/*
* $HeadURL: https://svn.apache.org/repos/asf/jakarta/commons/proper/httpclient/branches/HTTPCLIENT_3_0_BRANCH/src/test/org/apache/commons/httpclient/TestBadContentLength.java $
* $Revision: 1.1 $
* $Date: 2009/02/13 18:07:50 $
* ====================================================================
*
* Copyright 1999-2004 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* ====================================================================
*
* This software consists of voluntary contributions made by many
* individuals on behalf of the Apache Software Foundation. For more
* information on the Apache Software Foundation, please see
* <http://www.apache.org/>.
*
*/
package org.apache.commons.httpclient;
import java.io.IOException;
import java.io.InputStream;
import junit.framework.Test;
import junit.framework.TestCase;
import junit.framework.TestSuite;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.server.HttpRequestHandler;
import org.apache.commons.httpclient.server.RequestLine;
import org.apache.commons.httpclient.server.ResponseWriter;
import org.apache.commons.httpclient.server.SimpleHttpServer;
import org.apache.commons.httpclient.server.SimpleHttpServerConnection;
import org.apache.commons.httpclient.server.SimpleRequest;
/**
* Tests HttpClient's behaviour when receiving more response data than expected.
* <p>
* A very simple HTTP Server will be setup on a free port during testing, which
* returns an incorrect response Content-Length, sending surplus response data,
* which may contain malicious/fake response headers.
* </p>
*
* @author Christian Kohlschuetter
* @version $Id: TestBadContentLength.java,v 1.1 2009/02/13 18:07:50 slewis Exp $
*/
public class TestBadContentLength extends TestCase {
private HttpClient client = null;
private SimpleHttpServer server = null;
// ------------------------------------------------------------ Constructor
public TestBadContentLength(String testName) {
super(testName);
}
// ------------------------------------------------------------------- Main
public static void main(String args[]) {
String[] testCaseName = { TestBadContentLength.class.getName()};
junit.textui.TestRunner.main(testCaseName);
}
// ------------------------------------------------------- TestCase Methods
public static Test suite() {
return new TestSuite(TestBadContentLength.class);
}
// ----------------------------------------------------------- Test Methods
public void setUp() throws IOException {
client = new HttpClient();
server = new SimpleHttpServer(); // use arbitrary port
server.setTestname(getName());
server.setRequestHandler(new MyHttpRequestHandler());
}
public void tearDown() throws IOException {
client = null;
server.destroy();
}
/**
* HttpClient connects to the test server and performs two subsequent
* requests to the same URI in <u>lenient</u> mode.
*
* Expected behavior:
* For both requests, status code 200 and a response body of "12345"
* should be returned.
*
* @throws IOException
*/
public void test1Lenient() throws IOException {
client.getParams().makeLenient();
GetMethod m =
new GetMethod("http://localhost:" + server.getLocalPort() + "/");
client.executeMethod(m);
assertEquals(200, m.getStatusCode());
assertEquals("12345", m.getResponseBodyAsString());
m = new GetMethod("http://localhost:" + server.getLocalPort() + "/");
client.executeMethod(m);
assertEquals(200, m.getStatusCode());
assertEquals("12345", m.getResponseBodyAsString());
m.releaseConnection();
}
/**
* HttpClient connects to the test server and performs two subsequent
* requests to the same URI in <u>strict</u> mode.
* <p>
* The first response body will be read with getResponseBodyAsString(),
* which returns null if an error occured.
* </p>
* <p>
* The second response body will be read using an InputStream, which
* throws an IOException if something went wrong.
* </p>
* Expected behavior:
* For both requests, status code 200 should be returned.<br />
* For request 1, a <code>null</code> response body should be returned.<br />
* For request 2, a {@link ProtocolException} is expected.
*
* @throws IOException
*/
public void test1Strict() throws IOException {
client.getParams().makeStrict();
GetMethod m =
new GetMethod("http://localhost:" + server.getLocalPort() + "/");
client.executeMethod(m);
assertEquals(200, m.getStatusCode());
assertEquals("12345", m.getResponseBodyAsString());
m = new GetMethod("http://localhost:" + server.getLocalPort() + "/");
client.executeMethod(m);
assertEquals(200, m.getStatusCode());
InputStream in = m.getResponseBodyAsStream();
while (in.read() != -1) {
}
m.releaseConnection();
}
public void enableThisTestForDebuggingOnly()
throws InterruptedException {
while (server.isRunning()) {
Thread.sleep(100);
}
}
private class MyHttpRequestHandler implements HttpRequestHandler {
private int requestNo = 0;
public boolean processRequest(
final SimpleHttpServerConnection conn,
final SimpleRequest request) throws IOException
{
RequestLine requestLine = request.getRequestLine();
ResponseWriter out = conn.getWriter();
if ("GET".equals(requestLine.getMethod())
&& "/".equals(requestLine.getUri())) {
requestNo++;
out.println("HTTP/1.1 200 OK");
out.println("Content-Type: text/html");
out.println("Content-Length: 5");
out.println("Connection: keep-alive");
out.println();
out.println("12345"); // send exactly 5 bytes
// and some more garbage!
out.println("AND SOME MORE\r\nGARBAGE!");
out.println("HTTP/1.0 404 Not Found");
out.println("Content-Type: text/plain");
out.println("");
out.println("THIS-IS-A-FAKE-RESPONSE!");
out.flush();
// process max. 2 subsequents requests per connection
if (requestNo < 2) {
conn.setKeepAlive(true);
}
}
return true;
}
}
}