diff options
Diffstat (limited to 'tests/plugins/http')
| -rw-r--r-- | tests/plugins/http/configs/.rr-http-static-disabled.yaml | 27 | ||||
| -rw-r--r-- | tests/plugins/http/configs/.rr-http-static-etags.yaml | 35 | ||||
| -rw-r--r-- | tests/plugins/http/configs/.rr-http-static-files-disable.yaml | 24 | ||||
| -rw-r--r-- | tests/plugins/http/configs/.rr-http-static-files.yaml | 30 | ||||
| -rw-r--r-- | tests/plugins/http/configs/.rr-http-static-security.yaml | 35 | ||||
| -rw-r--r-- | tests/plugins/http/configs/.rr-http-static.yaml | 35 | ||||
| -rw-r--r-- | tests/plugins/http/handler_test.go | 64 | ||||
| -rw-r--r-- | tests/plugins/http/http_plugin_test.go | 620 | ||||
| -rw-r--r-- | tests/plugins/http/parse_test.go | 6 | ||||
| -rw-r--r-- | tests/plugins/http/plugin_middleware.go | 12 | ||||
| -rw-r--r-- | tests/plugins/http/response_test.go | 18 | ||||
| -rw-r--r-- | tests/plugins/http/uploads_test.go | 10 |
12 files changed, 846 insertions, 70 deletions
diff --git a/tests/plugins/http/configs/.rr-http-static-disabled.yaml b/tests/plugins/http/configs/.rr-http-static-disabled.yaml new file mode 100644 index 00000000..d248ce48 --- /dev/null +++ b/tests/plugins/http/configs/.rr-http-static-disabled.yaml @@ -0,0 +1,27 @@ +server: + command: "php ../../http/client.php pid pipes" + user: "" + group: "" + env: + "RR_HTTP": "true" + relay: "pipes" + relay_timeout: "20s" + +http: + address: 127.0.0.1:21234 + max_request_size: 1024 + middleware: [ "gzip" ] + trusted_subnets: [ "10.0.0.0/8", "127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "::1/128", "fc00::/7", "fe80::/10" ] + uploads: + forbid: [ ".php", ".exe", ".bat" ] + static: + dir: "abc" #not exists + forbid: [ ".php", ".htaccess" ] + pool: + num_workers: 2 + max_jobs: 0 + allocate_timeout: 60s + destroy_timeout: 60s +logs: + mode: development + level: error diff --git a/tests/plugins/http/configs/.rr-http-static-etags.yaml b/tests/plugins/http/configs/.rr-http-static-etags.yaml new file mode 100644 index 00000000..e18c50dd --- /dev/null +++ b/tests/plugins/http/configs/.rr-http-static-etags.yaml @@ -0,0 +1,35 @@ +server: + command: "php ../../http/client.php pid pipes" + user: "" + group: "" + env: + "RR_HTTP": "true" + relay: "pipes" + relay_timeout: "20s" + +http: + address: 127.0.0.1:21603 + max_request_size: 1024 + middleware: [ "gzip" ] + trusted_subnets: [ "10.0.0.0/8", "127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "::1/128", "fc00::/7", "fe80::/10" ] + uploads: + forbid: [ ".php", ".exe", ".bat" ] + static: + dir: "../../../" + pattern: "/tests/" + forbid: [ "" ] + allow: [ ".txt", ".php" ] + calculate_etag: true + weak: true + request: + "input": "custom-header" + response: + "output": "output-header" + pool: + num_workers: 2 + max_jobs: 0 + allocate_timeout: 60s + destroy_timeout: 60s +logs: + mode: development + level: error diff --git a/tests/plugins/http/configs/.rr-http-static-files-disable.yaml b/tests/plugins/http/configs/.rr-http-static-files-disable.yaml new file mode 100644 index 00000000..9f91d75b --- /dev/null +++ b/tests/plugins/http/configs/.rr-http-static-files-disable.yaml @@ -0,0 +1,24 @@ +server: + command: "php ../../http/client.php echo pipes" + user: "" + group: "" + env: + "RR_HTTP": "true" + relay: "pipes" + relay_timeout: "20s" + +http: + address: 127.0.0.1:45877 + max_request_size: 1024 + middleware: [ "gzip" ] + trusted_subnets: [ "10.0.0.0/8", "127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "::1/128", "fc00::/7", "fe80::/10" ] + uploads: + forbid: [ ".php", ".exe", ".bat" ] + pool: + num_workers: 2 + max_jobs: 0 + allocate_timeout: 60s + destroy_timeout: 60s +logs: + mode: development + level: error diff --git a/tests/plugins/http/configs/.rr-http-static-files.yaml b/tests/plugins/http/configs/.rr-http-static-files.yaml new file mode 100644 index 00000000..5d8b50e8 --- /dev/null +++ b/tests/plugins/http/configs/.rr-http-static-files.yaml @@ -0,0 +1,30 @@ +server: + command: "php ../../http/client.php echo pipes" + user: "" + group: "" + env: + "RR_HTTP": "true" + relay: "pipes" + relay_timeout: "20s" + +http: + address: 127.0.0.1:34653 + max_request_size: 1024 + middleware: [ "gzip" ] + trusted_subnets: [ "10.0.0.0/8", "127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "::1/128", "fc00::/7", "fe80::/10" ] + uploads: + forbid: [ ".php", ".exe", ".bat" ] + static: + dir: "../../../" + pattern: "/tests/" + allow: [ ".ico" ] + forbid: [ ".php", ".htaccess" ] + + pool: + num_workers: 2 + max_jobs: 0 + allocate_timeout: 60s + destroy_timeout: 60s +logs: + mode: development + level: error diff --git a/tests/plugins/http/configs/.rr-http-static-security.yaml b/tests/plugins/http/configs/.rr-http-static-security.yaml new file mode 100644 index 00000000..bbec13f9 --- /dev/null +++ b/tests/plugins/http/configs/.rr-http-static-security.yaml @@ -0,0 +1,35 @@ +server: + command: "php ../../http/client.php pid pipes" + user: "" + group: "" + env: + "RR_HTTP": "true" + relay: "pipes" + relay_timeout: "20s" + +http: + address: 127.0.0.1:21603 + max_request_size: 1024 + middleware: [ "gzip" ] + trusted_subnets: [ "10.0.0.0/8", "127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "::1/128", "fc00::/7", "fe80::/10" ] + uploads: + forbid: [ ".php", ".exe", ".bat" ] + static: + dir: "../../../" + pattern: "/tests/" + forbid: [ "" ] + allow: [ ".txt", ".php" ] + calculate_etag: true + weak: false + request: + "input": "custom-header" + response: + "output": "output-header" + pool: + num_workers: 2 + max_jobs: 0 + allocate_timeout: 60s + destroy_timeout: 60s +logs: + mode: development + level: error diff --git a/tests/plugins/http/configs/.rr-http-static.yaml b/tests/plugins/http/configs/.rr-http-static.yaml new file mode 100644 index 00000000..bbec13f9 --- /dev/null +++ b/tests/plugins/http/configs/.rr-http-static.yaml @@ -0,0 +1,35 @@ +server: + command: "php ../../http/client.php pid pipes" + user: "" + group: "" + env: + "RR_HTTP": "true" + relay: "pipes" + relay_timeout: "20s" + +http: + address: 127.0.0.1:21603 + max_request_size: 1024 + middleware: [ "gzip" ] + trusted_subnets: [ "10.0.0.0/8", "127.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "::1/128", "fc00::/7", "fe80::/10" ] + uploads: + forbid: [ ".php", ".exe", ".bat" ] + static: + dir: "../../../" + pattern: "/tests/" + forbid: [ "" ] + allow: [ ".txt", ".php" ] + calculate_etag: true + weak: false + request: + "input": "custom-header" + response: + "output": "output-header" + pool: + num_workers: 2 + max_jobs: 0 + allocate_timeout: 60s + destroy_timeout: 60s +logs: + mode: development + level: error diff --git a/tests/plugins/http/handler_test.go b/tests/plugins/http/handler_test.go index cf445aad..575fe656 100644 --- a/tests/plugins/http/handler_test.go +++ b/tests/plugins/http/handler_test.go @@ -12,8 +12,8 @@ import ( "github.com/spiral/roadrunner/v2/pkg/pool" "github.com/spiral/roadrunner/v2/pkg/transport/pipe" - httpPlugin "github.com/spiral/roadrunner/v2/plugins/http" "github.com/spiral/roadrunner/v2/plugins/http/config" + handler "github.com/spiral/roadrunner/v2/plugins/http/worker_handler" "github.com/stretchr/testify/assert" "net/http" @@ -35,7 +35,7 @@ func TestHandler_Echo(t *testing.T) { t.Fatal(err) } - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -66,7 +66,7 @@ func TestHandler_Echo(t *testing.T) { } func Test_HandlerErrors(t *testing.T) { - _, err := httpPlugin.NewHandler(1024, config.Uploads{ + _, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, nil) @@ -89,7 +89,7 @@ func TestHandler_Headers(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -150,7 +150,7 @@ func TestHandler_Empty_User_Agent(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -210,7 +210,7 @@ func TestHandler_User_Agent(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -270,7 +270,7 @@ func TestHandler_Cookies(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -335,7 +335,7 @@ func TestHandler_JsonPayload_POST(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -399,7 +399,7 @@ func TestHandler_JsonPayload_PUT(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -459,7 +459,7 @@ func TestHandler_JsonPayload_PATCH(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -519,7 +519,7 @@ func TestHandler_FormData_POST(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -592,7 +592,7 @@ func TestHandler_FormData_POST_Overwrite(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -665,7 +665,7 @@ func TestHandler_FormData_POST_Form_UrlEncoded_Charset(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -737,7 +737,7 @@ func TestHandler_FormData_PUT(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -809,7 +809,7 @@ func TestHandler_FormData_PATCH(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -881,7 +881,7 @@ func TestHandler_Multipart_POST(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -995,7 +995,7 @@ func TestHandler_Multipart_PUT(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -1109,7 +1109,7 @@ func TestHandler_Multipart_PATCH(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -1225,7 +1225,7 @@ func TestHandler_Error(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -1271,7 +1271,7 @@ func TestHandler_Error2(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -1317,7 +1317,7 @@ func TestHandler_Error3(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1, config.Uploads{ + h, err := handler.NewHandler(1, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -1376,7 +1376,7 @@ func TestHandler_ResponseDuration(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -1401,7 +1401,7 @@ func TestHandler_ResponseDuration(t *testing.T) { gotresp := make(chan interface{}) h.AddListener(func(event interface{}) { switch t := event.(type) { - case httpPlugin.ResponseEvent: + case handler.ResponseEvent: if t.Elapsed() > 0 { close(gotresp) } @@ -1437,7 +1437,7 @@ func TestHandler_ResponseDurationDelayed(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -1462,7 +1462,7 @@ func TestHandler_ResponseDurationDelayed(t *testing.T) { gotresp := make(chan interface{}) h.AddListener(func(event interface{}) { switch tp := event.(type) { - case httpPlugin.ResponseEvent: + case handler.ResponseEvent: if tp.Elapsed() > time.Second { close(gotresp) } @@ -1497,7 +1497,7 @@ func TestHandler_ErrorDuration(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) @@ -1522,7 +1522,7 @@ func TestHandler_ErrorDuration(t *testing.T) { goterr := make(chan interface{}) h.AddListener(func(event interface{}) { switch tp := event.(type) { - case httpPlugin.ErrorEvent: + case handler.ErrorEvent: if tp.Elapsed() > 0 { close(goterr) } @@ -1571,7 +1571,7 @@ func TestHandler_IP(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, cidrs, p) @@ -1632,7 +1632,7 @@ func TestHandler_XRealIP(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, cidrs, p) @@ -1698,7 +1698,7 @@ func TestHandler_XForwardedFor(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, cidrs, p) @@ -1763,7 +1763,7 @@ func TestHandler_XForwardedFor_NotTrustedRemoteIp(t *testing.T) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, cidrs, p) @@ -1811,7 +1811,7 @@ func BenchmarkHandler_Listen_Echo(b *testing.B) { p.Destroy(context.Background()) }() - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, p) diff --git a/tests/plugins/http/http_plugin_test.go b/tests/plugins/http/http_plugin_test.go index 0e43dac4..8f76e3ba 100644 --- a/tests/plugins/http/http_plugin_test.go +++ b/tests/plugins/http/http_plugin_test.go @@ -5,11 +5,13 @@ import ( "crypto/rand" "crypto/tls" "fmt" + "io" "io/ioutil" "net" "net/http" "net/http/httptest" "net/rpc" + "net/url" "os" "os/signal" "sync" @@ -23,6 +25,7 @@ import ( "github.com/spiral/roadrunner/v2/pkg/events" "github.com/spiral/roadrunner/v2/pkg/process" "github.com/spiral/roadrunner/v2/plugins/config" + "github.com/spiral/roadrunner/v2/plugins/gzip" "github.com/spiral/roadrunner/v2/plugins/informer" "github.com/spiral/roadrunner/v2/plugins/logger" "github.com/spiral/roadrunner/v2/plugins/resetter" @@ -1397,21 +1400,6 @@ func informerTestAfter(t *testing.T) { assert.NotEqual(t, workerPid, list.Workers[0].Pid) } -func get(url string) (string, *http.Response, error) { - r, err := http.Get(url) //nolint:gosec - if err != nil { - return "", nil, err - } - b, err := ioutil.ReadAll(r.Body) - if err != nil { - return "", nil, err - } - defer func() { - _ = r.Body.Close() - }() - return string(b), r, err -} - // get request and return body func getHeader(url string, h map[string]string) (string, *http.Response, error) { req, err := http.NewRequest("GET", url, bytes.NewBuffer(nil)) @@ -1574,3 +1562,605 @@ func bigEchoHTTP(t *testing.T) { err = r.Body.Close() assert.NoError(t, err) } + +func TestStaticEtagPlugin(t *testing.T) { + cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.ErrorLevel)) + assert.NoError(t, err) + + cfg := &config.Viper{ + Path: "configs/.rr-http-static.yaml", + Prefix: "rr", + } + + err = cont.RegisterAll( + cfg, + &logger.ZapLogger{}, + &server.Plugin{}, + &httpPlugin.Plugin{}, + &gzip.Plugin{}, + ) + assert.NoError(t, err) + + err = cont.Init() + if err != nil { + t.Fatal(err) + } + + ch, err := cont.Serve() + assert.NoError(t, err) + + sig := make(chan os.Signal, 1) + signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM) + + wg := &sync.WaitGroup{} + wg.Add(1) + + stopCh := make(chan struct{}, 1) + + go func() { + defer wg.Done() + for { + select { + case e := <-ch: + assert.Fail(t, "error", e.Error.Error()) + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + case <-sig: + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + return + case <-stopCh: + // timeout + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + return + } + } + }() + + time.Sleep(time.Second) + t.Run("ServeSampleEtag", serveStaticSampleEtag) + + stopCh <- struct{}{} + wg.Wait() +} + +func serveStaticSampleEtag(t *testing.T) { + // OK 200 response + b, r, err := get("http://localhost:21603/tests/static/sample.txt") + assert.NoError(t, err) + assert.Equal(t, "sample\n", b) + assert.Equal(t, r.StatusCode, http.StatusOK) + etag := r.Header.Get("Etag") + + _ = r.Body.Close() + + // Should be 304 response with same etag + c := http.Client{ + Timeout: time.Second * 5, + } + + parsedURL, _ := url.Parse("http://localhost:21603/tests/static/sample.txt") + + req := &http.Request{ + Method: http.MethodGet, + URL: parsedURL, + Header: map[string][]string{"If-None-Match": {etag}}, + } + + resp, err := c.Do(req) + assert.Nil(t, err) + assert.Equal(t, http.StatusNotModified, resp.StatusCode) + _ = resp.Body.Close() +} + +func TestStaticPluginSecurity(t *testing.T) { + cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.ErrorLevel)) + assert.NoError(t, err) + + cfg := &config.Viper{ + Path: "configs/.rr-http-static-security.yaml", + Prefix: "rr", + } + + err = cont.RegisterAll( + cfg, + &logger.ZapLogger{}, + &server.Plugin{}, + &httpPlugin.Plugin{}, + &gzip.Plugin{}, + ) + assert.NoError(t, err) + + err = cont.Init() + if err != nil { + t.Fatal(err) + } + + ch, err := cont.Serve() + assert.NoError(t, err) + + sig := make(chan os.Signal, 1) + signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM) + + wg := &sync.WaitGroup{} + wg.Add(1) + + stopCh := make(chan struct{}, 1) + + go func() { + defer wg.Done() + for { + select { + case e := <-ch: + assert.Fail(t, "error", e.Error.Error()) + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + case <-sig: + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + return + case <-stopCh: + // timeout + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + return + } + } + }() + + time.Sleep(time.Second) + t.Run("ServeSampleNotAllowedPath", serveStaticSampleNotAllowedPath) + + stopCh <- struct{}{} + wg.Wait() +} + +func serveStaticSampleNotAllowedPath(t *testing.T) { + // Should be 304 response with same etag + c := http.Client{ + Timeout: time.Second * 5, + } + + parsedURL := &url.URL{ + Scheme: "http", + User: nil, + Host: "localhost:21603", + Path: "%2e%2e%/tests/", + } + + req := &http.Request{ + Method: http.MethodGet, + URL: parsedURL, + } + + resp, err := c.Do(req) + assert.Nil(t, err) + assert.Equal(t, http.StatusBadRequest, resp.StatusCode) + _ = resp.Body.Close() + + parsedURL = &url.URL{ + Scheme: "http", + User: nil, + Host: "localhost:21603", + Path: "%2e%2e%5ctests/", + } + + req = &http.Request{ + Method: http.MethodGet, + URL: parsedURL, + } + + resp, err = c.Do(req) + assert.Nil(t, err) + assert.Equal(t, http.StatusBadRequest, resp.StatusCode) + _ = resp.Body.Close() + + parsedURL = &url.URL{ + Scheme: "http", + User: nil, + Host: "localhost:21603", + Path: "..%2ftests/", + } + + req = &http.Request{ + Method: http.MethodGet, + URL: parsedURL, + } + + resp, err = c.Do(req) + assert.Nil(t, err) + assert.Equal(t, http.StatusBadRequest, resp.StatusCode) + _ = resp.Body.Close() + + parsedURL = &url.URL{ + Scheme: "http", + User: nil, + Host: "localhost:21603", + Path: "%2e%2e%2ftests/", + } + + req = &http.Request{ + Method: http.MethodGet, + URL: parsedURL, + } + + resp, err = c.Do(req) + assert.Nil(t, err) + assert.Equal(t, http.StatusBadRequest, resp.StatusCode) + _ = resp.Body.Close() + + _, r, err := get("http://localhost:21603/../../../../tests/../static/sample.txt") + assert.NoError(t, err) + assert.Equal(t, r.StatusCode, 200) + _ = r.Body.Close() +} + +func TestStaticPlugin(t *testing.T) { + cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.ErrorLevel)) + assert.NoError(t, err) + + cfg := &config.Viper{ + Path: "configs/.rr-http-static.yaml", + Prefix: "rr", + } + + err = cont.RegisterAll( + cfg, + &logger.ZapLogger{}, + &server.Plugin{}, + &httpPlugin.Plugin{}, + &gzip.Plugin{}, + ) + assert.NoError(t, err) + + err = cont.Init() + if err != nil { + t.Fatal(err) + } + + ch, err := cont.Serve() + assert.NoError(t, err) + + sig := make(chan os.Signal, 1) + signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM) + + wg := &sync.WaitGroup{} + wg.Add(1) + + stopCh := make(chan struct{}, 1) + + go func() { + defer wg.Done() + for { + select { + case e := <-ch: + assert.Fail(t, "error", e.Error.Error()) + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + case <-sig: + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + return + case <-stopCh: + // timeout + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + return + } + } + }() + + time.Sleep(time.Second) + t.Run("ServeSample", serveStaticSample) + t.Run("StaticNotForbid", staticNotForbid) + t.Run("StaticHeaders", staticHeaders) + + stopCh <- struct{}{} + wg.Wait() +} + +func staticHeaders(t *testing.T) { + req, err := http.NewRequest("GET", "http://localhost:21603/tests/client.php", nil) + if err != nil { + t.Fatal(err) + } + + resp, err := http.DefaultClient.Do(req) + if err != nil { + t.Fatal(err) + } + + if resp.Header.Get("Output") != "output-header" { + t.Fatal("can't find output header in response") + } + + b, err := ioutil.ReadAll(resp.Body) + if err != nil { + t.Fatal(err) + } + + defer func() { + _ = resp.Body.Close() + }() + + assert.Equal(t, all("../../../tests/client.php"), string(b)) + assert.Equal(t, all("../../../tests/client.php"), string(b)) +} + +func staticNotForbid(t *testing.T) { + b, r, err := get("http://localhost:21603/tests/client.php") + assert.NoError(t, err) + assert.Equal(t, all("../../../tests/client.php"), b) + assert.Equal(t, all("../../../tests/client.php"), b) + _ = r.Body.Close() +} + +func serveStaticSample(t *testing.T) { + b, r, err := get("http://localhost:21603/tests/static/sample.txt") + assert.NoError(t, err) + assert.Equal(t, "sample\n", b) + _ = r.Body.Close() +} + +func TestStaticDisabled_Error(t *testing.T) { + cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.ErrorLevel)) + assert.NoError(t, err) + + cfg := &config.Viper{ + Path: "configs/.rr-http-static-disabled.yaml", + Prefix: "rr", + } + + err = cont.RegisterAll( + cfg, + &logger.ZapLogger{}, + &server.Plugin{}, + &httpPlugin.Plugin{}, + &gzip.Plugin{}, + ) + assert.NoError(t, err) + assert.Error(t, cont.Init()) +} + +func TestStaticFilesDisabled(t *testing.T) { + cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.ErrorLevel)) + assert.NoError(t, err) + + cfg := &config.Viper{ + Path: "configs/.rr-http-static-files-disable.yaml", + Prefix: "rr", + } + + err = cont.RegisterAll( + cfg, + &logger.ZapLogger{}, + &server.Plugin{}, + &httpPlugin.Plugin{}, + &gzip.Plugin{}, + ) + assert.NoError(t, err) + + err = cont.Init() + if err != nil { + t.Fatal(err) + } + + ch, err := cont.Serve() + assert.NoError(t, err) + + sig := make(chan os.Signal, 1) + signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM) + + wg := &sync.WaitGroup{} + wg.Add(1) + + stopCh := make(chan struct{}, 1) + + go func() { + defer wg.Done() + for { + select { + case e := <-ch: + assert.Fail(t, "error", e.Error.Error()) + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + case <-sig: + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + return + case <-stopCh: + // timeout + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + return + } + } + }() + + time.Sleep(time.Second) + t.Run("StaticFilesDisabled", staticFilesDisabled) + + stopCh <- struct{}{} + wg.Wait() +} + +func staticFilesDisabled(t *testing.T) { + b, r, err := get("http://localhost:45877/client.php?hello=world") + if err != nil { + t.Fatal(err) + } + assert.Equal(t, "WORLD", b) + _ = r.Body.Close() +} + +func TestStaticFilesForbid(t *testing.T) { + cont, err := endure.NewContainer(nil, endure.SetLogLevel(endure.ErrorLevel)) + assert.NoError(t, err) + + cfg := &config.Viper{ + Path: "configs/.rr-http-static-files.yaml", + Prefix: "rr", + } + + controller := gomock.NewController(t) + mockLogger := mocks.NewMockLogger(controller) + + mockLogger.EXPECT().Debug("worker destructed", "pid", gomock.Any()).AnyTimes() + mockLogger.EXPECT().Debug("worker constructed", "pid", gomock.Any()).AnyTimes() + mockLogger.EXPECT().Debug("201 GET http://localhost:34653/tests/http?hello=world", "remote", "127.0.0.1", "elapsed", gomock.Any()).MinTimes(1) + mockLogger.EXPECT().Debug("201 GET http://localhost:34653/tests/client.XXX?hello=world", "remote", "127.0.0.1", "elapsed", gomock.Any()).MinTimes(1) + mockLogger.EXPECT().Debug("201 GET http://localhost:34653/tests/client.php?hello=world", "remote", "127.0.0.1", "elapsed", gomock.Any()).MinTimes(1) + mockLogger.EXPECT().Error("file open error", "error", gomock.Any()).AnyTimes() + mockLogger.EXPECT().Error(gomock.Any(), gomock.Any(), gomock.Any()).AnyTimes() // placeholder for the workerlogerror + + err = cont.RegisterAll( + cfg, + mockLogger, + &server.Plugin{}, + &httpPlugin.Plugin{}, + &gzip.Plugin{}, + ) + assert.NoError(t, err) + + err = cont.Init() + if err != nil { + t.Fatal(err) + } + + ch, err := cont.Serve() + assert.NoError(t, err) + + sig := make(chan os.Signal, 1) + signal.Notify(sig, os.Interrupt, syscall.SIGINT, syscall.SIGTERM) + + wg := &sync.WaitGroup{} + wg.Add(1) + + stopCh := make(chan struct{}, 1) + + go func() { + defer wg.Done() + for { + select { + case e := <-ch: + assert.Fail(t, "error", e.Error.Error()) + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + case <-sig: + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + return + case <-stopCh: + // timeout + err = cont.Stop() + if err != nil { + assert.FailNow(t, "error", err.Error()) + } + return + } + } + }() + + time.Sleep(time.Second) + t.Run("StaticTestFilesDir", staticTestFilesDir) + t.Run("StaticNotFound", staticNotFound) + t.Run("StaticFilesForbid", staticFilesForbid) + t.Run("StaticFilesAlways", staticFilesAlways) + + stopCh <- struct{}{} + wg.Wait() +} + +func staticTestFilesDir(t *testing.T) { + b, r, err := get("http://localhost:34653/tests/http?hello=world") + assert.NoError(t, err) + assert.Equal(t, "403 Forbidden\n", b) + _ = r.Body.Close() +} + +func staticNotFound(t *testing.T) { + b, _, _ := get("http://localhost:34653/tests/client.XXX?hello=world") //nolint:bodyclose + assert.Equal(t, "404 page not found\n", b) +} + +func staticFilesAlways(t *testing.T) { + _, r, err := get("http://localhost:34653/tests/favicon.ico") + assert.NoError(t, err) + assert.Equal(t, 404, r.StatusCode) + _ = r.Body.Close() +} + +func staticFilesForbid(t *testing.T) { + b, r, err := get("http://localhost:34653/tests/client.php?hello=world") + if err != nil { + t.Fatal(err) + } + assert.Equal(t, "403 Forbidden\n", b) + _ = r.Body.Close() +} + +// HELPERS +func get(url string) (string, *http.Response, error) { + r, err := http.Get(url) //nolint:gosec + if err != nil { + return "", nil, err + } + + b, err := ioutil.ReadAll(r.Body) + if err != nil { + return "", nil, err + } + + err = r.Body.Close() + if err != nil { + return "", nil, err + } + + return string(b), r, err +} + +func all(fn string) string { + f, _ := os.Open(fn) + + b := new(bytes.Buffer) + _, err := io.Copy(b, f) + if err != nil { + return "" + } + + err = f.Close() + if err != nil { + return "" + } + + return b.String() +} diff --git a/tests/plugins/http/parse_test.go b/tests/plugins/http/parse_test.go index 5cc1ce32..15c82839 100644 --- a/tests/plugins/http/parse_test.go +++ b/tests/plugins/http/parse_test.go @@ -3,7 +3,7 @@ package http import ( "testing" - "github.com/spiral/roadrunner/v2/plugins/http" + handler "github.com/spiral/roadrunner/v2/plugins/http/worker_handler" ) var samples = []struct { @@ -21,7 +21,7 @@ var samples = []struct { func Test_FetchIndexes(t *testing.T) { for i := 0; i < len(samples); i++ { - r := http.FetchIndexes(samples[i].in) + r := handler.FetchIndexes(samples[i].in) if !same(r, samples[i].out) { t.Errorf("got %q, want %q", r, samples[i].out) } @@ -31,7 +31,7 @@ func Test_FetchIndexes(t *testing.T) { func BenchmarkConfig_FetchIndexes(b *testing.B) { for _, tt := range samples { for n := 0; n < b.N; n++ { - r := http.FetchIndexes(tt.in) + r := handler.FetchIndexes(tt.in) if !same(r, tt.out) { b.Fail() } diff --git a/tests/plugins/http/plugin_middleware.go b/tests/plugins/http/plugin_middleware.go index 00640b69..9f04d6db 100644 --- a/tests/plugins/http/plugin_middleware.go +++ b/tests/plugins/http/plugin_middleware.go @@ -18,8 +18,8 @@ func (p *PluginMiddleware) Init(cfg config.Configurer) error { } // Middleware test -func (p *PluginMiddleware) Middleware(next http.Handler) http.HandlerFunc { - return func(w http.ResponseWriter, r *http.Request) { +func (p *PluginMiddleware) Middleware(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.URL.Path == "/halt" { w.WriteHeader(500) _, err := w.Write([]byte("halted")) @@ -29,7 +29,7 @@ func (p *PluginMiddleware) Middleware(next http.Handler) http.HandlerFunc { } else { next.ServeHTTP(w, r) } - } + }) } // Name test @@ -49,8 +49,8 @@ func (p *PluginMiddleware2) Init(cfg config.Configurer) error { } // Middleware test -func (p *PluginMiddleware2) Middleware(next http.Handler) http.HandlerFunc { - return func(w http.ResponseWriter, r *http.Request) { +func (p *PluginMiddleware2) Middleware(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { if r.URL.Path == "/boom" { w.WriteHeader(555) _, err := w.Write([]byte("boom")) @@ -60,7 +60,7 @@ func (p *PluginMiddleware2) Middleware(next http.Handler) http.HandlerFunc { } else { next.ServeHTTP(w, r) } - } + }) } // Name test diff --git a/tests/plugins/http/response_test.go b/tests/plugins/http/response_test.go index dc9856ac..3564d9cd 100644 --- a/tests/plugins/http/response_test.go +++ b/tests/plugins/http/response_test.go @@ -7,7 +7,7 @@ import ( "testing" "github.com/spiral/roadrunner/v2/pkg/payload" - httpPlugin "github.com/spiral/roadrunner/v2/plugins/http" + handler "github.com/spiral/roadrunner/v2/plugins/http/worker_handler" "github.com/stretchr/testify/assert" ) @@ -45,13 +45,13 @@ func (tw *testWriter) Push(target string, opts *http.PushOptions) error { } func TestNewResponse_Error(t *testing.T) { - r, err := httpPlugin.NewResponse(payload.Payload{Context: []byte(`invalid payload`)}) + r, err := handler.NewResponse(payload.Payload{Context: []byte(`invalid payload`)}) assert.Error(t, err) assert.Nil(t, r) } func TestNewResponse_Write(t *testing.T) { - r, err := httpPlugin.NewResponse(payload.Payload{ + r, err := handler.NewResponse(payload.Payload{ Context: []byte(`{"headers":{"key":["value"]},"status": 301}`), Body: []byte(`sample body`), }) @@ -68,7 +68,7 @@ func TestNewResponse_Write(t *testing.T) { } func TestNewResponse_Stream(t *testing.T) { - r, err := httpPlugin.NewResponse(payload.Payload{ + r, err := handler.NewResponse(payload.Payload{ Context: []byte(`{"headers":{"key":["value"]},"status": 301}`), }) @@ -93,7 +93,7 @@ func TestNewResponse_Stream(t *testing.T) { } func TestNewResponse_StreamError(t *testing.T) { - r, err := httpPlugin.NewResponse(payload.Payload{ + r, err := handler.NewResponse(payload.Payload{ Context: []byte(`{"headers":{"key":["value"]},"status": 301}`), }) @@ -114,7 +114,7 @@ func TestNewResponse_StreamError(t *testing.T) { } func TestWrite_HandlesPush(t *testing.T) { - r, err := httpPlugin.NewResponse(payload.Payload{ + r, err := handler.NewResponse(payload.Payload{ Context: []byte(`{"headers":{"Http2-Push":["/test.js"],"content-type":["text/html"]},"status": 200}`), }) @@ -129,7 +129,7 @@ func TestWrite_HandlesPush(t *testing.T) { } func TestWrite_HandlesTrailers(t *testing.T) { - r, err := httpPlugin.NewResponse(payload.Payload{ + r, err := handler.NewResponse(payload.Payload{ Context: []byte(`{"headers":{"Trailer":["foo, bar", "baz"],"foo":["test"],"bar":["demo"]},"status": 200}`), }) @@ -139,7 +139,7 @@ func TestWrite_HandlesTrailers(t *testing.T) { w := &testWriter{h: http.Header(make(map[string][]string))} assert.NoError(t, r.Write(w)) - assert.Nil(t, w.h[httpPlugin.TrailerHeaderKey]) + assert.Nil(t, w.h[handler.TrailerHeaderKey]) assert.Nil(t, w.h["foo"]) //nolint:staticcheck assert.Nil(t, w.h["baz"]) //nolint:staticcheck @@ -148,7 +148,7 @@ func TestWrite_HandlesTrailers(t *testing.T) { } func TestWrite_HandlesHandlesWhitespacesInTrailer(t *testing.T) { - r, err := httpPlugin.NewResponse(payload.Payload{ + r, err := handler.NewResponse(payload.Payload{ Context: []byte( `{"headers":{"Trailer":["foo\t,bar , baz"],"foo":["a"],"bar":["b"],"baz":["c"]},"status": 200}`), }) diff --git a/tests/plugins/http/uploads_test.go b/tests/plugins/http/uploads_test.go index bc7e17df..5c39589c 100644 --- a/tests/plugins/http/uploads_test.go +++ b/tests/plugins/http/uploads_test.go @@ -18,8 +18,8 @@ import ( j "github.com/json-iterator/go" poolImpl "github.com/spiral/roadrunner/v2/pkg/pool" "github.com/spiral/roadrunner/v2/pkg/transport/pipe" - httpPlugin "github.com/spiral/roadrunner/v2/plugins/http" "github.com/spiral/roadrunner/v2/plugins/http/config" + handler "github.com/spiral/roadrunner/v2/plugins/http/worker_handler" "github.com/stretchr/testify/assert" ) @@ -40,7 +40,7 @@ func TestHandler_Upload_File(t *testing.T) { t.Fatal(err) } - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, pool) @@ -123,7 +123,7 @@ func TestHandler_Upload_NestedFile(t *testing.T) { t.Fatal(err) } - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{}, }, nil, pool) @@ -206,7 +206,7 @@ func TestHandler_Upload_File_NoTmpDir(t *testing.T) { t.Fatal(err) } - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: "-------", Forbid: []string{}, }, nil, pool) @@ -289,7 +289,7 @@ func TestHandler_Upload_File_Forbids(t *testing.T) { t.Fatal(err) } - h, err := httpPlugin.NewHandler(1024, config.Uploads{ + h, err := handler.NewHandler(1024, config.Uploads{ Dir: os.TempDir(), Forbid: []string{".go"}, }, nil, pool) |