etorres/traefik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
traefik/49ed06686b6c4be2164c65eb6d807b0fc542aea4.patch
Christian Rebischke 624c621890 apply patches for go 1.15
2020-09-02 16:12:26 +00:00

172 lines
5.7 KiB
Diff
Raw Permalink Blame History

From 49ed06686b6c4be2164c65eb6d807b0fc542aea4 Mon Sep 17 00:00:00 2001
From: Fernandez Ludovic <ludovic@containo.us>
Date: Thu, 13 Aug 2020 19:14:25 +0200
Subject: [PATCH] fix: HTTP smuggling fix.
---
pkg/middlewares/auth/forward_test.go | 47 ++++++++++++++--------------
1 file changed, 23 insertions(+), 24 deletions(-)
diff --git a/pkg/middlewares/auth/forward_test.go b/pkg/middlewares/auth/forward_test.go
index 7674a1384d..44486379ac 100644
--- a/pkg/middlewares/auth/forward_test.go
+++ b/pkg/middlewares/auth/forward_test.go
@@ -28,7 +28,7 @@ func TestForwardAuthFail(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
http.Error(w, "Forbidden", http.StatusForbidden)
}))
- defer server.Close()
+ t.Cleanup(server.Close)
middleware, err := NewForward(context.Background(), next, dynamic.ForwardAuth{
Address: server.URL,
@@ -36,7 +36,7 @@ func TestForwardAuthFail(t *testing.T) {
require.NoError(t, err)
ts := httptest.NewServer(middleware)
- defer ts.Close()
+ t.Cleanup(ts.Close)
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil)
res, err := http.DefaultClient.Do(req)
@@ -59,7 +59,7 @@ func TestForwardAuthSuccess(t *testing.T) {
w.Header().Add("X-Auth-Group", "group2")
fmt.Fprintln(w, "Success")
}))
- defer server.Close()
+ t.Cleanup(server.Close)
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "user@example.com", r.Header.Get("X-Auth-User"))
@@ -76,7 +76,7 @@ func TestForwardAuthSuccess(t *testing.T) {
require.NoError(t, err)
ts := httptest.NewServer(middleware)
- defer ts.Close()
+ t.Cleanup(ts.Close)
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil)
req.Header.Set("X-Auth-Group", "admin_group")
@@ -95,20 +95,19 @@ func TestForwardAuthRedirect(t *testing.T) {
authTs := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, "http://example.com/redirect-test", http.StatusFound)
}))
- defer authTs.Close()
+ t.Cleanup(authTs.Close)
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintln(w, "traefik")
})
- auth := dynamic.ForwardAuth{
- Address: authTs.URL,
- }
+ auth := dynamic.ForwardAuth{Address: authTs.URL}
+
authMiddleware, err := NewForward(context.Background(), next, auth, "authTest")
require.NoError(t, err)
ts := httptest.NewServer(authMiddleware)
- defer ts.Close()
+ t.Cleanup(ts.Close)
client := &http.Client{
CheckRedirect: func(r *http.Request, via []*http.Request) error {
@@ -139,7 +138,7 @@ func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) {
headers := w.Header()
for _, header := range forward.HopHeaders {
if header == forward.TransferEncoding {
- headers.Add(header, "identity")
+ headers.Set(header, "chunked")
} else {
headers.Add(header, "test")
}
@@ -147,29 +146,29 @@ func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) {
http.Redirect(w, r, "http://example.com/redirect-test", http.StatusFound)
}))
- defer authTs.Close()
+ t.Cleanup(authTs.Close)
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintln(w, "traefik")
})
- auth := dynamic.ForwardAuth{
- Address: authTs.URL,
- }
- authMiddleware, err := NewForward(context.Background(), next, auth, "authTest")
- assert.NoError(t, err, "there should be no error")
+ auth := dynamic.ForwardAuth{Address: authTs.URL}
+
+ authMiddleware, err := NewForward(context.Background(), next, auth, "authTest")
+ require.NoError(t, err)
ts := httptest.NewServer(authMiddleware)
- defer ts.Close()
+ t.Cleanup(ts.Close)
client := &http.Client{
CheckRedirect: func(r *http.Request, via []*http.Request) error {
return http.ErrUseLastResponse
},
}
+
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil)
res, err := client.Do(req)
- assert.NoError(t, err, "there should be no error")
+ require.NoError(t, err)
assert.Equal(t, http.StatusFound, res.StatusCode, "they should be equal")
for _, header := range forward.HopHeaders {
@@ -177,11 +176,11 @@ func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) {
}
location, err := res.Location()
- assert.NoError(t, err, "there should be no error")
+ require.NoError(t, err)
assert.Equal(t, "http://example.com/redirect-test", location.String(), "they should be equal")
body, err := ioutil.ReadAll(res.Body)
- assert.NoError(t, err, "there should be no error")
+ require.NoError(t, err)
assert.NotEmpty(t, string(body), "there should be something in the body")
}
@@ -192,7 +191,7 @@ func TestForwardAuthFailResponseHeaders(t *testing.T) {
w.Header().Add("X-Foo", "bar")
http.Error(w, "Forbidden", http.StatusForbidden)
}))
- defer authTs.Close()
+ t.Cleanup(authTs.Close)
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintln(w, "traefik")
@@ -205,7 +204,7 @@ func TestForwardAuthFailResponseHeaders(t *testing.T) {
require.NoError(t, err)
ts := httptest.NewServer(authMiddleware)
- defer ts.Close()
+ t.Cleanup(ts.Close)
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil)
@@ -407,7 +406,7 @@ func TestForwardAuthUsesTracing(t *testing.T) {
t.Errorf("expected Mockpfx-Ids-Traceid header to be present in request")
}
}))
- defer server.Close()
+ t.Cleanup(server.Close)
next := http.Handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
@@ -426,7 +425,7 @@ func TestForwardAuthUsesTracing(t *testing.T) {
next = tracingMiddleware.NewEntryPoint(context.Background(), tr, "tracingTest", next)
ts := httptest.NewServer(next)
- defer ts.Close()
+ t.Cleanup(ts.Close)
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil)
res, err := http.DefaultClient.Do(req)
Reference in New Issue View Git Blame Copy Permalink