1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.
package utils
import (
"context"
"fmt"
"io/ioutil"
"net"
"net/http"
"net/http/httptest"
"net/url"
"testing"
)
func TestHttpClient(t *testing.T) {
for _, allowInternal := range []bool{true, false} {
c := HttpClient(allowInternal)
for _, tc := range []struct {
URL string
IsInternal bool
}{
{
URL: "https://google.com",
IsInternal: false,
},
{
URL: "https://127.0.0.1",
IsInternal: true,
},
} {
_, err := c.Get(tc.URL)
if !tc.IsInternal {
if err != nil {
t.Fatal("google is down?")
}
} else {
allowed := !tc.IsInternal || allowInternal
success := err == nil
switch e := err.(type) {
case *net.OpError:
success = e.Err != AddressForbidden
case *url.Error:
success = e.Err != AddressForbidden
}
if success != allowed {
t.Fatalf("failed for %v. allowed: %v, success %v", tc.URL, allowed, success)
}
}
}
}
}
func TestHttpClientWithProxy(t *testing.T) {
proxy := createProxyServer()
defer proxy.Close()
c := createHttpClient(true, nil, nil)
purl, _ := url.Parse(proxy.URL)
c.Transport.(*http.Transport).Proxy = http.ProxyURL(purl)
resp, err := c.Get("http://acme.com")
if err != nil {
t.Fatal(err)
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
t.Fatal(err)
}
if string(body) != "proxy" {
t.FailNow()
}
}
func createProxyServer() *httptest.Server {
return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(200)
w.Header().Set("Content-Type", "text/plain; charset=us-ascii")
fmt.Fprint(w, "proxy")
}))
}
func TestDialContextFilter(t *testing.T) {
for _, tc := range []struct {
Addr string
IsValid bool
}{
{
Addr: "google.com:80",
IsValid: true,
},
{
Addr: "8.8.8.8:53",
IsValid: true,
},
{
Addr: "127.0.0.1:80",
},
{
Addr: "10.0.0.1:80",
IsValid: true,
},
} {
didDial := false
filter := dialContextFilter(func(ctx context.Context, network, addr string) (net.Conn, error) {
didDial = true
return nil, nil
}, func(host string) bool { return host == "10.0.0.1" }, func(ip net.IP) bool { return !isReserved(ip) })
_, err := filter(context.Background(), "", tc.Addr)
switch {
case tc.IsValid == (err == AddressForbidden) || (err != nil && err != AddressForbidden):
t.Errorf("unexpected err for %v (%v)", tc.Addr, err)
case tc.IsValid != didDial:
t.Errorf("unexpected didDial for %v", tc.Addr)
}
}
}
|