homelab/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Deny request with fragment in URL path

Browse source 
Co-authored-by: Kevin Pollet <pollet.kevin@gmail.com>
This commit is contained in:
Landry Benguigui 2023-11-16 16:54:07 +01:00 committed by GitHub
parent cd326654a7
commit 12e50e20e6
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 46 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

28
integration/simple_test.go
View file

@ -1480,3 +1480,31 @@ func (s *SimpleSuite) TestEncodeSemicolons(c *check.C) {
}
}
}
func (s *SimpleSuite) TestDenyFragment(c *check.C) {
s.createComposeProject(c, "base")
s.composeUp(c)
defer s.composeDown(c)
cmd, output := s.traefikCmd(withConfigFile("fixtures/simple_default.toml"))
defer output(c)
err := cmd.Start()
c.Assert(err, checker.IsNil)
defer s.killCmd(cmd)
// Expected a 404 as we did not configure anything
err = try.GetRequest("http://127.0.0.1:8000/", 1*time.Second, try.StatusCodeIs(http.StatusNotFound))
c.Assert(err, checker.IsNil)
conn, err := net.Dial("tcp", "127.0.0.1:8000")
c.Assert(err, checker.IsNil)
_, err = conn.Write([]byte("GET /#/?bar=toto;boo=titi HTTP/1.1\nHost: other.localhost\n\n"))
c.Assert(err, checker.IsNil)
resp, err := http.ReadResponse(bufio.NewReader(conn), nil)
c.Assert(err, checker.IsNil)
c.Assert(resp.StatusCode, checker.Equals, http.StatusBadRequest)
}