Permalink
Browse files

Prevent AnyEvent::HTTP adding Referer header with the request URL

  • Loading branch information...
1 parent 8c5e75b commit fd38fb2b9c521feda69b7aecc5d8ac7c91a36cb2 @gbarr committed Feb 22, 2012
Showing with 55 additions and 1 deletion.
  1. +1 −0 Changes.txt
  2. +1 −0 inc/Test/HTTP/LocalServer.pm
  3. +4 −1 lib/LWP/Protocol/AnyEvent/http.pm
  4. +49 −0 t/06_referer.t
View
@@ -4,6 +4,7 @@ Revision history for LWP-Protocol-AnyEvent-http
- Preserve AnyEvent::HTTP pseudo heads by prefixing with X-AE-
- Fix duplicate headers in response
- Add proxy support
+ - Prevent AnyEvent::HTTP adding Referer header with the request URL
1.0.3 2011-06-17
- Skip tests that will fail due to DNS hijacking.
@@ -203,6 +203,7 @@ use vars qw(%urls);
'error_notfound' => 'error/notfound/%s',
'error_after_headers' => 'error/after_headers',
'chunked' => 'chunks',
+ 'referer' => 'referer',
);
for (keys %urls) {
no strict 'refs';
@@ -47,9 +47,12 @@ sub request {
my $method = $request->method();
my $url = $request->uri();
- my %headers; $request->headers()->scan(sub { $headers{$_[0]} = $_[1]; });
+ my %headers; $request->headers()->scan(sub { $headers{lc $_[0]} = $_[1]; });
my $body = $request->content_ref();
+ # Fix AnyEvent::HTTP setting Referer to the request URL
+ $headers{referer} = undef unless exists $headers{referer};
+
# The status code will be replaced.
my $response = HTTP::Response->new(599, 'Internal Server Error');
$response->request($request);
View
@@ -0,0 +1,49 @@
+#!perl -w
+use strict;
+use Test::More;
+
+use AnyEvent;
+use LWP::Protocol::AnyEvent::http;
+use LWP::UserAgent;
+
+# Check whether we can launch the local webserver
+if (! eval {
+ use lib '../inc', 'inc';
+ require Test::HTTP::LocalServer;
+ 1;
+}) {
+ plan skip_all => "Couldn't launch test server: $@";
+} else {
+ plan tests => 4;
+};
+
+# Launch a timer
+my $timer_events = 0;
+my $t = AnyEvent->timer(
+ after => 1, interval => 1, cb => sub { diag "Waiting for reply\n"; $timer_events++ }
+);
+
+my $client = LWP::UserAgent->new(requests_redirectable => []);
+
+my $server = Test::HTTP::LocalServer->spawn(
+ #debug => 1,
+);
+my $url = $server->url;
+diag "Retrieving URL: " . $url;
+
+my $res = $client->get($server->referer);
+is $res->code, 204, "No Referer was sent"
+ or diag($res->headers->as_string);
+
+my $referer = "http://example.com";
+$res = $client->get($server->referer, Referer => $referer);
+is $res->code, 302, "Sent Referer header";
+is $res->header('Location'), $referer, "Sent expected Referer";
+
+undef $t; # stop the timer
+
+diag "Shutting down server";
+$server->stop;
+undef $server;
+diag "Done";
+

0 comments on commit fd38fb2

Please sign in to comment.