
|
|
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) })
|
2018-11-14 10:18:03 +01:00
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
mid, err := New(context.Background(), next, dynamic.Headers{}, "testing")
|
|
|
|
require.Errorf(t, err, "headers configuration not valid")
|
2018-11-14 10:18:03 +01:00
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
assert.Nil(t, mid)
|
2018-11-14 10:18:03 +01:00
|
|
|
}
|
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
func TestNew_allowedHosts(t *testing.T) {
|
2018-11-14 10:18:03 +01:00
|
|
|
testCases := []struct {
|
|
|
|
desc string
|
|
|
|
fromHost string
|
|
|
|
expected int
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
desc: "Should accept the request when given a host that is in the list",
|
|
|
|
fromHost: "foo.com",
|
|
|
|
expected: http.StatusOK,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
desc: "Should refuse the request when no host is given",
|
|
|
|
fromHost: "",
|
|
|
|
expected: http.StatusInternalServerError,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
desc: "Should refuse the request when no matching host is given",
|
|
|
|
fromHost: "boo.com",
|
|
|
|
expected: http.StatusInternalServerError,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
emptyHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) })
|
|
|
|
|
|
|
|
cfg := dynamic.Headers{
|
2018-11-14 10:18:03 +01:00
|
|
|
AllowedHosts: []string{"foo.com", "bar.com"},
|
2020-09-01 18:16:04 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
mid, err := New(context.Background(), emptyHandler, cfg, "foo")
|
2018-11-14 10:18:03 +01:00
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
for _, test := range testCases {
|
|
|
|
test := test
|
|
|
|
t.Run(test.desc, func(t *testing.T) {
|
|
|
|
t.Parallel()
|
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
req := httptest.NewRequest(http.MethodGet, "/foo", nil)
|
2018-11-14 10:18:03 +01:00
|
|
|
req.Host = test.fromHost
|
2018-11-19 16:40:03 +01:00
|
|
|
|
|
|
|
rw := httptest.NewRecorder()
|
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
mid.ServeHTTP(rw, req)
|
|
|
|
|
|
|
|
assert.Equal(t, test.expected, rw.Code)
|
2018-11-19 16:40:03 +01:00
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
2019-04-02 03:40:04 -05:00
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
func TestNew_customHeaders(t *testing.T) {
|
|
|
|
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) })
|
2019-04-02 03:40:04 -05:00
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
cfg := dynamic.Headers{
|
|
|
|
CustomRequestHeaders: map[string]string{
|
|
|
|
"X-Custom-Request-Header": "test_request",
|
2019-04-02 03:40:04 -05:00
|
|
|
},
|
2020-09-01 18:16:04 +02:00
|
|
|
CustomResponseHeaders: map[string]string{
|
|
|
|
"X-Custom-Response-Header": "test_response",
|
2019-11-28 08:24:06 -06:00
|
|
|
},
|
2019-04-02 03:40:04 -05:00
|
|
|
}
|
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
mid, err := New(context.Background(), next, cfg, "testing")
|
|
|
|
require.NoError(t, err)
|
2019-04-02 03:40:04 -05:00
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
req := httptest.NewRequest(http.MethodGet, "/foo", nil)
|
2019-04-02 03:40:04 -05:00
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
rw := httptest.NewRecorder()
|
2019-04-02 03:40:04 -05:00
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
mid.ServeHTTP(rw, req)
|
2019-04-02 03:40:04 -05:00
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
assert.Equal(t, http.StatusOK, rw.Code)
|
2019-04-02 03:40:04 -05:00
|
|
|
assert.Equal(t, "test_request", req.Header.Get("X-Custom-Request-Header"))
|
2020-09-01 18:16:04 +02:00
|
|
|
assert.Equal(t, "test_response", rw.Header().Get("X-Custom-Response-Header"))
|
2019-04-02 03:40:04 -05:00
|
|
|
}
|
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
func Test_headers_getTracingInformation(t *testing.T) {
|
2019-04-02 03:40:04 -05:00
|
|
|
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})
|
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
mid := &headers{
|
2019-04-02 03:40:04 -05:00
|
|
|
handler: next,
|
|
|
|
name: "testing",
|
|
|
|
}
|
|
|
|
|
2020-09-01 18:16:04 +02:00
|
|
|
name, trace := mid.GetTracingInformation()
|
2019-04-02 03:40:04 -05:00
|
|
|
|
|
|
|
assert.Equal(t, "testing", name)
|
|
|
|
assert.Equal(t, tracing.SpanKindNoneEnum, trace)
|
|
|
|
}
|
2023-06-14 17:42:44 +02:00
|
|
|
|
|
|
|
// This test is an adapted version of net/http/httputil.Test1xxResponses test.
|
|
|
|
func Test1xxResponses(t *testing.T) {
|
|
|
|
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
h := w.Header()
|
|
|
|
h.Add("Link", "</style.css>; rel=preload; as=style")
|
|
|
|
h.Add("Link", "</script.js>; rel=preload; as=script")
|
|
|
|
w.WriteHeader(http.StatusEarlyHints)
|
|
|
|
|
|
|
|
h.Add("Link", "</foo.js>; rel=preload; as=script")
|
|
|
|
w.WriteHeader(http.StatusProcessing)
|
|
|
|
|
|
|
|
_, _ = w.Write([]byte("Hello"))
|
|
|
|
})
|
|
|
|
|
|
|
|
cfg := dynamic.Headers{
|
|
|
|
CustomResponseHeaders: map[string]string{
|
|
|
|
"X-Custom-Response-Header": "test_response",
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
mid, err := New(context.Background(), next, cfg, "testing")
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
|
|
|
server := httptest.NewServer(mid)
|
|
|
|
t.Cleanup(server.Close)
|
|
|
|
frontendClient := server.Client()
|
|
|
|
|
|
|
|
checkLinkHeaders := func(t *testing.T, expected, got []string) {
|
|
|
|
t.Helper()
|
|
|
|
|
|
|
|
if len(expected) != len(got) {
|
|
|
|
t.Errorf("Expected %d link headers; got %d", len(expected), len(got))
|
|
|
|
}
|
|
|
|
|
|
|
|
for i := range expected {
|
|
|
|
if i >= len(got) {
|
|
|
|
t.Errorf("Expected %q link header; got nothing", expected[i])
|
|
|
|
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
if expected[i] != got[i] {
|
|
|
|
t.Errorf("Expected %q link header; got %q", expected[i], got[i])
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
var respCounter uint8
|
|
|
|
trace := &httptrace.ClientTrace{
|
|
|
|
Got1xxResponse: func(code int, header textproto.MIMEHeader) error {
|
|
|
|
switch code {
|
|
|
|
case http.StatusEarlyHints:
|
|
|
|
checkLinkHeaders(t, []string{"</style.css>; rel=preload; as=style", "</script.js>; rel=preload; as=script"}, header["Link"])
|
|
|
|
case http.StatusProcessing:
|
|
|
|
checkLinkHeaders(t, []string{"</style.css>; rel=preload; as=style", "</script.js>; rel=preload; as=script", "</foo.js>; rel=preload; as=script"}, header["Link"])
|
|
|
|
default:
|
|
|
|
t.Error("Unexpected 1xx response")
|
|
|
|
}
|
|
|
|
|
|
|
|
respCounter++
|
|
|
|
|
|
|
|
return nil
|
|
|
|
},
|
|
|
|
}
|
|
|
|
req, _ := http.NewRequestWithContext(httptrace.WithClientTrace(context.Background(), trace), http.MethodGet, server.URL, nil)
|
|
|
|
|
|
|
|
res, err := frontendClient.Do(req)
|
2023-11-17 01:50:06 +01:00
|
|
|
assert.NoError(t, err)
|
2023-06-14 17:42:44 +02:00
|
|
|
|
|
|
|
defer res.Body.Close()
|
|
|
|
|
|
|
|
if respCounter != 2 {
|
|
|
|
t.Errorf("Expected 2 1xx responses; got %d", respCounter)
|
|
|
|
}
|
|
|
|
checkLinkHeaders(t, []string{"</style.css>; rel=preload; as=style", "</script.js>; rel=preload; as=script", "</foo.js>; rel=preload; as=script"}, res.Header["Link"])
|
|
|
|
|
|
|
|
body, _ := io.ReadAll(res.Body)
|
|
|
|
if string(body) != "Hello" {
|
|
|
|
t.Errorf("Read body %q; want Hello", body)
|
|
|
|
}
|
|
|
|
|
|
|
|
assert.Equal(t, "test_response", res.Header.Get("X-Custom-Response-Header"))
|
|
|
|
}
|