Handle invalid data more gracefully.

Fixes #47
This commit is contained in:
Aldo Cortesi 2012-06-30 15:59:42 +12:00
parent 16e87a81ac
commit f070e4523a
2 changed files with 22 additions and 3 deletions

View File

@ -261,7 +261,10 @@ class ProxyHandler(tcp.BaseHandler):
if line == "":
return None
if line.startswith("CONNECT"):
host, port, httpversion = http.parse_init_connect(line)
r = http.parse_init_connect(line)
if not r:
raise ProxyError(400, "Bad HTTP request line: %s"%line)
host, port, httpversion = r
# FIXME: Discard additional headers sent to the proxy. Should I expose
# these to users?
while 1:
@ -290,6 +293,9 @@ class ProxyHandler(tcp.BaseHandler):
)
return flow.Request(client_conn, httpversion, host, port, "https", method, path, headers, content)
else:
r = http.parse_init_proxy(line)
if not r:
raise ProxyError(400, "Bad HTTP request line: %s"%line)
method, scheme, host, port, path, httpversion = http.parse_init_proxy(line)
headers = http.read_headers(self.rfile)
content = http.read_http_body_request(

View File

@ -1,6 +1,7 @@
import urllib, urllib2, unittest
import time
import libpathod.test, requests
from netlib import tcp, http
import tutils
"""
@ -21,7 +22,19 @@ class SanityMixin:
class TestHTTP(tutils.HTTPProxTest, SanityMixin):
pass
def test_invalid_http(self):
t = tcp.TCPClient("127.0.0.1", self.proxy.port)
t.connect()
t.wfile.write("invalid\n\n")
t.wfile.flush()
assert "Bad Request" in t.rfile.readline()
def test_invalid_connect(self):
t = tcp.TCPClient("127.0.0.1", self.proxy.port)
t.connect()
t.wfile.write("CONNECT invalid\n\n")
t.wfile.flush()
assert "Bad Request" in t.rfile.readline()
class TestHTTPS(tutils.HTTPProxTest, SanityMixin):