Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add basic tests for new JS challenge behaviour #551

Merged
merged 20 commits into from
May 6, 2024
Merged

Add basic tests for new JS challenge behaviour #551

merged 20 commits into from
May 6, 2024

Conversation

EvgeniiMekhanik
Copy link
Contributor

@EvgeniiMekhanik EvgeniiMekhanik commented Nov 15, 2023
edited by RomanBelozerov
Loading

Closes #923

@EvgeniiMekhanik EvgeniiMekhanik marked this pull request as draft November 15, 2023 14:03
@EvgeniiMekhanik EvgeniiMekhanik force-pushed the MekhanikEvgenii/fix-1102 branch 6 times, most recently from 9478438 to 82afba6 Compare November 16, 2023 20:06
@EvgeniiMekhanik EvgeniiMekhanik force-pushed the MekhanikEvgenii/fix-1102 branch 4 times, most recently from a3c9905 to e743f11 Compare December 1, 2023 15:16
@EvgeniiMekhanik EvgeniiMekhanik force-pushed the MekhanikEvgenii/fix-1102 branch 17 times, most recently from b0ca6df to d0ac60b Compare December 22, 2023 08:02
const-t
const-t approved these changes May 1, 2024
View reviewed changes
sessions/test_cookies.py Outdated

@parameterize.expand(
[
# If no options are set, session lifetime is equal to INT_MAX (4294967295)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

INT_MAX on x86 is 2147483647.

EvgeniiMekhanik and others added 19 commits May 2, 2024 12:25
@EvgeniiMekhanik
Fix JS tests according changes in Tempesta
9b13948 
- Remove `delay_limit` options from the tests,
because it was removed from tempesta.
- Implement tests for `max_misses` and redirect
mark.
@EvgeniiMekhanik
Enable and fix redirect mark tests.
71caf84
@EvgeniiMekhanik
Implement tests for JS pipelined requests
415f38c
@RomanBelozerov @EvgeniiMekhanik
added negative tests for sticky cookie with max_misses
498af60
@RomanBelozerov @EvgeniiMekhanik
reworked JS challenge tests. The main motivation - old tests checked …
d851a93 
…Js challenge inside vhost, but did not explain the work process.

`JSChallengeVhost` and `JSChallengeDefVhostInherit` removed because it is duplicate for `VhostCookies` and `CookiesInherit` from `sessions.test_cookies`

New tests:
- a bad first request (`POST` method or invalid `Accept` header);
- second request  is not equal first;
- the number of invalid requests is greater than `max_misses`;
- block after Tempesta restart;
- block after connection restart;
- resp_code;
@RomanBelozerov @EvgeniiMekhanik
added tests to parse the Cookie headers.
60c9f52
@RomanBelozerov @EvgeniiMekhanik
small fix for js tests:
a3cec66 
- `*/*` and `text/*` are valid Accept header for JS because they contain 'text/html';
- changed a response status code when Tempesta blocks client connection. 400 Bad Request -> 429 Too Many Requests
@EvgeniiMekhanik
Fixes after review
d126062 
- Fix error codes according discussion
- Add two tests, first for pipelined POST requests,
  second for multiple cookie headers
- Remove sleep from max misses test (max_misses are
  counted only per second as other frang settings)
@RomanBelozerov @EvgeniiMekhanik
fixed bug when the HTTP/2 request contain duplicate headers.
e0d7577
@EvgeniiMekhanik
Implement test for multiple cookie headers in http_chain
1b37653
@RomanBelozerov @EvgeniiMekhanik
added h2 tests for multiple cookie headers in http_chain
1f37d8c
@EvgeniiMekhanik
Implement test for multiple set-cookie headers in response
b4526ab
@EvgeniiMekhanik
Fix according changes in Tempesta
36fae45 
Add max_misses=0 for enforced cookies, where
we do not check this option
@EvgeniiMekhanik
Fixes after rebase
d508c8f
@EvgeniiMekhanik
Check servicing non-challengeable resources from cache.
c2cc43f
@EvgeniiMekhanik
Add tests to check cookie options and js_challenge.
e5c8519 
Cookie options and js_challenge directives in our
config are only valid when cookie is present.
If Path and Max-Age or Expires are not set in
cookie eptions they should be explicitly set
by Tempesta FW.
@EvgeniiMekhanik
Add tests for method override and expire cookies
ab9c775 
- Add tests where we use x-http-method-override in requests,
  which should/shouldn't be challenged according it's http
  method.
- Add tests to check session lifetime and Max-Age header in
  cookie.
- Check that we don't drop response with multiple Set-Cookie
  header field in response with the same cookie-name, but
  write warning in dmesg.
@EvgeniiMekhanik
Do not increment max misses for non challengeble requests
8e0b866
@EvgeniiMekhanik
Several fixes after rebase
256ea15 
- enable tests blocked by merged PR
- set frang http_strict_host_checking false;
- disable configuration tests for remote and
  TCP segmentation.
- Change response status codes when Accept
  header is */* or text/*.
- disable deproxy auto parser for pipelined requests
@EvgeniiMekhanik EvgeniiMekhanik force-pushed the MekhanikEvgenii/fix-1102 branch 2 times, most recently from e58969e to bf1ac60 Compare May 2, 2024 13:17
@RomanBelozerov RomanBelozerov self-requested a review May 2, 2024 13:38
@EvgeniiMekhanik
Fix sending pipelined requests
07556ff 
Also change check client.conn_is_closed() to
client.wait_for_connection_close(), to
make tests not flaky
@RomanBelozerov RomanBelozerov marked this pull request as ready for review May 6, 2024 07:33
@RomanBelozerov RomanBelozerov merged commit a6b5c33 into master May 6, 2024
1 check was pending
@RomanBelozerov RomanBelozerov deleted the MekhanikEvgenii/fix-1102 branch May 6, 2024 07:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@krizhanovsky krizhanovsky krizhanovsky left review comments

@const-t const-t const-t approved these changes

@RomanBelozerov RomanBelozerov RomanBelozerov approved these changes

Assignees

@RomanBelozerov RomanBelozerov

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Tests] Functional tests for JS Challenge
4 participants
@EvgeniiMekhanik @krizhanovsky @const-t @RomanBelozerov