From 6383d2358c1077b16b13eb6e6975d7a200ed7285 Mon Sep 17 00:00:00 2001
From: Preston Holmes <preston@ptone.com>
Date: Thu, 18 Oct 2012 11:21:54 -0700
Subject: [PATCH] Added missed poisoned host header test material

---
 tests/regressiontests/requests/tests.py | 67 +++++++++++++++++++++++++
 1 file changed, 67 insertions(+)

diff --git a/tests/regressiontests/requests/tests.py b/tests/regressiontests/requests/tests.py
index cd488e2fed..19713b6e26 100644
--- a/tests/regressiontests/requests/tests.py
+++ b/tests/regressiontests/requests/tests.py
@@ -4,6 +4,7 @@ from StringIO import StringIO
 
 from django.conf import settings
 from django.core.handlers.modpython import ModPythonRequest
+from django.core.exceptions import SuspiciousOperation
 from django.core.handlers.wsgi import WSGIRequest, LimitedStream
 from django.http import HttpRequest, HttpResponse, parse_cookie
 from django.utils import unittest
@@ -101,6 +102,39 @@ class RequestsTests(unittest.TestCase):
             }
             self.assertEqual(request.get_host(), 'internal.com:8042')
 
+            # Poisoned host headers are rejected as suspicious
+            legit_hosts = [
+                'example.com',
+                'example.com:80',
+                '12.34.56.78',
+                '12.34.56.78:443',
+                '[2001:19f0:feee::dead:beef:cafe]',
+                '[2001:19f0:feee::dead:beef:cafe]:8080',
+            ]
+
+            poisoned_hosts = [
+                'example.com@evil.tld',
+                'example.com:dr.frankenstein@evil.tld',
+                'example.com:someone@somestie.com:80',
+                'example.com:80/badpath'
+            ]
+
+            for host in legit_hosts:
+                request = HttpRequest()
+                request.META = {
+                    'HTTP_HOST': host,
+                }
+                request.get_host()
+
+            for host in poisoned_hosts:
+                def test_host_poisoning():
+                    request = HttpRequest()
+                    request.META = {
+                        'HTTP_HOST': host,
+                    }
+                    request.get_host()
+                self.assertRaises(SuspiciousOperation, test_host_poisoning)
+
         finally:
             settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST
 
@@ -145,6 +179,39 @@ class RequestsTests(unittest.TestCase):
             }
             self.assertEqual(request.get_host(), 'internal.com:8042')
 
+            # Poisoned host headers are rejected as suspicious
+            legit_hosts = [
+                'example.com',
+                'example.com:80',
+                '12.34.56.78',
+                '12.34.56.78:443',
+                '[2001:19f0:feee::dead:beef:cafe]',
+                '[2001:19f0:feee::dead:beef:cafe]:8080',
+            ]
+
+            poisoned_hosts = [
+                'example.com@evil.tld',
+                'example.com:dr.frankenstein@evil.tld',
+                'example.com:dr.frankenstein@evil.tld:80',
+                'example.com:80/badpath'
+            ]
+
+            for host in legit_hosts:
+                request = HttpRequest()
+                request.META = {
+                    'HTTP_HOST': host,
+                }
+                request.get_host()
+
+            for host in poisoned_hosts:
+                def test_host_poisoning():
+                    request = HttpRequest()
+                    request.META = {
+                        'HTTP_HOST': host,
+                    }
+                    request.get_host()
+                self.assertRaises(SuspiciousOperation, test_host_poisoning)
+
         finally:
             settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST