1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
| | # Copyright (C) 2013, Eric Wong <normalperson@yhbt.net> and all contributors
# License: GPLv3 or later (https://www.gnu.org/licenses/gpl-3.0.txt)
require_relative 'server_helper'
class TestRackHijack < Testcase
ENV["N"].to_i > 1 and parallelize_me!
include ServerHelper
alias setup server_helper_setup
alias teardown server_helper_teardown
HIJACK_APP = lambda { |env|
case env["PATH_INFO"]
when "/hijack_input"
io = env["rack.hijack"].call
env["rack.hijack_io"].write("HTTP/1.0 201 OK\r\n\r\n")
io.write("rack.input contents: #{env['rack.input'].read}")
io.close
return [ 500, {}, DieIfUsed.new ]
when "/hijack_req"
io = env["rack.hijack"].call
if io.respond_to?(:read_nonblock) &&
env["rack.hijack_io"].respond_to?(:read_nonblock)
# exercise both, since we Rack::Lint may use different objects
env["rack.hijack_io"].write("HTTP/1.0 200 OK\r\n\r\n")
io.write("request.hijacked")
io.close
return [ 500, {}, DieIfUsed.new ]
end
[ 500, {}, [ "hijack BAD\n" ] ]
when "/hijack_res"
r = "response.hijacked"
[ 200,
{
"X-Test" => "zzz",
"Content-Length" => r.bytesize.to_s,
"rack.hijack" => proc { |x| x.write(r); x.close }
},
DieIfUsed.new
]
end
}
def test_hijack
err = @err
cfg = Yahns::Config.new
host, port = @srv.addr[3], @srv.addr[1]
cfg.instance_eval do
GTL.synchronize { app(:rack, HIJACK_APP) { listen "#{host}:#{port}" } }
logger(Logger.new(err.path))
end
pid = mkserver(cfg)
res = Net::HTTP.start(host, port) { |h| h.get("/hijack_req") }
assert_equal "request.hijacked", res.body
assert_equal 200, res.code.to_i
assert_equal "1.0", res.http_version
res = Net::HTTP.start(host, port) { |h| h.get("/hijack_res") }
assert_equal "response.hijacked", res.body
assert_equal 200, res.code.to_i
assert_equal "zzz", res["X-Test"]
assert_equal "1.1", res.http_version
res = Net::HTTP.start(host, port) do |h|
hdr = { "Content-Type" => 'application/octet-stream' }
h.put("/hijack_input", "BLAH", hdr)
end
assert_equal "rack.input contents: BLAH", res.body
assert_equal 201, res.code.to_i
assert_equal "1.0", res.http_version
ensure
quit_wait(pid)
end
end
|