From a50fecb2890f0624bd3e200bf8b8552c6ec7b865 Mon Sep 17 00:00:00 2001 From: Swapnil Thange <75060093+SwapnilThange@users.noreply.github.com> Date: Mon, 23 Oct 2023 10:43:43 +0200 Subject: [PATCH 1/6] Added new header support origin trial --- buildpack/core/nginx.py | 1 + 1 file changed, 1 insertion(+) diff --git a/buildpack/core/nginx.py b/buildpack/core/nginx.py index 278dca8b8..c6ba0ab43 100644 --- a/buildpack/core/nginx.py +++ b/buildpack/core/nginx.py @@ -22,6 +22,7 @@ "Strict-Transport-Security": r"(?i)(^max-age=[0-9]*$|^max-age=[0-9]*; includeSubDomains$|^max-age=[0-9]*; preload$)", # noqa: line-too-long "X-Permitted-Cross-Domain-Policies": r"(?i)(^all$|^none$|^master-only$|^by-content-type$|^by-ftp-filename$)", # noqa: line-too-long "X-XSS-Protection": r"(?i)(^0$|^1$|^1; mode=block$|^1; report=https?://([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])(\.([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]{0,61}[a-zA-Z0-9]))*(:\d+)?$)", # noqa: line-too-long + "Origin-Trial": r"[a-zA-Z0-9:;/''\"\*_\- \.\n?=%&+]+", } CONFIG_FILE = "nginx/conf/nginx.conf" From 6e0335efa8565e334d86978647aa62fb743d4814 Mon Sep 17 00:00:00 2001 From: Swapnil Thange <75060093+SwapnilThange@users.noreply.github.com> Date: Mon, 23 Oct 2023 15:08:31 +0200 Subject: [PATCH 2/6] added test cases for new header --- tests/unit/test_custom_headers.py | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/tests/unit/test_custom_headers.py b/tests/unit/test_custom_headers.py index 194fad3c3..202282fbe 100644 --- a/tests/unit/test_custom_headers.py +++ b/tests/unit/test_custom_headers.py @@ -170,3 +170,23 @@ def test_invalid_header_json(self): os.environ["HTTP_RESPONSE_HEADERS"] = "invalid" with self.assertRaises(ValueError): nginx._get_http_headers() + + def test_valid_header_originTrial(self): + os.environ["HTTP_RESPONSE_HEADERS"] = json.dumps( + { + "Origin_trial": "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7==" + } + ) + header_config = nginx._get_http_headers() + self.assertIn( + ("Origin_trial", "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7=="), + header_config, + ) + def test_inValid_header_originTrial(self): + os.environ["HTTP_RESPONSE_HEADERS"] = json.dumps( + { + "Origin_trial": "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7==" + } + ) + header_config = nginx._get_http_headers() + self.assertEqual([], header_config) From 0a6db404c4658ac3b4771abb5b7dbd97270287b6 Mon Sep 17 00:00:00 2001 From: Swapnil Thange <75060093+SwapnilThange@users.noreply.github.com> Date: Mon, 23 Oct 2023 15:11:39 +0200 Subject: [PATCH 3/6] corrected alignment --- tests/unit/test_custom_headers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/unit/test_custom_headers.py b/tests/unit/test_custom_headers.py index 202282fbe..f78e6406f 100644 --- a/tests/unit/test_custom_headers.py +++ b/tests/unit/test_custom_headers.py @@ -178,7 +178,7 @@ def test_valid_header_originTrial(self): } ) header_config = nginx._get_http_headers() - self.assertIn( + self.assertIn( ("Origin_trial", "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7=="), header_config, ) From 92a4649a986a69e3c6638ce824de1153ed625aed Mon Sep 17 00:00:00 2001 From: Swapnil Thange <75060093+SwapnilThange@users.noreply.github.com> Date: Mon, 23 Oct 2023 15:19:13 +0200 Subject: [PATCH 4/6] Updated spellings --- tests/unit/test_custom_headers.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/unit/test_custom_headers.py b/tests/unit/test_custom_headers.py index f78e6406f..da4b12c35 100644 --- a/tests/unit/test_custom_headers.py +++ b/tests/unit/test_custom_headers.py @@ -174,18 +174,18 @@ def test_invalid_header_json(self): def test_valid_header_originTrial(self): os.environ["HTTP_RESPONSE_HEADERS"] = json.dumps( { - "Origin_trial": "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7==" + "Origin-Trial": "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7==" } ) header_config = nginx._get_http_headers() self.assertIn( - ("Origin_trial", "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7=="), + ("Origin-Trial", "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7=="), header_config, ) def test_inValid_header_originTrial(self): os.environ["HTTP_RESPONSE_HEADERS"] = json.dumps( { - "Origin_trial": "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7==" + "Origin-Trial": "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7==" } ) header_config = nginx._get_http_headers() From ee62e7ce054de94c50b99cc90d14ce14247134fc Mon Sep 17 00:00:00 2001 From: Swapnil Thange <75060093+SwapnilThange@users.noreply.github.com> Date: Mon, 23 Oct 2023 15:25:29 +0200 Subject: [PATCH 5/6] updated test cases --- tests/unit/test_custom_headers.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/unit/test_custom_headers.py b/tests/unit/test_custom_headers.py index da4b12c35..b30c1b8f2 100644 --- a/tests/unit/test_custom_headers.py +++ b/tests/unit/test_custom_headers.py @@ -179,7 +179,9 @@ def test_valid_header_originTrial(self): ) header_config = nginx._get_http_headers() self.assertIn( - ("Origin-Trial", "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7=="), + ("Origin-Trial", + "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7==", + ), header_config, ) def test_inValid_header_originTrial(self): From 5515effafb6772d902ed552de2d0cb59e289a92f Mon Sep 17 00:00:00 2001 From: Swapnil Thange <75060093+SwapnilThange@users.noreply.github.com> Date: Mon, 23 Oct 2023 15:34:31 +0200 Subject: [PATCH 6/6] updated tests --- tests/unit/test_custom_headers.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/unit/test_custom_headers.py b/tests/unit/test_custom_headers.py index b30c1b8f2..de3a09ba6 100644 --- a/tests/unit/test_custom_headers.py +++ b/tests/unit/test_custom_headers.py @@ -187,7 +187,7 @@ def test_valid_header_originTrial(self): def test_inValid_header_originTrial(self): os.environ["HTTP_RESPONSE_HEADERS"] = json.dumps( { - "Origin-Trial": "ArmVE2nkyn2sDf+DNN9MJVBYCagx:+NCFIc7==" + "Origin-Trial": "#####" } ) header_config = nginx._get_http_headers()