12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388 |
- -module(rfc7230_SUITE).
- -compile(export_all).
- -import(ct_helper, [doc/1]).
- -import(cowboy_test, [raw_open/1]).
- -import(cowboy_test, [raw_send/2]).
- -import(cowboy_test, [raw_recv_head/1]).
- -import(cowboy_test, [raw_recv/3]).
- all() -> [{group, http}].
- groups() -> [{http, [parallel], ct_helper:all(?MODULE)}].
- init_per_group(Name = http, Config) ->
- cowboy_test:init_http(Name = http, #{
- env => #{dispatch => cowboy_router:compile(init_routes(Config))}
- }, Config).
- end_per_group(Name, _) ->
- ok = cowboy:stop_listener(Name).
- init_routes(_) -> [
- {"localhost", [
- {"/", hello_h, []},
- {"/echo/:key", echo_h, []}
- ]},
- {"127.0.0.1", [{"/echo/:key", echo_h, []}]},
- {"example.org", [{"/echo/:key", echo_h, []}]}
- ].
- do_raw(Config, Data) ->
- Client = raw_open(Config),
- ok = raw_send(Client, Data),
- {Version, Code, Reason, Rest} = cow_http:parse_status_line(raw_recv_head(Client)),
- {Headers, Rest2} = cow_http:parse_headers(Rest),
- case lists:keyfind(<<"content-length">>, 1, Headers) of
- {_, LengthBin} when LengthBin =/= <<"0">> ->
- Length = binary_to_integer(LengthBin),
- Body = if
- byte_size(Rest2) =:= Length -> Rest2;
- true ->
- {ok, Body0} = raw_recv(Client, binary_to_integer(LengthBin) - byte_size(Rest2), 5000),
- << Rest2/bits, Body0/bits >>
- end,
- #{client => Client, version => Version, code => Code, reason => Reason, headers => Headers, body => Body};
- _ ->
- #{client => Client, version => Version, code => Code, reason => Reason, headers => Headers, body => <<>>}
- end.
- accept_at_least_1_empty_line(Config) ->
- doc("A configurable number of empty lines (CRLF) preceding the request "
- "must be ignored. At least 1 empty line must be ignored. (RFC7230 3.5)"),
- #{code := 200} = do_raw(Config,
- "\r\n"
- "GET / HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- reject_response(Config) ->
- doc("When receiving a response instead of a request, identified by the "
- "status-line which starts with the HTTP version, the server must "
- "reject the message with a 400 status code and close the connection. (RFC7230 3.1)"),
- #{code := 400, client := Client} = do_raw(Config,
- "HTTP/1.1 200 OK\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- only_parse_necessary_elements(Config) ->
- doc("It is only necessary to parse elements required to process the request. (RFC7230 2.5)"),
- #{code := 200} = do_raw(Config,
- "GET / HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "Content-type: purposefully bad header value\r\n"
- "\r\n").
- no_empty_line_after_request_line(Config) ->
- doc("The general format of HTTP requests is strict. No empty line is "
- "allowed in-between components except for the empty line "
- "indicating the end of the list of headers."),
- #{code := 400} = do_raw(Config,
- "GET / HTTP/1.1\r\n"
- "\r\n"
- "Host: localhost\r\n"
- "\r\n").
- no_empty_line_in_headers(Config) ->
- doc("The general format of HTTP requests is strict. No empty line is "
- "allowed in-between components except for the empty line "
- "indicating the end of the list of headers."),
- #{code := 400} = do_raw(Config,
- "GET / HTTP/1.1\r\n"
- "User-Agent: RFC7230\r\n"
- "\r\n"
- "Host: localhost\r\n"
- "\r\n").
- timeout_before_request_line(Config) ->
- doc("The time the request (request line and headers) takes to be "
- "received by the server must be limited and subject to configuration. "
- "No response must be sent before closing if no request was initiated "
- "by the reception of a complete request-line."),
- Client = raw_open(Config),
- ok = raw_send(Client, "GET / HTTP/1.1\r"),
- {error, closed} = raw_recv(Client, 0, 6000).
- timeout_after_request_line(Config) ->
- doc("The time the request (request line and headers) takes to be "
- "received by the server must be limited and subject to configuration. "
- "A 408 status code must be sent if the request line was received."),
- #{code := 408, client := Client} = do_raw(Config, "GET / HTTP/1.1\r\n"),
- {error, closed} = raw_recv(Client, 0, 6000).
- limit_request_line_8000(Config) ->
- doc("It is recommended to limit the request-line length to a configurable "
- "limit of at least 8000 octets."),
- LongPath = ["/long-path" || _ <- lists:seq(1, 799)],
- #{code := 200} = do_raw(Config, [
- "GET /?qs=", LongPath, " HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"]).
- limit_request_line_9000(Config) ->
- doc("It is recommended to limit the request-line length to a configurable "
- "limit of at least 8000 octets. A request line too long must be rejected "
- "with a 414 status code and the closing of the connection. (RFC7230 3.1.1)"),
- LongPath = ["/long-path" || _ <- lists:seq(1, 899)],
- #{code := 414, client := Client} = do_raw(Config, [
- "GET /very", LongPath, " HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"]),
- {error, closed} = raw_recv(Client, 0, 1000).
- reject_invalid_method(Config) ->
- doc("The request method is defined as 1+ token characters. An invalid "
- "method must be rejected with a 400 status code and the "
- "closing of the connection. (RFC7230 3.1.1, RFC7230 3.2.6)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET\0 / HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- reject_empty_method(Config) ->
- doc("The request method is defined as 1+ token characters. An empty "
- "method must be rejected with a 400 status code and the "
- "closing of the connection. (RFC7230 3.1.1, RFC7230 3.2.6)"),
- #{code := 400, client := Client} = do_raw(Config,
- " / HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- limit_method_name(Config) ->
- doc("The length of the method must be subject to a configurable limit. "
- "A method too long must be rejected with a 501 status code and the "
- "closing of the connection. A good default for the method length limit "
- "is the longest method length the server implements. (RFC7230 3.1.1)"),
- LongMethod = [$G || _ <- lists:seq(1, 1000)],
- #{code := 501, client := Client} = do_raw(Config, [
- LongMethod, " / HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"]),
- {error, closed} = raw_recv(Client, 0, 1000).
- reject_tab_between_method_and_request_target(Config) ->
- doc("A request that uses anything other than SP as separator between "
- "the method and the request-target must be rejected with a 400 "
- "status code and the closing of the connection. (RFC7230 3.1.1, RFC7230 3.5)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET\t/ HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- reject_two_sp_between_method_and_request_target(Config) ->
- doc("A request that uses anything other than SP as separator between "
- "the method and the request-target must be rejected with a 400 "
- "status code and the closing of the connection. (RFC7230 3.1.1, RFC7230 3.5)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET / HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- ignore_uri_fragment_after_path(Config) ->
- doc("The fragment part of the target URI is not sent. It must be "
- "ignored by a server receiving it. (RFC7230 5.1)"),
- Echo = <<"http://localhost/echo/url">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET /echo/url#fragment HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- ignore_uri_fragment_after_query(Config) ->
- doc("The fragment part of the target URI is not sent. It must be "
- "ignored by a server receiving it. (RFC7230 5.1)"),
- Echo = <<"http://localhost/echo/url?key=value">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET /echo/url?key=value#fragment HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- must_understand_origin_form(Config) ->
- doc("A server must be able to handle at least origin-form and absolute-form. (RFC7230 5.3.2)"),
- #{code := 200} = do_raw(Config,
- "GET / HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- origin_form_reject_if_connect(Config) ->
- doc("origin-form is used when the client does not connect to a proxy, "
- "does not use the CONNECT method and does not issue a site-wide "
- "OPTIONS request. (RFC7230 5.3.1)"),
- #{code := 400, client := Client} = do_raw(Config,
- "CONNECT / HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- origin_form_tcp_scheme(Config) ->
- doc("The scheme is either resolved from configuration or is \"https\" "
- "when on a TLS connection and \"http\" otherwise. (RFC7230 5.5)"),
- Echo = <<"http://localhost/echo/url">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET /echo/url HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- origin_form_path(Config) ->
- doc("The absolute-path always starts with \"/\" and ends with either \"?\", \"#\" "
- "or the end of the URI. (RFC3986 3.3)"),
- Echo = <<"/echo/path">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET /echo/path HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- origin_form_path_query(Config) ->
- doc("The absolute-path always starts with \"/\" and ends with either \"?\", \"#\" "
- "or the end of the URI. (RFC3986 3.3)"),
- Echo = <<"/echo/path">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET /echo/path?key=value HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- origin_form_path_fragment(Config) ->
- doc("The absolute-path always starts with \"/\" and ends with either \"?\", \"#\" "
- "or the end of the URI. (RFC3986 3.3)"),
- Echo = <<"/echo/path">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET /echo/path#fragment HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- origin_form_query(Config) ->
- doc("The query starts with \"?\" and ends with \"#\" or the end of the URI. (RFC3986 3.4)"),
- Echo = <<"key=value">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET /echo/qs?key=value HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- origin_form_query_fragment(Config) ->
- doc("The query starts with \"?\" and ends with \"#\" or the end of the URI. (RFC3986 3.4)"),
- Echo = <<"key=value">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET /echo/qs?key=value#fragment HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- must_understand_absolute_form(Config) ->
- doc("A server must be able to handle at least origin-form and absolute-form. (RFC7230 5.3.2)"),
- #{code := 200} = do_raw(Config,
- "GET http://localhost HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_case_insensitive_scheme(Config) ->
- doc("The scheme is case insensitive and normally provided in lowercase. (RFC7230 2.7.3)"),
- Echo = <<"http://localhost/echo/url">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET HttP://localhost/echo/url HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_case_insensitive_host(Config) ->
- doc("The host is case insensitive and normally provided in lowercase. (RFC7230 2.7.3)"),
- Echo = <<"http://localhost/echo/url">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET http://LoCaLHOsT/echo/url HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_reject_unknown_schemes(Config) ->
- doc("Unknown schemes must be rejected with a 400 status code and the closing of the connection."),
- #{code := 400, client := Client} = do_raw(Config,
- "GET bad://localhost/ HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- absolute_form_drop_scheme_tcp(Config) ->
- doc("The scheme provided with the request must be dropped. The effective "
- "scheme is either resolved from configuration or is \"https\" when on "
- "a TLS connection and \"http\" otherwise. (RFC7230 5.5)"),
- Echo = <<"http://localhost/echo/url">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET https://localhost/echo/url HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_reject_userinfo(Config) ->
- doc("An authority component with a userinfo component (and its "
- "\"@\" delimiter) is invalid. The request must be rejected with "
- "a 400 status code and the closing of the connection. (RFC7230 2.7.1)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET http://username:password@localhost HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- absolute_form_reject_missing_host_without_path(Config) ->
- doc("A URI with a missing host identifier is invalid. The request must "
- "be rejected with a 400 status code and the closing of the connection. (RFC7230 2.7.1)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET http:// HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- absolute_form_reject_missing_host_with_path(Config) ->
- doc("A URI with a missing host identifier is invalid. The request must "
- "be rejected with a 400 status code and the closing of the connection. (RFC7230 2.7.1)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET http:/// HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- absolute_form_ipv4(Config) ->
- doc("Absolute form with an IPv4 address for the host. (RFC3986 3.2.2)"),
- Echo = <<"127.0.0.1">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET http://127.0.0.1/echo/host HTTP/1.1\r\n"
- "Host: 127.0.0.1\r\n"
- "\r\n").
- absolute_form_ipv4_port(Config) ->
- doc("Absolute form with an IPv4 address for the host and a port number. (RFC3986 3.2.2)"),
- Host = <<"127.0.0.1">>,
- #{code := 200, body := Host} = do_raw(Config,
- "GET http://127.0.0.1:8080/echo/host HTTP/1.1\r\n"
- "Host: 127.0.0.1:8080\r\n"
- "\r\n"),
- Port = <<"8080">>,
- #{code := 200, body := Port} = do_raw(Config,
- "GET http://127.0.0.1:8080/echo/port HTTP/1.1\r\n"
- "Host: 127.0.0.1:8080\r\n"
- "\r\n").
- absolute_form_reg_name(Config) ->
- doc("Absolute form with a regular name for the host. (RFC3986 3.2.2)"),
- Echo = <<"example.org">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET http://example.org/echo/host HTTP/1.1\r\n"
- "Host: example.org\r\n"
- "\r\n").
- absolute_form_reg_name_port(Config) ->
- doc("Absolute form with an IPv4 address for the host and a port number. (RFC3986 3.2.2)"),
- Host = <<"example.org">>,
- #{code := 200, body := Host} = do_raw(Config,
- "GET http://example.org:8080/echo/host HTTP/1.1\r\n"
- "Host: example.org:8080\r\n"
- "\r\n"),
- Port = <<"8080">>,
- #{code := 200, body := Port} = do_raw(Config,
- "GET http://example.org:8080/echo/port HTTP/1.1\r\n"
- "Host: example.org:8080\r\n"
- "\r\n").
- absolute_form_limit_host(Config) ->
- doc("The maximum length for the host component of the URI must be subject "
- "to a configurable limit. A good default is 255 characters. "
- "(RFC7230 3.1.1, RFC3986 3.2.2, RFC1034 3.1)"),
- LongHost = ["host." || _ <- lists:seq(1, 100)],
- #{code := 414, client := Client} = do_raw(Config, [
- "GET http://", LongHost, "/ HTTP/1.1\r\n"
- "Host: ", LongHost, "\r\n"
- "\r\n"]),
- {error, closed} = raw_recv(Client, 0, 1000).
- absolute_form_invalid_port_0(Config) ->
- doc("Port number 0 is reserved. The request must be rejected and the connection closed."),
- #{code := 400, client := Client} = do_raw(Config,
- "GET http://localhost:0/ HTTP/1.1\r\n"
- "Host: localhost:0\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- absolute_form_invalid_port_65536(Config) ->
- doc("Port numbers above 65535 are invalid. The request must be rejected and the connection closed."),
- #{code := 400, client := Client} = do_raw(Config,
- "GET http://localhost:65536/ HTTP/1.1\r\n"
- "Host: localhost:65536\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- absolute_form_path(Config) ->
- doc("The path always starts with \"/\" and ends with either \"?\", \"#\" "
- "or the end of the URI. (RFC3986 3.3)"),
- Echo = <<"/echo/path">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET http://localhost/echo/path HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_path_query(Config) ->
- doc("The path always starts with \"/\" and ends with either \"?\", \"#\" "
- "or the end of the URI. (RFC3986 3.3)"),
- Echo = <<"/echo/path">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET http://localhost/echo/path?key=value HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_path_fragment(Config) ->
- doc("The path always starts with \"/\" and ends with either \"?\", \"#\" "
- "or the end of the URI. (RFC3986 3.3)"),
- Echo = <<"/echo/path">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET http://localhost/echo/path#fragment HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_no_path(Config) ->
- doc("An empty path component is equivalent to \"/\". (RFC7230 2.7.3)"),
- #{code := 200, body := <<"Hello world!">>} = do_raw(Config,
- "GET http://localhost HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_no_path_then_query(Config) ->
- doc("An empty path component is equivalent to \"/\". (RFC7230 2.7.3)"),
- #{code := 200, body := <<"Hello world!">>} = do_raw(Config,
- "GET http://localhost?key=value HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_no_path_then_fragment(Config) ->
- doc("An empty path component is equivalent to \"/\". (RFC7230 2.7.3)"),
- #{code := 200, body := <<"Hello world!">>} = do_raw(Config,
- "GET http://localhost#fragment HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_query(Config) ->
- doc("The query starts with \"?\" and ends with \"#\" or the end of the URI. (RFC3986 3.4)"),
- Echo = <<"key=value">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET http://localhost/echo/qs?key=value HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- absolute_form_query_fragment(Config) ->
- doc("The query starts with \"?\" and ends with \"#\" or the end of the URI. (RFC3986 3.4)"),
- Echo = <<"key=value">>,
- #{code := 200, body := Echo} = do_raw(Config,
- "GET http://localhost/echo/qs?key=value#fragment HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n").
- authority_form_reject_if_not_connect(Config) ->
- doc("When the method is CONNECT, authority-form must be used. This "
- "form does not apply to any other methods which must reject the "
- "request with a 400 status code and the closing of the connection. (RFC7230 5.3.3)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET localhost:80 HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- asterisk_form_reject_if_not_options(Config) ->
- doc("asterisk-form is used for server-wide OPTIONS requests. "
- "It is invalid with any other methods which must reject the "
- "request with a 400 status code and the closing of the connection. (RFC7230 5.3.4)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET * HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- asterisk_form_empty_path(Config) ->
- doc("The path is empty when using asterisk-form. (RFC7230 5.5)"),
- #{code := 200, body := <<>>} = do_raw(Config,
- "OPTIONS * HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "X-Echo: path\r\n"
- "\r\n").
- asterisk_form_empty_query(Config) ->
- doc("The query is empty when using asterisk-form. (RFC7230 5.5)"),
- #{code := 200, body := <<>>} = do_raw(Config,
- "OPTIONS * HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "X-Echo: query\r\n"
- "\r\n").
- invalid_request_target(Config) ->
- doc("Any other form is invalid and must be rejected with a 400 status code "
- "and the closing of the connection."),
- #{code := 400, client := Client} = do_raw(Config,
- "GET \0 HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- reject_tab_between_request_target_and_version(Config) ->
- doc("A request that uses anything other than SP as separator between "
- "the request-target and the version must be rejected with a 400 "
- "status code and the closing of the connection. (RFC7230 3.1.1, RFC7230 3.5)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET /\tHTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- reject_two_sp_between_request_target_and_version(Config) ->
- doc("A request that uses anything other than SP as separator between "
- "the request-target and the version must be rejected with a 400 "
- "status code and the closing of the connection. (RFC7230 3.1.1, RFC7230 3.5)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET / HTTP/1.1\r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
- reject_invalid_version_http100(Config) ->
- doc("Any version number other than HTTP/1.0 or HTTP/1.1 must be "
- "rejected by a server or intermediary with a 505 status code. (RFC7230 2.6, RFC7230 A.2)"),
- #{code := 505} = do_raw(Config,
- "GET / HTTP/1.00\r\n"
- "Host: localhost\r\n"
- "\r\n").
- reject_invalid_version_http111(Config) ->
- doc("Any version number other than HTTP/1.0 or HTTP/1.1 must be "
- "rejected by a server or intermediary with a 505 status code. (RFC7230 2.6, RFC7230 A.2)"),
- #{code := 505} = do_raw(Config,
- "GET / HTTP/1.11\r\n"
- "Host: localhost\r\n"
- "\r\n").
- reject_invalid_version_http12(Config) ->
- doc("Any version number other than HTTP/1.0 or HTTP/1.1 must be "
- "rejected by a server or intermediary with a 505 status code. (RFC7230 2.6, RFC7230 A.2)"),
- #{code := 505} = do_raw(Config,
- "GET / HTTP/1.2\r\n"
- "Host: localhost\r\n"
- "\r\n").
- reject_invalid_version_http2(Config) ->
- doc("Any version number other than HTTP/1.0 or HTTP/1.1 must be "
- "rejected by a server or intermediary with a 505 status code. (RFC7230 2.6, RFC7230 A.2)"),
- #{code := 505} = do_raw(Config,
- "GET / HTTP/2\r\n"
- "Host: localhost\r\n"
- "\r\n").
- reject_empty_version(Config) ->
- doc("Any version number other than HTTP/1.0 or HTTP/1.1 must be "
- "rejected by a server or intermediary with a 505 status code. (RFC7230 2.6, RFC7230 A.2)"),
- #{code := 505} = do_raw(Config,
- "GET / \r\n"
- "Host: localhost\r\n"
- "\r\n").
- reject_invalid_whitespace_after_version(Config) ->
- doc("A request that has whitespace different than CRLF following the "
- "version must be rejected with a 400 status code and the closing "
- "of the connection. (RFC7230 3.1.1)"),
- #{code := 400, client := Client} = do_raw(Config,
- "GET / HTTP/1.1 \r\n"
- "Host: localhost\r\n"
- "\r\n"),
- {error, closed} = raw_recv(Client, 0, 1000).
|