Merge pull request #2 from kamermans/b1f6c1c4-patch-1

Add tests to HSTS bugfix
2024-11-22 03:46:29 +00:00 · 2018-03-27 11:15:12 +08:00 · 2018-03-27 11:15:12 +08:00 · d8777c8689
commit d8777c8689
parent 7a769a6a22 3590c1bae0
2 changed files with 29 additions and 15 deletions
--- a/test/requirements/web/webserver.py
+++ b/test/requirements/web/webserver.py
@ -1,28 +1,35 @@
 #!/usr/bin/env python3

-import os, sys
+import os, sys, re
 import http.server
 import socketserver

-
 class Handler(http.server.SimpleHTTPRequestHandler):
    def do_GET(self):
-        
-        self.send_response(200)
+
+        response_body = ""
+        response_code = 200
+
+        if self.path == "/headers":
+            response_body += self.headers.as_string()
+        elif self.path == "/port":
+            response_body += "answer from port %s\n" % PORT
+        elif re.match("/status/(\d+)", self.path):
+            result = re.match("/status/(\d+)", self.path)
+            response_code = int(result.group(1))
+            response_body += "answer with response code %s\n" % response_code
+        elif self.path == "/":
+            response_body += "I'm %s\n" % os.environ['HOSTNAME']
+        else:
+            response_body += "No route for this path!\n"
+            response_code = 404
+
+        self.send_response(response_code)
        self.send_header("Content-Type", "text/plain")
        self.end_headers()

-        if self.path == "/headers":
-            self.wfile.write(self.headers.as_string().encode())
-        elif self.path == "/port":
-            response = "answer from port %s\n" % PORT
-            self.wfile.write(response.encode())
-        elif self.path == "/":
-            response = "I'm %s\n" % os.environ['HOSTNAME']
-            self.wfile.write(response.encode())
-        else:
-            self.wfile.write("No route for this path!\n".encode())
-
+        if (len(response_body)):
+            self.wfile.write(response_body.encode())

 if __name__ == '__main__':
    PORT = int(sys.argv[1])
--- a/test/test_ssl/test_hsts.py
+++ b/test/test_ssl/test_hsts.py
@ -7,6 +7,13 @@ def test_web1_HSTS_default(docker_compose, nginxproxy):
    assert "Strict-Transport-Security" in r.headers
    assert "max-age=31536000" == r.headers["Strict-Transport-Security"]

+# Regression test to ensure HSTS is enabled even when the upstream sends an error in response
+# Issue #1073 https://github.com/jwilder/nginx-proxy/pull/1073
+def test_web1_HSTS_error(docker_compose, nginxproxy):
+    r = nginxproxy.get("https://web1.nginx-proxy.tld/status/500", allow_redirects=False)
+    assert "Strict-Transport-Security" in r.headers
+    assert "max-age=31536000" == r.headers["Strict-Transport-Security"]
+
 def test_web2_HSTS_off(docker_compose, nginxproxy):
    r = nginxproxy.get("https://web2.nginx-proxy.tld/port", allow_redirects=False)
    assert "answer from port 81\n" in r.text