1 /****************************************************************************
3 ** Copyright (C) 2013 Digia Plc and/or its subsidiary(-ies).
4 ** Contact: http://www.qt-project.org/legal
6 ** This file is part of the test suite of the Qt Toolkit.
8 ** $QT_BEGIN_LICENSE:LGPL$
9 ** Commercial License Usage
10 ** Licensees holding valid commercial Qt licenses may use this file in
11 ** accordance with the commercial license agreement provided with the
12 ** Software or, alternatively, in accordance with the terms contained in
13 ** a written agreement between you and Digia. For licensing terms and
14 ** conditions see http://qt.digia.com/licensing. For further information
15 ** use the contact form at http://qt.digia.com/contact-us.
17 ** GNU Lesser General Public License Usage
18 ** Alternatively, this file may be used under the terms of the GNU Lesser
19 ** General Public License version 2.1 as published by the Free Software
20 ** Foundation and appearing in the file LICENSE.LGPL included in the
21 ** packaging of this file. Please review the following information to
22 ** ensure the GNU Lesser General Public License version 2.1 requirements
23 ** will be met: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html.
25 ** In addition, as a special exception, Digia gives you certain additional
26 ** rights. These rights are described in the Digia Qt LGPL Exception
27 ** version 1.1, included in the file LGPL_EXCEPTION.txt in this package.
29 ** GNU General Public License Usage
30 ** Alternatively, this file may be used under the terms of the GNU
31 ** General Public License version 3.0 as published by the Free Software
32 ** Foundation and appearing in the file LICENSE.GPL included in the
33 ** packaging of this file. Please review the following information to
34 ** ensure the GNU General Public License version 3.0 requirements will be
35 ** met: http://www.gnu.org/copyleft/gpl.html.
40 ****************************************************************************/
41 #include <QtTest/QtTest>
42 #include <QtTest/qtestcase.h>
43 #include <QtCore/QDebug>
44 #include <QtCore/QByteArray>
45 #include <QtCore/QtEndian>
47 #include "private/qwebsockethandshakerequest_p.h"
48 #include "QtWebSockets/qwebsocketprotocol.h"
52 Q_DECLARE_METATYPE(QWebSocketProtocol::CloseCode)
53 Q_DECLARE_METATYPE(QWebSocketProtocol::OpCode)
55 class tst_HandshakeRequest : public QObject
60 tst_HandshakeRequest();
64 void cleanupTestCase();
68 void tst_initialization();
70 void tst_invalidStream_data();
71 void tst_invalidStream();
73 void tst_multipleValuesInConnectionHeader();
74 void tst_multipleVersions();
77 tst_HandshakeRequest::tst_HandshakeRequest()
80 void tst_HandshakeRequest::initTestCase()
84 void tst_HandshakeRequest::cleanupTestCase()
87 void tst_HandshakeRequest::init()
89 qRegisterMetaType<QWebSocketProtocol::OpCode>("QWebSocketProtocol::OpCode");
90 qRegisterMetaType<QWebSocketProtocol::CloseCode>("QWebSocketProtocol::CloseCode");
93 void tst_HandshakeRequest::cleanup()
97 void tst_HandshakeRequest::tst_initialization()
100 QWebSocketHandshakeRequest request(0, false);
101 QCOMPARE(request.port(), 0);
102 QVERIFY(!request.isSecure());
103 QVERIFY(!request.isValid());
104 QCOMPARE(request.extensions().length(), 0);
105 QCOMPARE(request.protocols().length(), 0);
106 QCOMPARE(request.headers().size(), 0);
107 QCOMPARE(request.key().length(), 0);
108 QCOMPARE(request.origin().length(), 0);
109 QCOMPARE(request.host().length(), 0);
110 QVERIFY(request.requestUrl().isEmpty());
111 QCOMPARE(request.resourceName().length(), 0);
112 QCOMPARE(request.versions().length(), 0);
115 QWebSocketHandshakeRequest request(80, true);
116 QCOMPARE(request.port(), 80);
117 QVERIFY(request.isSecure());
118 QVERIFY(!request.isValid());
119 QCOMPARE(request.extensions().length(), 0);
120 QCOMPARE(request.protocols().length(), 0);
121 QCOMPARE(request.headers().size(), 0);
122 QCOMPARE(request.key().length(), 0);
123 QCOMPARE(request.origin().length(), 0);
124 QCOMPARE(request.host().length(), 0);
125 QVERIFY(request.requestUrl().isEmpty());
126 QCOMPARE(request.resourceName().length(), 0);
127 QCOMPARE(request.versions().length(), 0);
130 QWebSocketHandshakeRequest request(80, true);
132 QCOMPARE(request.port(), 80);
133 QVERIFY(request.isSecure());
134 QVERIFY(!request.isValid());
135 QCOMPARE(request.extensions().length(), 0);
136 QCOMPARE(request.protocols().length(), 0);
137 QCOMPARE(request.headers().size(), 0);
138 QCOMPARE(request.key().length(), 0);
139 QCOMPARE(request.origin().length(), 0);
140 QCOMPARE(request.host().length(), 0);
141 QVERIFY(request.requestUrl().isEmpty());
142 QCOMPARE(request.resourceName().length(), 0);
143 QCOMPARE(request.versions().length(), 0);
147 void tst_HandshakeRequest::tst_invalidStream_data()
149 QTest::addColumn<QString>("dataStream");
151 QTest::newRow("garbage on 2 lines") << QStringLiteral("foofoofoo\r\nfoofoo\r\n\r\n");
152 QTest::newRow("garbage on 1 line") << QStringLiteral("foofoofoofoofoo");
153 QTest::newRow("Correctly formatted but invalid fields") << QStringLiteral("VERB RESOURCE PROTOCOL");
155 //internally the fields are parsed and indexes are used to convert to a http version for instance
156 //this test checks if there doesn't occur an out-of-bounds exception
157 QTest::newRow("Correctly formatted but invalid short fields") << QStringLiteral("V R P");
158 QTest::newRow("Invalid \\0 character in header") << QStringLiteral("V R\0 P");
159 QTest::newRow("Invalid http version in header") << QStringLiteral("V R HTTP/invalid");
160 QTest::newRow("Empty header field") << QStringLiteral("GET . HTTP/1.1\r\nHEADER: ");
161 QTest::newRow("All zeros") << QString::fromUtf8(QByteArray(10, char(0)));
162 QTest::newRow("Invalid hostname") << "GET . HTTP/1.1\r\nHost: \xFF\xFF";
163 //doing extensive QStringLiteral concatenations here, because
164 //MSVC 2010 complains when using concatenation literal strings about
165 //concatenation of wide and narrow strings (error C2308)
166 QTest::newRow("Complete header - Invalid websocket version")
167 << QStringLiteral("GET . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: \xFF\xFF\r\n") +
168 QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
169 QStringLiteral("Upgrade: websocket\r\n") +
170 QStringLiteral("Connection: Upgrade\r\n\r\n");
171 QTest::newRow("Complete header - Invalid verb")
172 << QStringLiteral("XXX . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
173 QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
174 QStringLiteral("Upgrade: websocket\r\n") +
175 QStringLiteral("Connection: Upgrade\r\n\r\n");
176 QTest::newRow("Complete header - Invalid http version")
177 << QStringLiteral("GET . HTTP/a.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
178 QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
179 QStringLiteral("Upgrade: websocket\r\n") +
180 QStringLiteral("Connection: Upgrade\r\n\r\n");
181 QTest::newRow("Complete header - Invalid connection")
182 << QStringLiteral("GET . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
183 QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
184 QStringLiteral("Upgrade: websocket\r\n") +
185 QStringLiteral("Connection: xxxxxxx\r\n\r\n");
186 QTest::newRow("Complete header - Invalid upgrade")
187 << QStringLiteral("GET . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
188 QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
189 QStringLiteral("Upgrade: wabsocket\r\n") +
190 QStringLiteral("Connection: Upgrade\r\n\r\n");
191 QTest::newRow("Complete header - Upgrade contains too many values")
192 << QStringLiteral("GET . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
193 QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
194 QStringLiteral("Upgrade: websocket,ftp\r\n") +
195 QStringLiteral("Connection: Upgrade\r\n\r\n");
198 void tst_HandshakeRequest::tst_invalidStream()
200 QFETCH(QString, dataStream);
203 QTextStream textStream(&data);
204 QWebSocketHandshakeRequest request(80, true);
206 textStream << dataStream;
208 textStream >> request;
210 QVERIFY(!request.isValid());
211 QCOMPARE(request.port(), 80);
212 QVERIFY(request.isSecure());
213 QCOMPARE(request.extensions().length(), 0);
214 QCOMPARE(request.protocols().length(), 0);
215 QCOMPARE(request.headers().size(), 0);
216 QCOMPARE(request.key().length(), 0);
217 QCOMPARE(request.origin().length(), 0);
218 QCOMPARE(request.host().length(), 0);
219 QVERIFY(request.requestUrl().isEmpty());
220 QCOMPARE(request.resourceName().length(), 0);
221 QCOMPARE(request.versions().length(), 0);
225 * This is a regression test
226 * Checks for validity when more than one value is present in Connection
228 void tst_HandshakeRequest::tst_multipleValuesInConnectionHeader()
230 QString header = QStringLiteral("GET /test HTTP/1.1\r\nHost: foo.com\r\nSec-WebSocket-Version: 13\r\n") +
231 QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
232 QStringLiteral("Upgrade: websocket\r\n") +
233 QStringLiteral("Connection: Upgrade,keepalive\r\n\r\n");
235 QTextStream textStream(&data);
236 QWebSocketHandshakeRequest request(80, false);
238 textStream << header;
240 textStream >> request;
242 QVERIFY(request.isValid());
243 QCOMPARE(request.port(), 80);
244 QVERIFY(!request.isSecure());
245 QCOMPARE(request.extensions().length(), 0);
246 QCOMPARE(request.protocols().length(), 0);
247 QCOMPARE(request.headers().size(), 5);
248 QCOMPARE(request.key().length(), 9);
249 QCOMPARE(request.origin().length(), 0);
250 QCOMPARE(request.requestUrl(), QUrl("ws://foo.com/test"));
251 QCOMPARE(request.host(), QStringLiteral("foo.com"));
252 QCOMPARE(request.resourceName().length(), 5);
253 QCOMPARE(request.versions().length(), 1);
254 QCOMPARE(request.versions().at(0), QWebSocketProtocol::V_13);
257 void tst_HandshakeRequest::tst_multipleVersions()
259 QString header = QStringLiteral("GET /test HTTP/1.1\r\nHost: foo.com\r\n") +
260 QStringLiteral("Sec-WebSocket-Version: 4, 5, 6, 7, 8, 13\r\n") +
261 QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
262 QStringLiteral("Upgrade: websocket\r\n") +
263 QStringLiteral("Connection: Upgrade,keepalive\r\n\r\n");
265 QTextStream textStream(&data);
266 QWebSocketHandshakeRequest request(80, false);
268 textStream << header;
270 textStream >> request;
272 QVERIFY(request.isValid());
273 QCOMPARE(request.port(), 80);
274 QVERIFY(!request.isSecure());
275 QCOMPARE(request.extensions().length(), 0);
276 QCOMPARE(request.protocols().length(), 0);
277 QCOMPARE(request.headers().size(), 5);
278 QVERIFY(request.headers().contains(QStringLiteral("Host")));
279 QVERIFY(request.headers().contains(QStringLiteral("Sec-WebSocket-Version")));
280 QVERIFY(request.headers().contains(QStringLiteral("Sec-WebSocket-Key")));
281 QVERIFY(request.headers().contains(QStringLiteral("Upgrade")));
282 QVERIFY(request.headers().contains(QStringLiteral("Connection")));
283 QCOMPARE(request.key(), QStringLiteral("AVDFBDDFF"));
284 QCOMPARE(request.origin().length(), 0);
285 QCOMPARE(request.requestUrl(), QUrl("ws://foo.com/test"));
286 QCOMPARE(request.host(), QStringLiteral("foo.com"));
287 QCOMPARE(request.resourceName().length(), 5);
288 QCOMPARE(request.versions().length(), 6);
289 //should be 13 since the list is ordered in decreasing order
290 QCOMPARE(request.versions().at(0), QWebSocketProtocol::V_13);
293 QTEST_MAIN(tst_HandshakeRequest)
295 #include "tst_handshakerequest.moc"