MCPcopy
hub / github.com/valyala/fasthttp / TestTrailerValueControlBytesRejected

Function TestTrailerValueControlBytesRejected

header_test.go:2413–2455  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

2411}
2412
2413func TestTrailerValueControlBytesRejected(t *testing.T) {
2414 t.Parallel()
2415
2416 // Trailer values carrying control bytes must be rejected, matching the
2417 // validation the regular header parsers apply to header values. Without
2418 // this an undeclared trailer is merged into the header set and re-emitted
2419 // verbatim, so a bare CR slips into the serialised header block.
2420 badTrailers := []string{
2421 "X-Foo: a\rb\r\n\r\n",
2422 "X-Foo: a\x00b\r\n\r\n",
2423 "X-Foo: a\x01b\r\n\r\n",
2424 }
2425
2426 for i, trailer := range badTrailers {
2427 t.Run("Request_"+strconv.Itoa(i), func(t *testing.T) {
2428 var h RequestHeader
2429 err := h.ReadTrailer(bufio.NewReader(bytes.NewBufferString(trailer)))
2430 if err == nil {
2431 t.Fatalf("expected error for trailer value with control byte: %q", trailer)
2432 }
2433 if !strings.Contains(err.Error(), "invalid trailer value") {
2434 t.Fatalf("expected 'invalid trailer value' error for %q, got: %v", trailer, err)
2435 }
2436 })
2437
2438 t.Run("Response_"+strconv.Itoa(i), func(t *testing.T) {
2439 var h ResponseHeader
2440 err := h.ReadTrailer(bufio.NewReader(bytes.NewBufferString(trailer)))
2441 if err == nil {
2442 t.Fatalf("expected error for trailer value with control byte: %q", trailer)
2443 }
2444 if !strings.Contains(err.Error(), "invalid trailer value") {
2445 t.Fatalf("expected 'invalid trailer value' error for %q, got: %v", trailer, err)
2446 }
2447 })
2448 }
2449
2450 // A normal trailer value is still accepted.
2451 var h RequestHeader
2452 if err := h.ReadTrailer(bufio.NewReader(bytes.NewBufferString("X-Foo: bar\r\n\r\n"))); err != nil && err != io.EOF {
2453 t.Fatalf("unexpected error for safe trailer value: %v", err)
2454 }
2455}
2456
2457func TestResponseHeaderCookie(t *testing.T) {
2458 t.Parallel()

Callers

nothing calls this directly

Calls 3

NewReaderMethod · 0.80
ReadTrailerMethod · 0.65
ErrorMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…