Permalink
Browse files

Added missed poisoned host header test changes

  • Loading branch information...
ptone committed Oct 18, 2012
1 parent 8c46ead commit 773a29295a8811fd018b3b30c6efa9266c5f540a
Showing with 65 additions and 0 deletions.
  1. +65 −0 tests/regressiontests/requests/tests.py
@@ -7,6 +7,7 @@
from django.conf import settings from django.conf import settings
from django.core.handlers.modpython import ModPythonRequest from django.core.handlers.modpython import ModPythonRequest
from django.core.exceptions import SuspiciousOperation
from django.core.handlers.wsgi import WSGIRequest, LimitedStream from django.core.handlers.wsgi import WSGIRequest, LimitedStream
from django.http import HttpRequest, HttpResponse, parse_cookie, build_request_repr, UnreadablePostError from django.http import HttpRequest, HttpResponse, parse_cookie, build_request_repr, UnreadablePostError
from django.test.utils import get_warnings_state, restore_warnings_state from django.test.utils import get_warnings_state, restore_warnings_state
@@ -145,6 +146,38 @@ def test_http_get_host(self):
} }
self.assertEqual(request.get_host(), 'internal.com:8042') self.assertEqual(request.get_host(), 'internal.com:8042')
# Poisoned host headers are rejected as suspicious
legit_hosts = [
'example.com',
'example.com:80',
'12.34.56.78',
'12.34.56.78:443',
'[2001:19f0:feee::dead:beef:cafe]',
'[2001:19f0:feee::dead:beef:cafe]:8080',
]
poisoned_hosts = [
'example.com@evil.tld',
'example.com:dr.frankenstein@evil.tld',
'example.com:someone@somestie.com:80',
'example.com:80/badpath'
]
for host in legit_hosts:
request = HttpRequest()
request.META = {
'HTTP_HOST': host,
}
request.get_host()
for host in poisoned_hosts:
with self.assertRaises(SuspiciousOperation):
request = HttpRequest()
request.META = {
'HTTP_HOST': host,
}
request.get_host()
finally: finally:
settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST
@@ -189,6 +222,38 @@ def test_http_get_host_with_x_forwarded_host(self):
} }
self.assertEqual(request.get_host(), 'internal.com:8042') self.assertEqual(request.get_host(), 'internal.com:8042')
# Poisoned host headers are rejected as suspicious
legit_hosts = [
'example.com',
'example.com:80',
'12.34.56.78',
'12.34.56.78:443',
'[2001:19f0:feee::dead:beef:cafe]',
'[2001:19f0:feee::dead:beef:cafe]:8080',
]
poisoned_hosts = [
'example.com@evil.tld',
'example.com:dr.frankenstein@evil.tld',
'example.com:dr.frankenstein@evil.tld:80',
'example.com:80/badpath'
]
for host in legit_hosts:
request = HttpRequest()
request.META = {
'HTTP_HOST': host,
}
request.get_host()
for host in poisoned_hosts:
with self.assertRaises(SuspiciousOperation):
request = HttpRequest()
request.META = {
'HTTP_HOST': host,
}
request.get_host()
finally: finally:
settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST

0 comments on commit 773a292

Please sign in to comment.