Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Added missed poisoned host header test changes

  • Loading branch information...
commit 773a29295a8811fd018b3b30c6efa9266c5f540a 1 parent 8c46ead
@ptone ptone authored
Showing with 65 additions and 0 deletions.
  1. +65 −0 tests/regressiontests/requests/tests.py
View
65 tests/regressiontests/requests/tests.py
@@ -7,6 +7,7 @@
from django.conf import settings
from django.core.handlers.modpython import ModPythonRequest
+from django.core.exceptions import SuspiciousOperation
from django.core.handlers.wsgi import WSGIRequest, LimitedStream
from django.http import HttpRequest, HttpResponse, parse_cookie, build_request_repr, UnreadablePostError
from django.test.utils import get_warnings_state, restore_warnings_state
@@ -145,6 +146,38 @@ def test_http_get_host(self):
}
self.assertEqual(request.get_host(), 'internal.com:8042')
+ # Poisoned host headers are rejected as suspicious
+ legit_hosts = [
+ 'example.com',
+ 'example.com:80',
+ '12.34.56.78',
+ '12.34.56.78:443',
+ '[2001:19f0:feee::dead:beef:cafe]',
+ '[2001:19f0:feee::dead:beef:cafe]:8080',
+ ]
+
+ poisoned_hosts = [
+ 'example.com@evil.tld',
+ 'example.com:dr.frankenstein@evil.tld',
+ 'example.com:someone@somestie.com:80',
+ 'example.com:80/badpath'
+ ]
+
+ for host in legit_hosts:
+ request = HttpRequest()
+ request.META = {
+ 'HTTP_HOST': host,
+ }
+ request.get_host()
+
+ for host in poisoned_hosts:
+ with self.assertRaises(SuspiciousOperation):
+ request = HttpRequest()
+ request.META = {
+ 'HTTP_HOST': host,
+ }
+ request.get_host()
+
finally:
settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST
@@ -189,6 +222,38 @@ def test_http_get_host_with_x_forwarded_host(self):
}
self.assertEqual(request.get_host(), 'internal.com:8042')
+ # Poisoned host headers are rejected as suspicious
+ legit_hosts = [
+ 'example.com',
+ 'example.com:80',
+ '12.34.56.78',
+ '12.34.56.78:443',
+ '[2001:19f0:feee::dead:beef:cafe]',
+ '[2001:19f0:feee::dead:beef:cafe]:8080',
+ ]
+
+ poisoned_hosts = [
+ 'example.com@evil.tld',
+ 'example.com:dr.frankenstein@evil.tld',
+ 'example.com:dr.frankenstein@evil.tld:80',
+ 'example.com:80/badpath'
+ ]
+
+ for host in legit_hosts:
+ request = HttpRequest()
+ request.META = {
+ 'HTTP_HOST': host,
+ }
+ request.get_host()
+
+ for host in poisoned_hosts:
+ with self.assertRaises(SuspiciousOperation):
+ request = HttpRequest()
+ request.META = {
+ 'HTTP_HOST': host,
+ }
+ request.get_host()
+
finally:
settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST
Please sign in to comment.
Something went wrong with that request. Please try again.