tests/auto/handshakerequest/tst_handshakerequest.cpp

   1 /****************************************************************************
   2 **
   3 ** Copyright (C) 2013 Digia Plc and/or its subsidiary(-ies).
   4 ** Contact: http://www.qt-project.org/legal
   5 **
   6 ** This file is part of the test suite of the Qt Toolkit.
   7 **
   8 ** $QT_BEGIN_LICENSE:LGPL$
   9 ** Commercial License Usage
  10 ** Licensees holding valid commercial Qt licenses may use this file in
  11 ** accordance with the commercial license agreement provided with the
  12 ** Software or, alternatively, in accordance with the terms contained in
  13 ** a written agreement between you and Digia.  For licensing terms and
  14 ** conditions see http://qt.digia.com/licensing.  For further information
  15 ** use the contact form at http://qt.digia.com/contact-us.
  16 **
  17 ** GNU Lesser General Public License Usage
  18 ** Alternatively, this file may be used under the terms of the GNU Lesser
  19 ** General Public License version 2.1 as published by the Free Software
  20 ** Foundation and appearing in the file LICENSE.LGPL included in the
  21 ** packaging of this file.  Please review the following information to
  22 ** ensure the GNU Lesser General Public License version 2.1 requirements
  23 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
  24 **
  25 ** In addition, as a special exception, Digia gives you certain additional
  26 ** rights.  These rights are described in the Digia Qt LGPL Exception
  27 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
  28 **
  29 ** GNU General Public License Usage
  30 ** Alternatively, this file may be used under the terms of the GNU
  31 ** General Public License version 3.0 as published by the Free Software
  32 ** Foundation and appearing in the file LICENSE.GPL included in the
  33 ** packaging of this file.  Please review the following information to
  34 ** ensure the GNU General Public License version 3.0 requirements will be
  35 ** met: http://www.gnu.org/copyleft/gpl.html.
  36 **
  37 **
  38 ** $QT_END_LICENSE$
  39 **
  40 ****************************************************************************/
  41 #include <QtTest/QtTest>
  42 #include <QtTest/qtestcase.h>
  43 #include <QtCore/QDebug>
  44 #include <QtCore/QByteArray>
  45 #include <QtCore/QtEndian>
  46
  47 #include "private/qwebsockethandshakerequest_p.h"
  48 #include "private/qwebsocketprotocol_p.h"
  49 #include "QtWebSockets/qwebsocketprotocol.h"
  50
  51 QT_USE_NAMESPACE
  52
  53 Q_DECLARE_METATYPE(QWebSocketProtocol::CloseCode)
  54 Q_DECLARE_METATYPE(QWebSocketProtocol::OpCode)
  55
  56 class tst_HandshakeRequest : public QObject
  57 {
  58     Q_OBJECT
  59
  60 public:
  61     tst_HandshakeRequest();
  62
  63 private Q_SLOTS:
  64     void initTestCase();
  65     void cleanupTestCase();
  66     void init();
  67     void cleanup();
  68
  69     void tst_initialization();
  70
  71     void tst_invalidStream_data();
  72     void tst_invalidStream();
  73
  74     void tst_multipleValuesInConnectionHeader();
  75     void tst_multipleVersions();
  76 };
  77
  78 tst_HandshakeRequest::tst_HandshakeRequest()
  79 {}
  80
  81 void tst_HandshakeRequest::initTestCase()
  82 {
  83 }
  84
  85 void tst_HandshakeRequest::cleanupTestCase()
  86 {}
  87
  88 void tst_HandshakeRequest::init()
  89 {
  90     qRegisterMetaType<QWebSocketProtocol::OpCode>("QWebSocketProtocol::OpCode");
  91     qRegisterMetaType<QWebSocketProtocol::CloseCode>("QWebSocketProtocol::CloseCode");
  92 }
  93
  94 void tst_HandshakeRequest::cleanup()
  95 {
  96 }
  97
  98 void tst_HandshakeRequest::tst_initialization()
  99 {
 100     {
 101         QWebSocketHandshakeRequest request(0, false);
 102         QCOMPARE(request.port(), 0);
 103         QVERIFY(!request.isSecure());
 104         QVERIFY(!request.isValid());
 105         QCOMPARE(request.extensions().length(), 0);
 106         QCOMPARE(request.protocols().length(), 0);
 107         QCOMPARE(request.headers().size(), 0);
 108         QCOMPARE(request.key().length(), 0);
 109         QCOMPARE(request.origin().length(), 0);
 110         QCOMPARE(request.host().length(), 0);
 111         QVERIFY(request.requestUrl().isEmpty());
 112         QCOMPARE(request.resourceName().length(), 0);
 113         QCOMPARE(request.versions().length(), 0);
 114     }
 115     {
 116         QWebSocketHandshakeRequest request(80, true);
 117         QCOMPARE(request.port(), 80);
 118         QVERIFY(request.isSecure());
 119         QVERIFY(!request.isValid());
 120         QCOMPARE(request.extensions().length(), 0);
 121         QCOMPARE(request.protocols().length(), 0);
 122         QCOMPARE(request.headers().size(), 0);
 123         QCOMPARE(request.key().length(), 0);
 124         QCOMPARE(request.origin().length(), 0);
 125         QCOMPARE(request.host().length(), 0);
 126         QVERIFY(request.requestUrl().isEmpty());
 127         QCOMPARE(request.resourceName().length(), 0);
 128         QCOMPARE(request.versions().length(), 0);
 129     }
 130     {
 131         QWebSocketHandshakeRequest request(80, true);
 132         request.clear();
 133         QCOMPARE(request.port(), 80);
 134         QVERIFY(request.isSecure());
 135         QVERIFY(!request.isValid());
 136         QCOMPARE(request.extensions().length(), 0);
 137         QCOMPARE(request.protocols().length(), 0);
 138         QCOMPARE(request.headers().size(), 0);
 139         QCOMPARE(request.key().length(), 0);
 140         QCOMPARE(request.origin().length(), 0);
 141         QCOMPARE(request.host().length(), 0);
 142         QVERIFY(request.requestUrl().isEmpty());
 143         QCOMPARE(request.resourceName().length(), 0);
 144         QCOMPARE(request.versions().length(), 0);
 145     }
 146 }
 147
 148 void tst_HandshakeRequest::tst_invalidStream_data()
 149 {
 150     QTest::addColumn<QString>("dataStream");
 151
 152     QTest::newRow("garbage on 2 lines") << QStringLiteral("foofoofoo\r\nfoofoo\r\n\r\n");
 153     QTest::newRow("garbage on 1 line") << QStringLiteral("foofoofoofoofoo");
 154     QTest::newRow("Correctly formatted but invalid fields") << QStringLiteral("VERB RESOURCE PROTOCOL");
 155
 156     //internally the fields are parsed and indexes are used to convert to a http version for instance
 157     //this test checks if there doesn't occur an out-of-bounds exception
 158     QTest::newRow("Correctly formatted but invalid short fields") << QStringLiteral("V R P");
 159     QTest::newRow("Invalid \\0 character in header") << QStringLiteral("V R\0 P");
 160     QTest::newRow("Invalid http version in header") << QStringLiteral("V R HTTP/invalid");
 161     QTest::newRow("Empty header field") << QStringLiteral("GET . HTTP/1.1\r\nHEADER: ");
 162     QTest::newRow("All zeros") << QString::fromUtf8(QByteArray(10, char(0)));
 163     QTest::newRow("Invalid hostname") << "GET . HTTP/1.1\r\nHost: \xFF\xFF";
 164     //doing extensive QStringLiteral concatenations here, because
 165     //MSVC 2010 complains when using concatenation literal strings about
 166     //concatenation of wide and narrow strings (error C2308)
 167     QTest::newRow("Complete header - Invalid websocket version")
 168             << QStringLiteral("GET . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: \xFF\xFF\r\n") +
 169                QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
 170                QStringLiteral("Upgrade: websocket\r\n") +
 171                QStringLiteral("Connection: Upgrade\r\n\r\n");
 172     QTest::newRow("Complete header - Invalid verb")
 173             << QStringLiteral("XXX . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
 174                QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
 175                QStringLiteral("Upgrade: websocket\r\n") +
 176                QStringLiteral("Connection: Upgrade\r\n\r\n");
 177     QTest::newRow("Complete header - Invalid http version")
 178             << QStringLiteral("GET . HTTP/a.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
 179                QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
 180                QStringLiteral("Upgrade: websocket\r\n") +
 181                QStringLiteral("Connection: Upgrade\r\n\r\n");
 182     QTest::newRow("Complete header - Invalid connection")
 183             << QStringLiteral("GET . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
 184                QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
 185                QStringLiteral("Upgrade: websocket\r\n") +
 186                QStringLiteral("Connection: xxxxxxx\r\n\r\n");
 187     QTest::newRow("Complete header - Invalid upgrade")
 188             << QStringLiteral("GET . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
 189                QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
 190                QStringLiteral("Upgrade: wabsocket\r\n") +
 191                QStringLiteral("Connection: Upgrade\r\n\r\n");
 192     QTest::newRow("Complete header - Upgrade contains too many values")
 193             << QStringLiteral("GET . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
 194                QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
 195                QStringLiteral("Upgrade: websocket,ftp\r\n") +
 196                QStringLiteral("Connection: Upgrade\r\n\r\n");
 197 }
 198
 199 void tst_HandshakeRequest::tst_invalidStream()
 200 {
 201     QFETCH(QString, dataStream);
 202
 203     QByteArray data;
 204     QTextStream textStream(&data);
 205     QWebSocketHandshakeRequest request(80, true);
 206
 207     textStream << dataStream;
 208     textStream.seek(0);
 209     request.readHandshake(textStream);
 210
 211     QVERIFY(!request.isValid());
 212     QCOMPARE(request.port(), 80);
 213     QVERIFY(request.isSecure());
 214     QCOMPARE(request.extensions().length(), 0);
 215     QCOMPARE(request.protocols().length(), 0);
 216     QCOMPARE(request.headers().size(), 0);
 217     QCOMPARE(request.key().length(), 0);
 218     QCOMPARE(request.origin().length(), 0);
 219     QCOMPARE(request.host().length(), 0);
 220     QVERIFY(request.requestUrl().isEmpty());
 221     QCOMPARE(request.resourceName().length(), 0);
 222     QCOMPARE(request.versions().length(), 0);
 223 }
 224
 225 /*
 226  * This is a regression test
 227  * Checks for validity when more than one value is present in Connection
 228  */
 229 void tst_HandshakeRequest::tst_multipleValuesInConnectionHeader()
 230 {
 231     QString header = QStringLiteral("GET /test HTTP/1.1\r\nHost: foo.com\r\nSec-WebSocket-Version: 13\r\n") +
 232                      QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
 233                      QStringLiteral("Upgrade: websocket\r\n") +
 234                      QStringLiteral("Connection: Upgrade,keepalive\r\n\r\n");
 235     QByteArray data;
 236     QTextStream textStream(&data);
 237     QWebSocketHandshakeRequest request(80, false);
 238
 239     textStream << header;
 240     textStream.seek(0);
 241     request.readHandshake(textStream);
 242
 243     QVERIFY(request.isValid());
 244     QCOMPARE(request.port(), 80);
 245     QVERIFY(!request.isSecure());
 246     QCOMPARE(request.extensions().length(), 0);
 247     QCOMPARE(request.protocols().length(), 0);
 248     QCOMPARE(request.headers().size(), 5);
 249     QCOMPARE(request.key().length(), 9);
 250     QCOMPARE(request.origin().length(), 0);
 251     QCOMPARE(request.requestUrl(), QUrl("ws://foo.com/test"));
 252     QCOMPARE(request.host(), QStringLiteral("foo.com"));
 253     QCOMPARE(request.resourceName().length(), 5);
 254     QCOMPARE(request.versions().length(), 1);
 255     QCOMPARE(request.versions().at(0), QWebSocketProtocol::V_13);
 256 }
 257
 258 void tst_HandshakeRequest::tst_multipleVersions()
 259 {
 260     QString header = QStringLiteral("GET /test HTTP/1.1\r\nHost: foo.com\r\n") +
 261                      QStringLiteral("Sec-WebSocket-Version: 4, 5, 6, 7, 8, 13\r\n") +
 262                      QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
 263                      QStringLiteral("Upgrade: websocket\r\n") +
 264                      QStringLiteral("Connection: Upgrade,keepalive\r\n\r\n");
 265     QByteArray data;
 266     QTextStream textStream(&data);
 267     QWebSocketHandshakeRequest request(80, false);
 268
 269     textStream << header;
 270     textStream.seek(0);
 271     request.readHandshake(textStream);
 272
 273     QVERIFY(request.isValid());
 274     QCOMPARE(request.port(), 80);
 275     QVERIFY(!request.isSecure());
 276     QCOMPARE(request.extensions().length(), 0);
 277     QCOMPARE(request.protocols().length(), 0);
 278     QCOMPARE(request.headers().size(), 5);
 279     QVERIFY(request.headers().contains(QStringLiteral("Host")));
 280     QVERIFY(request.headers().contains(QStringLiteral("Sec-WebSocket-Version")));
 281     QVERIFY(request.headers().contains(QStringLiteral("Sec-WebSocket-Key")));
 282     QVERIFY(request.headers().contains(QStringLiteral("Upgrade")));
 283     QVERIFY(request.headers().contains(QStringLiteral("Connection")));
 284     QCOMPARE(request.key(), QStringLiteral("AVDFBDDFF"));
 285     QCOMPARE(request.origin().length(), 0);
 286     QCOMPARE(request.requestUrl(), QUrl("ws://foo.com/test"));
 287     QCOMPARE(request.host(), QStringLiteral("foo.com"));
 288     QCOMPARE(request.resourceName().length(), 5);
 289     QCOMPARE(request.versions().length(), 6);
 290     //should be 13 since the list is ordered in decreasing order
 291     QCOMPARE(request.versions().at(0), QWebSocketProtocol::V_13);
 292 }
 293
 294 QTEST_MAIN(tst_HandshakeRequest)
 295
 296 #include "tst_handshakerequest.moc"