Added missed poisoned host header tests

2012-10-18 11:10:46 -07:00 · 2012-10-18 11:10:46 -07:00 · 4fb510fde4
parent 0775ab2955
commit 4fb510fde4
1 changed files with 65 additions and 0 deletions
--- a/tests/regressiontests/requests/tests.py
+++ b/tests/regressiontests/requests/tests.py
@ -6,6 +6,7 @@ from datetime import datetime, timedelta
 from io import BytesIO

 from django.conf import settings
+from django.core.exceptions import SuspiciousOperation
 from django.core.handlers.wsgi import WSGIRequest, LimitedStream
 from django.http import HttpRequest, HttpResponse, parse_cookie, build_request_repr, UnreadablePostError
 from django.test.utils import str_prefix
@ -109,6 +110,38 @@ class RequestsTests(unittest.TestCase):
            }
            self.assertEqual(request.get_host(), 'internal.com:8042')

+            # Poisoned host headers are rejected as suspicious
+            legit_hosts = [
+                'example.com',
+                'example.com:80',
+                '12.34.56.78',
+                '12.34.56.78:443',
+                '[2001:19f0:feee::dead:beef:cafe]',
+                '[2001:19f0:feee::dead:beef:cafe]:8080',
+            ]
+
+            poisoned_hosts = [
+                'example.com@evil.tld',
+                'example.com:dr.frankenstein@evil.tld',
+                'example.com:someone@somestie.com:80',
+                'example.com:80/badpath'
+            ]
+
+            for host in legit_hosts:
+                request = HttpRequest()
+                request.META = {
+                    'HTTP_HOST': host,
+                }
+                request.get_host()
+
+            for host in poisoned_hosts:
+                with self.assertRaises(SuspiciousOperation):
+                    request = HttpRequest()
+                    request.META = {
+                        'HTTP_HOST': host,
+                    }
+                    request.get_host()
+
        finally:
            settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST

@ -153,6 +186,38 @@ class RequestsTests(unittest.TestCase):
            }
            self.assertEqual(request.get_host(), 'internal.com:8042')

+            # Poisoned host headers are rejected as suspicious
+            legit_hosts = [
+                'example.com',
+                'example.com:80',
+                '12.34.56.78',
+                '12.34.56.78:443',
+                '[2001:19f0:feee::dead:beef:cafe]',
+                '[2001:19f0:feee::dead:beef:cafe]:8080',
+            ]
+
+            poisoned_hosts = [
+                'example.com@evil.tld',
+                'example.com:dr.frankenstein@evil.tld',
+                'example.com:dr.frankenstein@evil.tld:80',
+                'example.com:80/badpath'
+            ]
+
+            for host in legit_hosts:
+                request = HttpRequest()
+                request.META = {
+                    'HTTP_HOST': host,
+                }
+                request.get_host()
+
+            for host in poisoned_hosts:
+                with self.assertRaises(SuspiciousOperation):
+                    request = HttpRequest()
+                    request.META = {
+                        'HTTP_HOST': host,
+                    }
+                    request.get_host()
+
        finally:
            settings.USE_X_FORWARDED_HOST = old_USE_X_FORWARDED_HOST