mirror of
https://github.com/servo/servo.git
synced 2025-08-06 06:00:15 +01:00
Limit referer header value length to 4096
This commit is contained in:
parent
4cdfe23cc8
commit
c54df2b965
170 changed files with 49 additions and 674 deletions
|
@ -27,11 +27,12 @@ use hyper::{Request as HyperRequest, Response as HyperResponse};
|
|||
use msg::constellation_msg::TEST_PIPELINE_ID;
|
||||
use net::cookie::Cookie;
|
||||
use net::cookie_storage::CookieStorage;
|
||||
use net::http_loader::determine_request_referrer;
|
||||
use net::resource_thread::AuthCacheEntry;
|
||||
use net::test::replace_host_table;
|
||||
use net_traits::request::{CredentialsMode, Destination, RequestBuilder, RequestMode};
|
||||
use net_traits::response::ResponseBody;
|
||||
use net_traits::{CookieSource, NetworkError};
|
||||
use net_traits::{CookieSource, NetworkError, ReferrerPolicy};
|
||||
use servo_url::{ImmutableOrigin, ServoUrl};
|
||||
use std::collections::HashMap;
|
||||
use std::io::Write;
|
||||
|
@ -1421,3 +1422,47 @@ fn test_origin_set() {
|
|||
|
||||
let _ = server.close();
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_determine_request_referrer_shorter_than_4k() {
|
||||
let mut headers = HeaderMap::new();
|
||||
|
||||
let referrer_source =
|
||||
ServoUrl::parse("http://username:password@example.com/such/short/referer?query#fragment")
|
||||
.unwrap();
|
||||
|
||||
let current_url = ServoUrl::parse("http://example.com/current/url").unwrap();
|
||||
|
||||
let referer = determine_request_referrer(
|
||||
&mut headers,
|
||||
ReferrerPolicy::UnsafeUrl,
|
||||
referrer_source,
|
||||
current_url,
|
||||
);
|
||||
|
||||
assert_eq!(
|
||||
referer.unwrap().as_str(),
|
||||
"http://example.com/such/short/referer?query"
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_determine_request_referrer_longer_than_4k() {
|
||||
let long_url_str = format!(
|
||||
"http://username:password@example.com/such/{}/referer?query#fragment",
|
||||
"long".repeat(1024)
|
||||
);
|
||||
|
||||
let mut headers = HeaderMap::new();
|
||||
let referrer_source = ServoUrl::parse(&long_url_str).unwrap();
|
||||
let current_url = ServoUrl::parse("http://example.com/current/url").unwrap();
|
||||
|
||||
let referer = determine_request_referrer(
|
||||
&mut headers,
|
||||
ReferrerPolicy::UnsafeUrl,
|
||||
referrer_source,
|
||||
current_url,
|
||||
);
|
||||
|
||||
assert_eq!(referer.unwrap().as_str(), "http://example.com/");
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue