2019-04-02 11:40:04 +03:00
package integration
import (
"net/http"
2019-07-15 11:22:03 +03:00
"os"
2019-04-02 11:40:04 +03:00
"time"
"github.com/go-check/check"
2020-09-16 16:46:04 +03:00
"github.com/traefik/traefik/v2/integration/try"
2019-04-02 11:40:04 +03:00
checker "github.com/vdemeester/shakers"
)
2020-05-11 13:06:07 +03:00
// Headers tests suite.
2019-04-02 11:40:04 +03:00
type HeadersSuite struct { BaseSuite }
func ( s * HeadersSuite ) TestSimpleConfiguration ( c * check . C ) {
cmd , display := s . traefikCmd ( withConfigFile ( "fixtures/headers/basic.toml" ) )
defer display ( c )
err := cmd . Start ( )
c . Assert ( err , checker . IsNil )
2020-10-09 10:32:03 +03:00
defer s . killCmd ( cmd )
2019-04-02 11:40:04 +03:00
// Expected a 404 as we did not configure anything
err = try . GetRequest ( "http://127.0.0.1:8000/" , 1000 * time . Millisecond , try . StatusCodeIs ( http . StatusNotFound ) )
c . Assert ( err , checker . IsNil )
}
func ( s * HeadersSuite ) TestCorsResponses ( c * check . C ) {
2019-07-15 11:22:03 +03:00
file := s . adaptFile ( c , "fixtures/headers/cors.toml" , struct { } { } )
defer os . Remove ( file )
cmd , display := s . traefikCmd ( withConfigFile ( file ) )
2019-04-02 11:40:04 +03:00
defer display ( c )
err := cmd . Start ( )
c . Assert ( err , checker . IsNil )
2020-10-09 10:32:03 +03:00
defer s . killCmd ( cmd )
2019-04-02 11:40:04 +03:00
2020-07-17 16:38:04 +03:00
backend := startTestServer ( "9000" , http . StatusOK , "" )
2019-07-12 12:46:04 +03:00
defer backend . Close ( )
err = try . GetRequest ( backend . URL , 500 * time . Millisecond , try . StatusCodeIs ( http . StatusOK ) )
c . Assert ( err , checker . IsNil )
2019-04-02 11:40:04 +03:00
testCase := [ ] struct {
desc string
requestHeaders http . Header
expected http . Header
2019-07-12 12:46:04 +03:00
reqHost string
method string
2019-04-02 11:40:04 +03:00
} {
{
desc : "simple access control allow origin" ,
requestHeaders : http . Header {
"Origin" : { "https://foo.bar.org" } ,
} ,
expected : http . Header {
"Access-Control-Allow-Origin" : { "https://foo.bar.org" } ,
"Vary" : { "Origin" } ,
} ,
2019-07-12 12:46:04 +03:00
reqHost : "test.localhost" ,
method : http . MethodGet ,
2019-04-02 11:40:04 +03:00
} ,
{
desc : "simple preflight request" ,
requestHeaders : http . Header {
"Access-Control-Request-Headers" : { "origin" } ,
"Access-Control-Request-Method" : { "GET" , "OPTIONS" } ,
"Origin" : { "https://foo.bar.org" } ,
} ,
expected : http . Header {
"Access-Control-Allow-Origin" : { "https://foo.bar.org" } ,
"Access-Control-Max-Age" : { "100" } ,
"Access-Control-Allow-Methods" : { "GET,OPTIONS,PUT" } ,
} ,
2019-07-12 12:46:04 +03:00
reqHost : "test.localhost" ,
method : http . MethodOptions ,
} ,
{
desc : "preflight Options request with no cors configured" ,
requestHeaders : http . Header {
"Access-Control-Request-Headers" : { "origin" } ,
"Access-Control-Request-Method" : { "GET" , "OPTIONS" } ,
"Origin" : { "https://foo.bar.org" } ,
} ,
expected : http . Header {
"X-Custom-Response-Header" : { "True" } ,
} ,
reqHost : "test2.localhost" ,
method : http . MethodOptions ,
} ,
{
desc : "preflight Get request with no cors configured" ,
requestHeaders : http . Header {
"Access-Control-Request-Headers" : { "origin" } ,
"Access-Control-Request-Method" : { "GET" , "OPTIONS" } ,
"Origin" : { "https://foo.bar.org" } ,
} ,
expected : http . Header {
"X-Custom-Response-Header" : { "True" } ,
} ,
reqHost : "test2.localhost" ,
method : http . MethodGet ,
2019-04-02 11:40:04 +03:00
} ,
}
for _ , test := range testCase {
2019-07-12 12:46:04 +03:00
req , err := http . NewRequest ( test . method , "http://127.0.0.1:8000/" , nil )
2019-04-02 11:40:04 +03:00
c . Assert ( err , checker . IsNil )
2019-07-12 12:46:04 +03:00
req . Host = test . reqHost
2019-04-02 11:40:04 +03:00
req . Header = test . requestHeaders
2019-07-12 12:46:04 +03:00
err = try . Request ( req , 500 * time . Millisecond , try . HasHeaderStruct ( test . expected ) )
2019-04-02 11:40:04 +03:00
c . Assert ( err , checker . IsNil )
}
}
2019-07-29 17:12:05 +03:00
func ( s * HeadersSuite ) TestSecureHeadersResponses ( c * check . C ) {
file := s . adaptFile ( c , "fixtures/headers/secure.toml" , struct { } { } )
defer os . Remove ( file )
cmd , display := s . traefikCmd ( withConfigFile ( file ) )
defer display ( c )
err := cmd . Start ( )
c . Assert ( err , checker . IsNil )
2020-10-09 10:32:03 +03:00
defer s . killCmd ( cmd )
2019-07-29 17:12:05 +03:00
2020-07-17 16:38:04 +03:00
backend := startTestServer ( "9000" , http . StatusOK , "" )
2019-07-29 17:12:05 +03:00
defer backend . Close ( )
err = try . GetRequest ( backend . URL , 500 * time . Millisecond , try . StatusCodeIs ( http . StatusOK ) )
c . Assert ( err , checker . IsNil )
testCase := [ ] struct {
2020-06-15 13:20:05 +03:00
desc string
expected http . Header
reqHost string
internalReqHost string
2019-07-29 17:12:05 +03:00
} {
{
2021-06-21 16:16:13 +03:00
desc : "Permissions-Policy Set" ,
2019-07-29 17:12:05 +03:00
expected : http . Header {
2021-06-21 16:16:13 +03:00
"Permissions-Policy" : { "microphone=()," } ,
2019-07-29 17:12:05 +03:00
} ,
2020-06-15 13:20:05 +03:00
reqHost : "test.localhost" ,
internalReqHost : "internal.localhost" ,
2019-07-29 17:12:05 +03:00
} ,
}
for _ , test := range testCase {
req , err := http . NewRequest ( http . MethodGet , "http://127.0.0.1:8000/" , nil )
c . Assert ( err , checker . IsNil )
req . Host = test . reqHost
2020-06-15 13:20:05 +03:00
err = try . Request ( req , 500 * time . Millisecond , try . StatusCodeIs ( http . StatusOK ) , try . HasHeaderStruct ( test . expected ) )
c . Assert ( err , checker . IsNil )
req , err = http . NewRequest ( http . MethodGet , "http://127.0.0.1:8000/api/rawdata" , nil )
c . Assert ( err , checker . IsNil )
req . Host = test . internalReqHost
err = try . Request ( req , 500 * time . Millisecond , try . StatusCodeIs ( http . StatusOK ) , try . HasHeaderStruct ( test . expected ) )
2019-07-29 17:12:05 +03:00
c . Assert ( err , checker . IsNil )
}
}
2020-07-01 11:42:04 +03:00
func ( s * HeadersSuite ) TestMultipleSecureHeadersResponses ( c * check . C ) {
file := s . adaptFile ( c , "fixtures/headers/secure_multiple.toml" , struct { } { } )
defer os . Remove ( file )
cmd , display := s . traefikCmd ( withConfigFile ( file ) )
defer display ( c )
err := cmd . Start ( )
c . Assert ( err , checker . IsNil )
2020-10-09 10:32:03 +03:00
defer s . killCmd ( cmd )
2020-07-01 11:42:04 +03:00
2020-07-22 15:39:45 +03:00
backend := startTestServer ( "9000" , http . StatusOK , "" )
2020-07-01 11:42:04 +03:00
defer backend . Close ( )
err = try . GetRequest ( backend . URL , 500 * time . Millisecond , try . StatusCodeIs ( http . StatusOK ) )
c . Assert ( err , checker . IsNil )
testCase := [ ] struct {
desc string
expected http . Header
reqHost string
} {
{
2021-06-21 16:16:13 +03:00
desc : "Multiple Secure Headers Set" ,
2020-07-01 11:42:04 +03:00
expected : http . Header {
"X-Frame-Options" : { "DENY" } ,
"X-Content-Type-Options" : { "nosniff" } ,
} ,
reqHost : "test.localhost" ,
} ,
}
for _ , test := range testCase {
req , err := http . NewRequest ( http . MethodGet , "http://127.0.0.1:8000/" , nil )
c . Assert ( err , checker . IsNil )
req . Host = test . reqHost
err = try . Request ( req , 500 * time . Millisecond , try . HasHeaderStruct ( test . expected ) )
c . Assert ( err , checker . IsNil )
}
}