That's fine. The patch was good. Now waiting on Kushagra's tests and his copyright assignment to go through
On 1 February 2016 at 21:13, Tim Rühsen <[email protected]> wrote: > Ups, just pushed your patch accidentially (thanks anyway). > I wanted to wait for Darshit to confirm it... > > Regards, Tim > > Am Sonntag, 31. Januar 2016, 17:40:12 schrieb Ander Juaristi: >> The test looks good to me, but I think I've spotted a bug _in the test >> engine_ where the 'RejectHeader' rule doesn't get enforced. >> >> You can strip the 'secure' parameter from this testcase and still it will >> pass. I've written a patch to fix this. >> >> I.e. this: >> >> ---request begin--- >> GET /File2 HTTP/1.1 >> User-Agent: Wget/1.16.3.168-be847 (linux-gnu) >> Accept: */* >> Accept-Encoding: identity >> Host: 127.0.0.1:44832 >> Connection: Keep-Alive >> Cookie: sess-id=0213 >> >> ---request end--- >> HTTP request sent, awaiting response... 127.0.0.1 - - [31/Jan/2016 17:33:20] >> "GET /File2 HTTP/1.1" 200 - >> >> ---response begin--- >> HTTP/1.1 200 OK >> Server: BaseHTTP/0.6 Python/3.4.3+ >> Date: Sun, 31 Jan 2016 16:33:20 GMT >> content-length: 29 >> content-type: text/plain >> >> versus this: >> >> ---request begin--- >> GET /File2 HTTP/1.1 >> User-Agent: Wget/1.16.3.168-be847 (linux-gnu) >> Accept: */* >> Accept-Encoding: identity >> Host: 127.0.0.1:37251 >> Connection: Keep-Alive >> Cookie: sess-id=0213 >> >> ---request end--- >> HTTP request sent, awaiting response... 127.0.0.1 - - [31/Jan/2016 17:34:18] >> code 400, message Blacklisted Header Cookie received 127.0.0.1 - - >> [31/Jan/2016 17:34:18] "GET /File2 HTTP/1.1" 400 - >> >> ---response begin--- >> HTTP/1.1 400 Blacklisted Header Cookie received >> Server: BaseHTTP/0.6 Python/3.4.3+ >> Date: Sun, 31 Jan 2016 16:34:18 GMT >> Content-Type: text/html;charset=utf-8 >> Connection: close >> Content-Length: 483 >> >> ---response end--- >> 400 Blacklisted Header Cookie received >> Header Cookie received >> URI content encoding = ‘utf-8’ >> Disabling further reuse of socket 3. >> Closed fd 3 >> 2016-01-31 17:34:18 ERROR 400: Blacklisted Header Cookie received. >> >> On 01/30/2016 09:31 PM, Kushagra Singh wrote: >> > Hi, >> > >> > I'm a bit stuck while writing tests. How do I test the fact that a secure >> > only cookie does not get saved over an insecure connection? Even if the >> > cookie gets saved, it will not be transmitted over an insecure connection >> > (cookie_matches_url() ensures that). So even though I can see in the log >> > that the cookie is not saved, I can't figure out how exactly to test that >> > in the test suite, since I cannot check using RejectHeader. Please find >> > attached the test I have written. >> > >> > And one thing I noticed, Test-Proto.py tries to import HTTP and HTTPS >> > classes from " misc.constants", which is wrong. It should be imported from >> > test.base_test right? >> > >> > Regards, >> > Kushagra >> >> Regards, >> - AJ > > -- Thanking You, Darshit Shah
