Преглед изворни кода

Merge pull request #2 from kamermans/b1f6c1c4-patch-1

Add tests to HSTS bugfix
b1f6c1c4 пре 7 година
родитељ
комит
d8777c8689
2 измењених фајлова са 26 додато и 12 уклоњено
  1. 19 12
      test/requirements/web/webserver.py
  2. 7 0
      test/test_ssl/test_hsts.py

+ 19 - 12
test/requirements/web/webserver.py

@@ -1,28 +1,35 @@
 #!/usr/bin/env python3
 
-import os, sys
+import os, sys, re
 import http.server
 import socketserver
 
-
 class Handler(http.server.SimpleHTTPRequestHandler):
     def do_GET(self):
-        
-        self.send_response(200)
-        self.send_header("Content-Type", "text/plain")
-        self.end_headers()
+
+        response_body = ""
+        response_code = 200
 
         if self.path == "/headers":
-            self.wfile.write(self.headers.as_string().encode())
+            response_body += self.headers.as_string()
         elif self.path == "/port":
-            response = "answer from port %s\n" % PORT
-            self.wfile.write(response.encode())
+            response_body += "answer from port %s\n" % PORT
+        elif re.match("/status/(\d+)", self.path):
+            result = re.match("/status/(\d+)", self.path)
+            response_code = int(result.group(1))
+            response_body += "answer with response code %s\n" % response_code
         elif self.path == "/":
-            response = "I'm %s\n" % os.environ['HOSTNAME']
-            self.wfile.write(response.encode())
+            response_body += "I'm %s\n" % os.environ['HOSTNAME']
         else:
-            self.wfile.write("No route for this path!\n".encode())
+            response_body += "No route for this path!\n"
+            response_code = 404
+
+        self.send_response(response_code)
+        self.send_header("Content-Type", "text/plain")
+        self.end_headers()
 
+        if (len(response_body)):
+            self.wfile.write(response_body.encode())
 
 if __name__ == '__main__':
     PORT = int(sys.argv[1])

+ 7 - 0
test/test_ssl/test_hsts.py

@@ -7,6 +7,13 @@ def test_web1_HSTS_default(docker_compose, nginxproxy):
     assert "Strict-Transport-Security" in r.headers
     assert "max-age=31536000" == r.headers["Strict-Transport-Security"]
 
+# Regression test to ensure HSTS is enabled even when the upstream sends an error in response
+# Issue #1073 https://github.com/jwilder/nginx-proxy/pull/1073
+def test_web1_HSTS_error(docker_compose, nginxproxy):
+    r = nginxproxy.get("https://web1.nginx-proxy.tld/status/500", allow_redirects=False)
+    assert "Strict-Transport-Security" in r.headers
+    assert "max-age=31536000" == r.headers["Strict-Transport-Security"]
+
 def test_web2_HSTS_off(docker_compose, nginxproxy):
     r = nginxproxy.get("https://web2.nginx-proxy.tld/port", allow_redirects=False)
     assert "answer from port 81\n" in r.text