From: Scott Chacon <schacon@gmail.com>
To: mongrel-unicorn@rubyforge.org
Subject: Usernames in the http_URL
Date: Thu, 17 Dec 2009 16:20:17 -0800 [thread overview]
Message-ID: <d411cc4a0912171620k3ff74554i6c5ad278e10c4db@mail.gmail.com> (raw)
I just ran into a stupid client that put the username in the http_URL
field, making the first line of the HTTP request look like this:
GET http://username@localhost:8080/mojombo/grit HTTP/1.1
Unicorn 500s on this, saying it can't parse the headers. I'm
including a unit test that will die on this, but my question is should
Unicorn handle this gracefully by just stripping off the username -
parsing it as a 'server' instead of a 'host'? It seems that most
other webservers do, even though it doesn't appear to be the spec.
Thanks,
Scott
---
test/unit/test_http_parser.rb | 18 ++++++++++++++++++
1 files changed, 18 insertions(+), 0 deletions(-)
diff --git a/test/unit/test_http_parser.rb b/test/unit/test_http_parser.rb
index 1b3faaf..7d32e5e 100644
--- a/test/unit/test_http_parser.rb
+++ b/test/unit/test_http_parser.rb
@@ -298,6 +298,24 @@ class HttpParserTest < Test::Unit::TestCase
assert ! parser.keepalive?
end
+ # some dumb clients add users because they're stupid
+ def test_absolute_uri_w_user
+ parser = HttpParser.new
+ req = {}
+ http = "GET http://user@example.com/foo?q=bar HTTP/1.0\r\n\r\n"
+ assert_equal req, parser.headers(req, http)
+ assert_equal 'http', req['rack.url_scheme']
+ assert_equal '/foo?q=bar', req['REQUEST_URI']
+ assert_equal '/foo', req['REQUEST_PATH']
+ assert_equal 'q=bar', req['QUERY_STRING']
+
+ assert_equal 'example.com', req['HTTP_HOST']
+ assert_equal 'example.com', req['SERVER_NAME']
+ assert_equal '80', req['SERVER_PORT']
+ assert_equal "", http
+ assert ! parser.keepalive?
+ end
+
def test_absolute_uri
parser = HttpParser.new
req = {}
--
1.6.6.rc1
_______________________________________________
Unicorn mailing list - mongrel-unicorn@rubyforge.org
http://rubyforge.org/mailman/listinfo/mongrel-unicorn
Do not quote signatures (like this one) or top post when replying
next reply other threads:[~2009-12-18 0:33 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-12-18 0:20 Scott Chacon [this message]
2009-12-18 1:23 ` Usernames in the http_URL Eric Wong
2009-12-18 1:32 ` Eric Wong
2009-12-18 2:31 ` Scott Chacon
2009-12-18 9:48 ` John-Paul Bader
2009-12-19 10:04 ` Eric Wong
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://yhbt.net/unicorn/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d411cc4a0912171620k3ff74554i6c5ad278e10c4db@mail.gmail.com \
--to=schacon@gmail.com \
--cc=mongrel-unicorn@rubyforge.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://yhbt.net/unicorn.git/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).