Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Added missed poisoned host header test material

  • Loading branch information...
commit 6383d2358c1077b16b13eb6e6975d7a200ed7285 1 parent 25d23d9
@ptone ptone authored
Showing with 67 additions and 0 deletions.
  1. +67 −0 tests/regressiontests/requests/tests.py
View
67 tests/regressiontests/requests/tests.py
@@ -4,6 +4,7 @@
from django.conf import settings
from django.core.handlers.modpython import ModPythonRequest
+from django.core.exceptions import SuspiciousOperation
from django.core.handlers.wsgi import WSGIRequest, LimitedStream
from django.http import HttpRequest, HttpResponse, parse_cookie
from django.utils import unittest
@@ -101,6 +102,39 @@ def test_http_get_host(self):
}
self.assertEqual(request.get_host(), 'internal.com:8042')
+ # Poisoned host headers are rejected as suspicious
+ legit_hosts = [
+ 'example.com',
+ 'example.com:80',
+ '12.34.56.78',
+ '12.34.56.78:443',
+ '[2001:19f0:feee::dead:beef:cafe]',
+ '[2001:19f0:feee::dead:beef:cafe]:8080',
+ ]
+
+ poisoned_hosts = [
+ 'example.com@evil.tld',
+ 'example.com:dr.frankenstein@evil.tld',
+ 'example.com:someone@somestie.com:80',
+ 'example.com:80/badpath'
+ ]
+
+ for host in legit_hosts:
+ request = HttpRequest()
+ request.META = {
+ 'HTTP_HOST': host,
+ }
+ request.get_host()
+
+ for host in poisoned_hosts:
+ def test_host_poisoning():
+ request = HttpRequest()
+ request.META = {
+ 'HTTP_HOST': host,
+ }
+ request.get_host()
+ self.assertRaises(SuspiciousOperation, test_host_poisoning)
+
finally:
settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST
@@ -145,6 +179,39 @@ def test_http_get_host_with_x_forwarded_host(self):
}
self.assertEqual(request.get_host(), 'internal.com:8042')
+ # Poisoned host headers are rejected as suspicious
+ legit_hosts = [
+ 'example.com',
+ 'example.com:80',
+ '12.34.56.78',
+ '12.34.56.78:443',
+ '[2001:19f0:feee::dead:beef:cafe]',
+ '[2001:19f0:feee::dead:beef:cafe]:8080',
+ ]
+
+ poisoned_hosts = [
+ 'example.com@evil.tld',
+ 'example.com:dr.frankenstein@evil.tld',
+ 'example.com:dr.frankenstein@evil.tld:80',
+ 'example.com:80/badpath'
+ ]
+
+ for host in legit_hosts:
+ request = HttpRequest()
+ request.META = {
+ 'HTTP_HOST': host,
+ }
+ request.get_host()
+
+ for host in poisoned_hosts:
+ def test_host_poisoning():
+ request = HttpRequest()
+ request.META = {
+ 'HTTP_HOST': host,
+ }
+ request.get_host()
+ self.assertRaises(SuspiciousOperation, test_host_poisoning)
+
finally:
settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST
Please sign in to comment.
Something went wrong with that request. Please try again.