func mustNewRequest(method, url string, body io.Reader) *http.Request {
req, err := http.NewRequest(method, url, body)
if err != nil {
panic(fmt.Sprintf("NewRequest(%q, %q, %p) err = %v", method, url, body, err))
}
return req
}
func TestReverseProxyQuery(t *testing.T) {
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("X-Got-Query", r.URL.RawQuery)
w.Write([]byte("hi"))
}))
defer backend.Close()
for i, tt := range proxyQueryTests {
backendURL, err := url.Parse(backend.URL + tt.baseSuffix)
if err != nil {
t.Fatal(err)
}
frontend := httptest.NewServer(NewSingleHostReverseProxy(backendURL))
req, _ := http.NewRequest("GET", frontend.URL+tt.reqSuffix, nil)
req.Close = true
res, err := http.DefaultClient.Do(req)
if err != nil {
t.Fatalf("%d. Get: %v", i, err)
}
if g, e := res.Header.Get("X-Got-Query"), tt.want; g != e {
t.Errorf("%d. got query %q; expected %q", i, g, e)
}
res.Body.Close()
frontend.Close()
}
}
// TestCopyError tests that we kill the process if there's an error copying
// its output. (for example, from the client having gone away)
func TestCopyError(t *testing.T) {
check(t)
if runtime.GOOS == "windows" {
t.Skipf("skipping test on %q", runtime.GOOS)
}
h := &Handler{
Path: "testdata/test.cgi",
Root: "/test.cgi",
}
ts := httptest.NewServer(h)
defer ts.Close()
conn, err := net.Dial("tcp", ts.Listener.Addr().String())
if err != nil {
t.Fatal(err)
}
req, _ := http.NewRequest("GET", "http://example.com/test.cgi?bigresponse=1", nil)
err = req.Write(conn)
if err != nil {
t.Fatalf("Write: %v", err)
}
res, err := http.ReadResponse(bufio.NewReader(conn), req)
if err != nil {
t.Fatalf("ReadResponse: %v", err)
}
pidstr := res.Header.Get("X-CGI-Pid")
if pidstr == "" {
t.Fatalf("expected an X-CGI-Pid header in response")
}
pid, err := strconv.Atoi(pidstr)
if err != nil {
t.Fatalf("invalid X-CGI-Pid value")
}
var buf [5000]byte
n, err := io.ReadFull(res.Body, buf[:])
if err != nil {
t.Fatalf("ReadFull: %d bytes, %v", n, err)
}
childRunning := func() bool {
return isProcessRunning(t, pid)
}
if !childRunning() {
t.Fatalf("pre-conn.Close, expected child to be running")
}
conn.Close()
tries := 0
for tries < 25 && childRunning() {
time.Sleep(50 * time.Millisecond * time.Duration(tries))
tries++
}
if childRunning() {
t.Fatalf("post-conn.Close, expected child to be gone")
}
}
func readResponse(buf *bufio.Reader) string {
req, err := http.NewRequest("GET", srv.URL, nil)
panicOnErr(err, "NewRequest")
resp, err := http.ReadResponse(buf, req)
panicOnErr(err, "resp.Read")
defer resp.Body.Close()
txt, err := ioutil.ReadAll(resp.Body)
panicOnErr(err, "resp.Read")
return string(txt)
}
func TestNoProxyHeaders(t *testing.T) {
s := httptest.NewServer(VerifyNoProxyHeaders{t})
client, l := oneShotProxy(goproxy.NewProxyHttpServer(), t)
defer l.Close()
req, err := http.NewRequest("GET", s.URL, nil)
panicOnErr(err, "bad request")
req.Header.Add("Connection", "close")
req.Header.Add("Proxy-Connection", "close")
req.Header.Add("Proxy-Authenticate", "auth")
req.Header.Add("Proxy-Authorization", "auth")
client.Do(req)
}
func TestNoProxyHeadersHttps(t *testing.T) {
s := httptest.NewTLSServer(VerifyNoProxyHeaders{t})
proxy := goproxy.NewProxyHttpServer()
proxy.OnRequest().HandleConnect(goproxy.AlwaysMitm)
client, l := oneShotProxy(proxy, t)
defer l.Close()
req, err := http.NewRequest("GET", s.URL, nil)
panicOnErr(err, "bad request")
req.Header.Add("Connection", "close")
req.Header.Add("Proxy-Connection", "close")
client.Do(req)
}
func ExampleResponseRecorder() {
handler := func(w http.ResponseWriter, r *http.Request) {
http.Error(w, "something failed", http.StatusInternalServerError)
}
req, err := http.NewRequest("GET", "http://example.com/foo", nil)
if err != nil {
log.Fatal(err)
}
w := httptest.NewRecorder()
handler(w, req)
fmt.Printf("%d - %s", w.Code, w.Body.String())
// Output: 500 - something failed
}
func TestSimpleMitm(t *testing.T) {
proxy := goproxy.NewProxyHttpServer()
proxy.OnRequest(goproxy.ReqHostIs(https.Listener.Addr().String())).HandleConnect(goproxy.AlwaysMitm)
proxy.OnRequest(goproxy.ReqHostIs("no such host exists")).HandleConnect(goproxy.AlwaysMitm)
client, l := oneShotProxy(proxy, t)
defer l.Close()
c, err := tls.Dial("tcp", https.Listener.Addr().String(), &tls.Config{InsecureSkipVerify: true})
if err != nil {
t.Fatal("cannot dial to tcp server", err)
}
origCert := getCert(c, t)
c.Close()
c2, err := net.Dial("tcp", l.Listener.Addr().String())
if err != nil {
t.Fatal("dialing to proxy", err)
}
creq, err := http.NewRequest("CONNECT", https.URL, nil)
//creq,err := http.NewRequest("CONNECT","https://google.com:443",nil)
if err != nil {
t.Fatal("create new request", creq)
}
creq.Write(c2)
c2buf := bufio.NewReader(c2)
resp, err := http.ReadResponse(c2buf, creq)
if err != nil || resp.StatusCode != 200 {
t.Fatal("Cannot CONNECT through proxy", err)
}
c2tls := tls.Client(c2, &tls.Config{InsecureSkipVerify: true})
proxyCert := getCert(c2tls, t)
if bytes.Equal(proxyCert, origCert) {
t.Errorf("Certificate after mitm is not different\n%v\n%v",
base64.StdEncoding.EncodeToString(origCert),
base64.StdEncoding.EncodeToString(proxyCert))
}
if resp := string(getOrFail(https.URL+"/bobo", client, t)); resp != "bobo" {
t.Error("Wrong response when mitm", resp, "expected bobo")
}
if resp := string(getOrFail(https.URL+"/query?result=bar", client, t)); resp != "bar" {
t.Error("Wrong response when mitm", resp, "expected bar")
}
}
func TestBasicAuth(t *testing.T) {
expected := "hello"
background := httptest.NewServer(ConstantHanlder(expected))
defer background.Close()
proxy := goproxy.NewProxyHttpServer()
proxy.OnRequest().Do(auth.Basic("my_realm", func(user, passwd string) bool {
return user == "user" && passwd == "open sesame"
}))
client, proxyserver := oneShotProxy(proxy)
defer proxyserver.Close()
// without auth
resp, err := client.Get(background.URL)
if err != nil {
t.Fatal(err)
}
if resp.Header.Get("Proxy-Authenticate") != "Basic realm=my_realm" {
t.Error("Expected Proxy-Authenticate header got", resp.Header.Get("Proxy-Authenticate"))
}
if resp.StatusCode != 407 {
t.Error("Expected status 407 Proxy Authentication Required, got", resp.Status)
}
// with auth
req, err := http.NewRequest("GET", background.URL, nil)
if err != nil {
t.Fatal(err)
}
req.Header.Set("Proxy-Authorization",
"Basic "+base64.StdEncoding.EncodeToString([]byte("user:open sesame")))
resp, err = client.Do(req)
if err != nil {
t.Fatal(err)
}
if resp.StatusCode != 200 {
t.Error("Expected status 200 OK, got", resp.Status)
}
msg, err := ioutil.ReadAll(resp.Body)
if err != nil {
t.Fatal(err)
}
if string(msg) != "hello" {
t.Errorf("Expected '%s', actual '%s'", expected, string(msg))
}
}
// If there's an error copying the child's output to the parent, test
// that we kill the child.
func TestKillChildAfterCopyError(t *testing.T) {
if runtime.GOOS == "nacl" {
t.Skip("skipping on nacl")
}
defer func() { testHookStartProcess = nil }()
proc := make(chan *os.Process, 1)
testHookStartProcess = func(p *os.Process) {
proc <- p
}
h := &Handler{
Path: os.Args[0],
Root: "/test.go",
Args: []string{"-test.run=TestBeChildCGIProcess"},
}
req, _ := http.NewRequest("GET", "http://example.com/test.cgi?write-forever=1", nil)
rec := httptest.NewRecorder()
var out bytes.Buffer
const writeLen = 50 << 10
rw := &customWriterRecorder{&limitWriter{&out, writeLen}, rec}
donec := make(chan bool, 1)
go func() {
h.ServeHTTP(rw, req)
donec <- true
}()
select {
case <-donec:
if out.Len() != writeLen || out.Bytes()[0] != 'a' {
t.Errorf("unexpected output: %q", out.Bytes())
}
case <-time.After(5 * time.Second):
t.Errorf("timeout. ServeHTTP hung and didn't kill the child process?")
select {
case p := <-proc:
p.Kill()
t.Logf("killed process")
default:
t.Logf("didn't kill process")
}
}
}
func TestReverseProxyFlushInterval(t *testing.T) {
const expected = "hi"
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte(expected))
}))
defer backend.Close()
backendURL, err := url.Parse(backend.URL)
if err != nil {
t.Fatal(err)
}
proxyHandler := NewSingleHostReverseProxy(backendURL)
proxyHandler.FlushInterval = time.Microsecond
done := make(chan bool)
onExitFlushLoop = func() { done <- true }
defer func() { onExitFlushLoop = nil }()
frontend := httptest.NewServer(proxyHandler)
defer frontend.Close()
req, _ := http.NewRequest("GET", frontend.URL, nil)
req.Close = true
res, err := http.DefaultClient.Do(req)
if err != nil {
t.Fatalf("Get: %v", err)
}
defer res.Body.Close()
if bodyBytes, _ := ioutil.ReadAll(res.Body); string(bodyBytes) != expected {
t.Errorf("got body %q; expected %q", bodyBytes, expected)
}
select {
case <-done:
// OK
case <-time.After(5 * time.Second):
t.Error("maxLatencyWriter flushLoop() never exited")
}
}
func TestXForwardedFor(t *testing.T) {
const prevForwardedFor = "client ip"
const backendResponse = "I am the backend"
const backendStatus = 404
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.Header.Get("X-Forwarded-For") == "" {
t.Errorf("didn't get X-Forwarded-For header")
}
if !strings.Contains(r.Header.Get("X-Forwarded-For"), prevForwardedFor) {
t.Errorf("X-Forwarded-For didn't contain prior data")
}
w.WriteHeader(backendStatus)
w.Write([]byte(backendResponse))
}))
defer backend.Close()
backendURL, err := url.Parse(backend.URL)
if err != nil {
t.Fatal(err)
}
proxyHandler := NewSingleHostReverseProxy(backendURL)
frontend := httptest.NewServer(proxyHandler)
defer frontend.Close()
getReq, _ := http.NewRequest("GET", frontend.URL, nil)
getReq.Host = "some-name"
getReq.Header.Set("Connection", "close")
getReq.Header.Set("X-Forwarded-For", prevForwardedFor)
getReq.Close = true
res, err := http.DefaultClient.Do(getReq)
if err != nil {
t.Fatalf("Get: %v", err)
}
if g, e := res.StatusCode, backendStatus; g != e {
t.Errorf("got res.StatusCode %d; expected %d", g, e)
}
bodyBytes, _ := ioutil.ReadAll(res.Body)
if g, e := string(bodyBytes), backendResponse; g != e {
t.Errorf("got body %q; expected %q", g, e)
}
}
func TestIcyResponse(t *testing.T) {
// TODO: fix this test
return // skip for now
s := constantHttpServer([]byte("ICY 200 OK\r\n\r\nblablabla"))
proxy := goproxy.NewProxyHttpServer()
proxy.Verbose = true
_, l := oneShotProxy(proxy, t)
defer l.Close()
req, err := http.NewRequest("GET", "http://"+s, nil)
panicOnErr(err, "newReq")
proxyip := l.URL[len("http://"):]
println("got ip: " + proxyip)
c, err := net.Dial("tcp", proxyip)
panicOnErr(err, "dial")
defer c.Close()
req.WriteProxy(c)
raw, err := ioutil.ReadAll(c)
panicOnErr(err, "readAll")
if string(raw) != "ICY 200 OK\r\n\r\nblablabla" {
t.Error("Proxy did not send the malformed response received")
}
}
func writeConnect(w io.Writer) {
req, err := http.NewRequest("CONNECT", srv.URL[len("http://"):], nil)
panicOnErr(err, "NewRequest")
req.Write(w)
panicOnErr(err, "req(CONNECT).Write")
}
func TestReverseProxy(t *testing.T) {
const backendResponse = "I am the backend"
const backendStatus = 404
backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if len(r.TransferEncoding) > 0 {
t.Errorf("backend got unexpected TransferEncoding: %v", r.TransferEncoding)
}
if r.Header.Get("X-Forwarded-For") == "" {
t.Errorf("didn't get X-Forwarded-For header")
}
if c := r.Header.Get("Connection"); c != "" {
t.Errorf("handler got Connection header value %q", c)
}
if c := r.Header.Get("Upgrade"); c != "" {
t.Errorf("handler got Upgrade header value %q", c)
}
if g, e := r.Host, "some-name"; g != e {
t.Errorf("backend got Host header %q, want %q", g, e)
}
w.Header().Set("X-Foo", "bar")
w.Header().Set("Upgrade", "foo")
w.Header().Set(fakeHopHeader, "foo")
w.Header().Add("X-Multi-Value", "foo")
w.Header().Add("X-Multi-Value", "bar")
http.SetCookie(w, &http.Cookie{Name: "flavor", Value: "chocolateChip"})
w.WriteHeader(backendStatus)
w.Write([]byte(backendResponse))
}))
defer backend.Close()
backendURL, err := url.Parse(backend.URL)
if err != nil {
t.Fatal(err)
}
proxyHandler := NewSingleHostReverseProxy(backendURL)
frontend := httptest.NewServer(proxyHandler)
defer frontend.Close()
getReq, _ := http.NewRequest("GET", frontend.URL, nil)
getReq.Host = "some-name"
getReq.Header.Set("Connection", "close")
getReq.Header.Set("Upgrade", "foo")
getReq.Close = true
res, err := http.DefaultClient.Do(getReq)
if err != nil {
t.Fatalf("Get: %v", err)
}
if g, e := res.StatusCode, backendStatus; g != e {
t.Errorf("got res.StatusCode %d; expected %d", g, e)
}
if g, e := res.Header.Get("X-Foo"), "bar"; g != e {
t.Errorf("got X-Foo %q; expected %q", g, e)
}
if c := res.Header.Get(fakeHopHeader); c != "" {
t.Errorf("got %s header value %q", fakeHopHeader, c)
}
if g, e := len(res.Header["X-Multi-Value"]), 2; g != e {
t.Errorf("got %d X-Multi-Value header values; expected %d", g, e)
}
if g, e := len(res.Header["Set-Cookie"]), 1; g != e {
t.Fatalf("got %d SetCookies, want %d", g, e)
}
if cookie := res.Cookies()[0]; cookie.Name != "flavor" {
t.Errorf("unexpected cookie %q", cookie.Name)
}
bodyBytes, _ := ioutil.ReadAll(res.Body)
if g, e := string(bodyBytes), backendResponse; g != e {
t.Errorf("got body %q; expected %q", g, e)
}
}
func TestChunkedResponse(t *testing.T) {
l, err := net.Listen("tcp", ":10234")
panicOnErr(err, "listen")
defer l.Close()
go func() {
for i := 0; i < 2; i++ {
c, err := l.Accept()
panicOnErr(err, "accept")
_, err = http.ReadRequest(bufio.NewReader(c))
panicOnErr(err, "readrequest")
io.WriteString(c, "HTTP/1.1 200 OK\r\n"+
"Content-Type: text/plain\r\n"+
"Transfer-Encoding: chunked\r\n\r\n"+
"25\r\n"+
"This is the data in the first chunk\r\n\r\n"+
"1C\r\n"+
"and this is the second one\r\n\r\n"+
"3\r\n"+
"con\r\n"+
"8\r\n"+
"sequence\r\n0\r\n\r\n")
c.Close()
}
}()
c, err := net.Dial("tcp", "localhost:10234")
panicOnErr(err, "dial")
defer c.Close()
req, _ := http.NewRequest("GET", "/", nil)
req.Write(c)
resp, err := http.ReadResponse(bufio.NewReader(c), req)
panicOnErr(err, "readresp")
b, err := ioutil.ReadAll(resp.Body)
panicOnErr(err, "readall")
expected := "This is the data in the first chunk\r\nand this is the second one\r\nconsequence"
if string(b) != expected {
t.Errorf("Got `%v` expected `%v`", string(b), expected)
}
proxy := goproxy.NewProxyHttpServer()
proxy.OnResponse().DoFunc(func(resp *http.Response, ctx *goproxy.ProxyCtx) *http.Response {
panicOnErr(ctx.Error, "error reading output")
b, err := ioutil.ReadAll(resp.Body)
resp.Body.Close()
panicOnErr(err, "readall onresp")
if enc := resp.Header.Get("Transfer-Encoding"); enc != "" {
t.Fatal("Chunked response should be received as plaintext", enc)
}
resp.Body = ioutil.NopCloser(bytes.NewBufferString(strings.Replace(string(b), "e", "E", -1)))
return resp
})
client, s := oneShotProxy(proxy, t)
defer s.Close()
resp, err = client.Get("http://localhost:10234/")
panicOnErr(err, "client.Get")
b, err = ioutil.ReadAll(resp.Body)
panicOnErr(err, "readall proxy")
if string(b) != strings.Replace(expected, "e", "E", -1) {
t.Error("expected", expected, "w/ e->E. Got", string(b))
}
}
func TestRecorder(t *testing.T) {
type checkFunc func(*ResponseRecorder) error
check := func(fns ...checkFunc) []checkFunc { return fns }
hasStatus := func(wantCode int) checkFunc {
return func(rec *ResponseRecorder) error {
if rec.Code != wantCode {
return fmt.Errorf("Status = %d; want %d", rec.Code, wantCode)
}
return nil
}
}
hasContents := func(want string) checkFunc {
return func(rec *ResponseRecorder) error {
if rec.Body.String() != want {
return fmt.Errorf("wrote = %q; want %q", rec.Body.String(), want)
}
return nil
}
}
hasFlush := func(want bool) checkFunc {
return func(rec *ResponseRecorder) error {
if rec.Flushed != want {
return fmt.Errorf("Flushed = %v; want %v", rec.Flushed, want)
}
return nil
}
}
tests := []struct {
name string
h func(w http.ResponseWriter, r *http.Request)
checks []checkFunc
}{
{
"200 default",
func(w http.ResponseWriter, r *http.Request) {},
check(hasStatus(200), hasContents("")),
},
{
"first code only",
func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(201)
w.WriteHeader(202)
w.Write([]byte("hi"))
},
check(hasStatus(201), hasContents("hi")),
},
{
"write sends 200",
func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("hi first"))
w.WriteHeader(201)
w.WriteHeader(202)
},
check(hasStatus(200), hasContents("hi first"), hasFlush(false)),
},
{
"flush",
func(w http.ResponseWriter, r *http.Request) {
w.(http.Flusher).Flush() // also sends a 200
w.WriteHeader(201)
},
check(hasStatus(200), hasFlush(true)),
},
}
r, _ := http.NewRequest("GET", "http://foo.com/", nil)
for _, tt := range tests {
h := http.HandlerFunc(tt.h)
rec := NewRecorder()
h.ServeHTTP(rec, r)
for _, check := range tt.checks {
if err := check(rec); err != nil {
t.Errorf("%s: %v", tt.name, err)
}
}
}
}