2
0

test_https.py 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116
  1. import pytest
  2. def test_arbitrary_headers_are_passed_on(docker_compose, nginxproxy):
  3. r = nginxproxy.get("https://web.nginx-proxy.tld/headers", headers={'Foo': 'Bar'})
  4. assert r.status_code == 200
  5. assert "Foo: Bar\n" in r.text
  6. ##### Testing the handling of X-Forwarded-For #####
  7. def test_X_Forwarded_For_is_generated(docker_compose, nginxproxy):
  8. r = nginxproxy.get("https://web.nginx-proxy.tld/headers")
  9. assert r.status_code == 200
  10. assert "X-Forwarded-For:" in r.text
  11. def test_X_Forwarded_For_is_passed_on(docker_compose, nginxproxy):
  12. r = nginxproxy.get("https://web.nginx-proxy.tld/headers", headers={'X-Forwarded-For': '1.2.3.4'})
  13. assert r.status_code == 200
  14. assert "X-Forwarded-For: 1.2.3.4, " in r.text
  15. ##### Testing the handling of X-Forwarded-Proto #####
  16. def test_X_Forwarded_Proto_is_generated(docker_compose, nginxproxy):
  17. r = nginxproxy.get("https://web.nginx-proxy.tld/headers")
  18. assert r.status_code == 200
  19. assert "X-Forwarded-Proto: https" in r.text
  20. def test_X_Forwarded_Proto_is_passed_on(docker_compose, nginxproxy):
  21. r = nginxproxy.get("https://web.nginx-proxy.tld/headers", headers={'X-Forwarded-Proto': 'f00'})
  22. assert r.status_code == 200
  23. assert "X-Forwarded-Proto: f00\n" in r.text
  24. ##### Testing the handling of X-Forwarded-Host #####
  25. def test_X_Forwarded_Host_is_generated(docker_compose, nginxproxy):
  26. r = nginxproxy.get("https://web.nginx-proxy.tld/headers")
  27. assert r.status_code == 200
  28. assert "X-Forwarded-Host: web.nginx-proxy.tld\n" in r.text
  29. def test_X_Forwarded_Host_is_passed_on(docker_compose, nginxproxy):
  30. r = nginxproxy.get("https://web.nginx-proxy.tld/headers", headers={'X-Forwarded-Host': 'example.com'})
  31. assert r.status_code == 200
  32. assert "X-Forwarded-Host: example.com\n" in r.text
  33. ##### Testing the handling of X-Forwarded-Port #####
  34. def test_X_Forwarded_Port_is_generated(docker_compose, nginxproxy):
  35. r = nginxproxy.get("https://web.nginx-proxy.tld/headers")
  36. assert r.status_code == 200
  37. assert "X-Forwarded-Port: 443\n" in r.text
  38. def test_X_Forwarded_Port_is_passed_on(docker_compose, nginxproxy):
  39. r = nginxproxy.get("https://web.nginx-proxy.tld/headers", headers={'X-Forwarded-Port': '1234'})
  40. assert r.status_code == 200
  41. assert "X-Forwarded-Port: 1234\n" in r.text
  42. ##### Testing the handling of X-Forwarded-Ssl #####
  43. def test_X_Forwarded_Ssl_is_generated(docker_compose, nginxproxy):
  44. r = nginxproxy.get("https://web.nginx-proxy.tld/headers")
  45. assert r.status_code == 200
  46. assert "X-Forwarded-Ssl: on\n" in r.text
  47. def test_X_Forwarded_Ssl_is_overwritten(docker_compose, nginxproxy):
  48. r = nginxproxy.get("https://web.nginx-proxy.tld/headers", headers={'X-Forwarded-Ssl': 'f00'})
  49. assert r.status_code == 200
  50. assert "X-Forwarded-Ssl: on\n" in r.text
  51. ##### Other headers
  52. def test_X_Real_IP_is_generated(docker_compose, nginxproxy):
  53. r = nginxproxy.get("https://web.nginx-proxy.tld/headers")
  54. assert r.status_code == 200
  55. assert "X-Real-IP: " in r.text
  56. def test_Host_is_passed_on(docker_compose, nginxproxy):
  57. r = nginxproxy.get("https://web.nginx-proxy.tld/headers")
  58. assert r.status_code == 200
  59. assert "Host: web.nginx-proxy.tld" in r.text
  60. def test_httpoxy_safe(docker_compose, nginxproxy):
  61. """
  62. See https://httpoxy.org/
  63. nginx-proxy should suppress the `Proxy` header
  64. """
  65. r = nginxproxy.get("https://web.nginx-proxy.tld/headers", headers={'Proxy': 'tcp://some.hacker.com'})
  66. assert r.status_code == 200
  67. assert "Proxy:" not in r.text
  68. @pytest.mark.filterwarnings('ignore::urllib3.exceptions.InsecureRequestWarning')
  69. def test_no_host_server_tokens_off(docker_compose, nginxproxy):
  70. ip = nginxproxy.get_ip()
  71. r = nginxproxy.get(f"https://{ip}/headers", verify=False)
  72. assert r.status_code == 503
  73. assert r.headers["Server"] == "nginx"
  74. def test_server_tokens_on(docker_compose, nginxproxy):
  75. r = nginxproxy.get("https://web.nginx-proxy.tld/headers")
  76. assert r.status_code == 200
  77. assert "Host: web.nginx-proxy.tld" in r.text
  78. assert r.headers["Server"].startswith("nginx/")
  79. def test_server_tokens_off(docker_compose, nginxproxy):
  80. r = nginxproxy.get("https://web-server-tokens-off.nginx-proxy.tld/headers")
  81. assert r.status_code == 200
  82. assert "Host: web-server-tokens-off.nginx-proxy.tld" in r.text
  83. assert r.headers["Server"] == "nginx"