Exemple #1
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * <p>In the interest of robustness, a server that is expecting to receive and parse a
  * request-line SHOULD ignore at least one empty line (CRLF) received prior to the request-line.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "robust.server.should.allow.extra.CRLF.after.request.line/request",
   "robust.server.should.allow.extra.CRLF.after.request.line/response"
 })
 public void robustServerShouldAllowExtraCRLFAfterRequestLine() throws Exception {
   k3po.finish();
 }
 @Test
 @Specification({
   "challenge.with.proxy.authenticate.header/request",
   "challenge.with.proxy.authenticate.header/response"
 })
 public void proxyMustNotModifyWWWAuthenticateHeader() throws Exception {
   k3po.finish();
 }
Exemple #3
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "server.should.send.status.line.in.start.line/request",
   "server.should.send.status.line.in.start.line/response"
 })
 public void serverShouldSendStatusLineInStartLine() throws Exception {
   k3po.finish();
 }
Exemple #4
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "non.http.request.to.http.server.should.be.responded.to.with.400/request",
   "non.http.request.to.http.server.should.be.responded.to.with.400/response"
 })
 public void nonHttpRequestToHttpServerShouldBeRespondedToWith400() throws Exception {
   k3po.finish();
 }
Exemple #5
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3.1">RFC 7230 section 3.1.1: Start
  * Line</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "request.must.start.with.request.line/request",
   "request.must.start.with.request.line/response"
 })
 public void requestMustStartWithRequestLine() throws Exception {
   k3po.finish();
 }
Exemple #6
0
 @Test
 @Specification({
   "client.send.close.frame.with.rsv.2/handshake.request.and.frame",
   "client.send.close.frame.with.rsv.2/handshake.response.and.frame"
 })
 public void shouldFailWebSocketConnectionWhenClientSendCloseFrameWithRsv2() throws Exception {
   k3po.finish();
 }
Exemple #7
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * <blockquote>
  *
  * All HTTP/1.1 messages consist of a start-line followed by a sequence of octets in a format
  * similar to the Internet Message Format [RFC5322]: zero or more header fields (collectively
  * referred to as the "headers" or the "header section"), an empty line indicating the end of the
  * header section, and an optional message body.
  *
  * </blockquote>
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "outbound.should.accept.no.headers/request",
   "outbound.should.accept.no.headers/response"
 })
 public void outboundShouldAcceptNoHeaders() throws Exception {
   k3po.finish();
 }
Exemple #8
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * <p>Responses to the HEAD request method (Section 4.3.2 of [RFC7231]) never include a message
  * body because the associated response header fields (e.g., Transfer-Encoding, Content-Length,
  * etc.), if present, indicate only what their values would have been if the request method had
  * been GET (Section 4.3.1 of [RFC7231]). 2xx (Successful) responses to a CONNECT request method
  * (Section 4.3.6 of [RFC7231]) switch to tunnel mode instead of having a message body. All 1xx
  * (Informational), 204 (No Content), and 304 (Not Modified) responses do not include a message
  * body.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "head.response.must.not.have.content/request",
   "head.response.must.not.have.content/response"
 })
 public void headResponseMustNotHaveContent() throws Exception {
   k3po.finish();
 }
Exemple #9
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "client.should.send.content.length.header.in.post.even.if.no.content/request",
   "client.should.send.content.length.header.in.post.even.if.no.content/response"
 })
 public void clientShouldSendContentLengthHeaderInPostEvenIfNoContent() throws Exception {
   k3po.finish();
 }
Exemple #10
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * <p>Responses to the HEAD request method (Section 4.3.2 of [RFC7231]) never include a message
  * body because the associated response header fields (e.g., Transfer-Encoding, Content-Length,
  * etc.), if present, indicate only what their values would have been if the request method had
  * been GET (Section 4.3.1 of [RFC7231]). 2xx (Successful) responses to a CONNECT request method
  * (Section 4.3.6 of [RFC7231]) switch to tunnel mode instead of having a message body. All 1xx
  * (Informational), 204 (No Content), and 304 (Not Modified) responses do not include a message
  * body.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "head.response.must.not.have.content.though.may.have.content.length/request",
   "head.response.must.not.have.content.though.may.have.content.length/response"
 })
 public void headResponseMustNotHaveContentThoughMayHaveContentLength() throws Exception {
   k3po.finish();
 }
Exemple #11
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "inbound.should.process.request.with.content.length/request",
   "inbound.should.process.request.with.content.length/response"
 })
 public void inboundShouldProcessRequestWithContentLength() throws Exception {
   k3po.finish();
 }
 @Test
 @Specification({
   "multiple.requests.with.invalid.credentials/response",
   "multiple.requests.with.invalid.credentials/request"
 })
 public void shouldRespondWithMultiple401sWithMultipleInvalidRequests() throws Exception {
   k3po.finish();
 }
 @Test
 @Specification({
   "client.should.reply.to.standard.ping.with.standard.pong/request",
   "client.should.reply.to.standard.ping.with.standard.pong/response"
 })
 public void clientShouldReplyToStandardPingWithStandardPong() throws Exception {
   k3po.finish();
 }
Exemple #14
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * <p>No whitespace is allowed between the header field-name and colon. In the past, differences
  * in the handling of such whitespace have led to security vulnerabilities in request routing and
  * response handling. A server MUST reject any received request message that contains whitespace
  * between a header field-name and colon with a response code of 400 (Bad Request). A proxy MUST
  * remove any such whitespace from a response message before forwarding the message downstream.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "server.must.reject.header.with.space.between.header.name.and.colon/request",
   "server.must.reject.header.with.space.between.header.name.and.colon/response"
 })
 public void serverMustRejectHeaderWithSpaceBetweenHeaderNameAndColon() throws Exception {
   k3po.finish();
 }
 @Test
 @Specification({
   "should.escape.data.frame.starting.with.control.bytes/request",
   "should.escape.data.frame.starting.with.control.bytes/response"
 })
 public void shouldEscapeDataFrameStartingWithControlBytes() throws Exception {
   k3po.finish();
 }
 @Test
 @Specification({
   "client.should.receive.extended.pong.frame/request",
   "client.should.receive.extended.pong.frame/response"
 })
 public void clientShouldReceiveExtendedPongFrame() throws Exception {
   k3po.finish();
 }
 @Test
 @Specification({
   "server.should.reply.to.extended.ping.with.extended.pong/request",
   "server.should.reply.to.extended.ping.with.extended.pong/response"
 })
 public void serverShouldReplyToExtendedPingWithExtendedPong() throws Exception {
   k3po.finish();
 }
 @Test
 @Specification({
   "server.should.timeout.if.client.does.not.respond.to.extended.ping/request",
   "server.should.timeout.if.client.does.not.respond.to.extended.ping/response"
 })
 public void serverShouldTimeoutIfClientDoesNotRespondToExtendedPing() throws Exception {
   k3po.finish();
 }
 @Test
 @Specification({
   "client.should.disconnect.if.wrong.control.bytes.length/request",
   "client.should.disconnect.if.wrong.control.bytes.length/response"
 })
 public void clientShouldDisconnectIfWrongControlBytesLength() throws Exception {
   k3po.finish();
 }
 @Test
 @Specification({
   "client.should.disconnect.if.no.control.bytes.sent/request",
   "client.should.disconnect.if.no.control.bytes.sent/response"
 })
 public void clientShouldDisconnectIfNoControlBytesSent() throws Exception {
   k3po.finish();
 }
Exemple #21
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "server.should.send.501.to.unknown.transfer.encoding/request",
   "server.should.send.501.to.unknown.transfer.encoding/response"
 })
 public void serverShouldSend501ToUnknownTransferEncoding() throws Exception {
   k3po.finish();
 }
Exemple #22
0
 @Test
 @Specification({
   "server.send.pong.frame.with.rsv.7/handshake.request.and.frame",
   "server.send.pong.frame.with.rsv.7/handshake.response.and.frame"
 })
 public void shouldFailWebSocketConnectionWhenServerSendPongFrameWithRsv7() throws Exception {
   k3po.finish();
 }
 @Test
 @Specification({
   "challenge.with.proxy.authorization.header/request",
   "challenge.with.proxy.authorization.header/response"
 })
 public void proxyMustNotAlterAuthenticationHeader() throws Exception {
   k3po.finish();
 }
Exemple #24
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "inbound.should.reject.invalid.request.line/request",
   "inbound.should.reject.invalid.request.line/response"
 })
 public void inboundShouldRejectInvalidRequestLine() throws Exception {
   // responds with 400 Bad Request
   k3po.finish();
 }
Exemple #25
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3.3.3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * <p>If a message is received without Transfer-Encoding and with either multiple Content-Length
  * header fields having differing field-values or a single Content-Length header field having an
  * invalid value, then the message framing is invalid and the recipient MUST treat it as an
  * unrecoverable error. If this is a request message, the server MUST respond with a 400 (Bad
  * Request) status code and then close the connection. If this is a response message received by a
  * proxy, the proxy MUST close the connection to the server, discard the received response, and
  * send a 502 (Bad Gateway) response to the client. If this is a response message received by a
  * user agent, the user agent MUST close the connection to the server and discard the received
  * response.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "server.must.reject.request.with.multiple.different.content.length/request",
   "server.must.reject.request.with.multiple.different.content.length/response"
 })
 public void serverMustRejectRequestWithMultipleDifferentContentLength() throws Exception {
   // 400 Bad request
   k3po.finish();
 }
Exemple #26
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "server.should.send.414.to.request.with.too.long.a.request/request",
   "server.should.send.414.to.request.with.too.long.a.request/response"
 })
 public void serverShouldSend414ToRequestWithTooLongARequest() throws Exception {
   // 414 (URI Too Long) (rule of thumb is no more then 8000 octets)
   k3po.finish();
 }
Exemple #27
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "inbound.on.receiving.field.with.length.larger.than.wanting.to.process.must.reply.with.4xx/request",
   "inbound.on.receiving.field.with.length.larger.than.wanting.to.process.must.reply.with.4xx/response"
 })
 public void inboundOnReceivingFieldWithLengthLargerThanWantingToProcessMustReplyWith4xx()
     throws Exception {
   k3po.finish();
 }
Exemple #28
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "server.should.send.501.to.unimplemented.methods/request",
   "server.should.send.501.to.unimplemented.methods/response"
 })
 public void serverShouldSend501ToUnImplementedMethods() throws Exception {
   // 501 (Not Implemented)
   k3po.finish();
 }
Exemple #29
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "proxy.should.preserve.unrecongnized.headers/client",
   "proxy.should.preserve.unrecongnized.headers/server",
   "proxy.should.preserve.unrecongnized.headers/proxy"
 })
 public void proxyShouldPreserveUnrecognizedHeaders() throws Exception {
   k3po.finish();
 }
Exemple #30
0
 /**
  * See <a href="https://tools.ietf.org/html/rfc7230#section-3.3.3">RFC 7230 section 3: Message
  * Format</a>.
  *
  * <p>If a message is received without Transfer-Encoding and with either multiple Content-Length
  * header fields having differing field-values or a single Content-Length header field having an
  * invalid value, then the message framing is invalid and the recipient MUST treat it as an
  * unrecoverable error. If this is a request message, the server MUST respond with a 400 (Bad
  * Request) status code and then close the connection. If this is a response message received by a
  * proxy, the proxy MUST close the connection to the server, discard the received response, and
  * send a 502 (Bad Gateway) response to the client. If this is a response message received by a
  * user agent, the user agent MUST close the connection to the server and discard the received
  * response.
  *
  * @throws Exception when K3PO is not started
  */
 @Test
 @Specification({
   "gateway.must.reject.request.with.multiple.different.content.length/request",
   "gateway.must.reject.request.with.multiple.different.content.length/gateway",
   "gateway.must.reject.request.with.multiple.different.content.length/response"
 })
 public void gatewayMustRejectResponseWithMultipleDifferentContentLength() throws Exception {
   // 502 Bad Gateway
   k3po.finish();
 }