11#include <boost/test/unit_test.hpp>
26 "Connection: close\r\n"
27 "Content-Type: application/json\r\n"
28 "Authorization: Basic X19jb29raWVfXzo5OGQ5ODQ3MWNmNjg0NzAzYTkzN2EzNzk0ZDFlODQ1NjZmYTRkZjJiMzFkYjhhODI4ZGY4MjVjOTg5ZGI4OTVl\r\n"
29 "Content-Length: 46\r\n"
31 R
"({"method":"getblockcount","params":[],"id":1})""\n";
33BOOST_FIXTURE_TEST_SUITE(httpserver_tests, SocketTestingSetup)
35BOOST_AUTO_TEST_CASE(test_query_parameters)
39 // Tolerate a URI with invalid characters (% not followed by hex digits)
40 uri = "/rest/endpoint/someresource.json?p1=v1&p2=v2%";
41 BOOST_CHECK_EQUAL(GetQueryParameterFromUri(uri, "p1"), "v1");
42 BOOST_CHECK_EQUAL(GetQueryParameterFromUri(uri, "p2"), "v2%");
45 uri = "localhost:8080/rest/headers/someresource.json";
46 BOOST_CHECK(!GetQueryParameterFromUri(uri, "p1"));
49 uri = "localhost:8080/rest/endpoint/someresource.json?p1=v1";
50 BOOST_CHECK_EQUAL(GetQueryParameterFromUri(uri, "p1"), "v1");
51 BOOST_CHECK(!GetQueryParameterFromUri(uri, "p2"));
53 // Multiple parameters
54 uri = "/rest/endpoint/someresource.json?p1=v1&p2=v2";
55 BOOST_CHECK_EQUAL(GetQueryParameterFromUri(uri, "p1"), "v1");
56 BOOST_CHECK_EQUAL(GetQueryParameterFromUri(uri, "p2"), "v2");
58 // If the query string contains duplicate keys, the first value is returned
59 uri = "/rest/endpoint/someresource.json?p1=v1&p1=v2";
60 BOOST_CHECK_EQUAL(GetQueryParameterFromUri(uri, "p1"), "v1");
62 // Invalid query string syntax is the same as not having parameters
63 uri = "/rest/endpoint/someresource.json&p1=v1&p2=v2";
64 BOOST_CHECK(!GetQueryParameterFromUri(uri, "p1"));
66 // Multiple parameters, some characters encoded
67 uri = "/rest/endpoint/someresource.json?p1=v1%20&p2=100%25";
68 BOOST_CHECK_EQUAL(GetQueryParameterFromUri(uri, "p1"), "v1 ");
69 BOOST_CHECK_EQUAL(GetQueryParameterFromUri(uri, "p2"), "100%");
71 // Encoded query delimiters are part of the parameter value, not structure.
72 uri = "/rest/endpoint/someresource.json?p=a%26b%3Dc%23frag&other=x";
73 BOOST_CHECK_EQUAL(GetQueryParameterFromUri(uri, "p"), "a&b=c#frag");
74 BOOST_CHECK_EQUAL(GetQueryParameterFromUri(uri, "other"), "x");
76 // An encoded question mark in the path does not introduce a query section.
77 uri = "/rest/endpoint/someresource.json%3Fp1%3Dv1%26p2%3D100%25";
78 BOOST_CHECK(!GetQueryParameterFromUri(uri, "p1"));
81BOOST_AUTO_TEST_CASE(http_headers_tests)
84 // Writing response headers
85 HTTPHeaders headers{};
86 BOOST_CHECK(!headers.FindFirst("Cache-Control"));
87 headers.Write("Cache-Control", "no-cache");
88 // Check case-insensitive key matching
89 BOOST_CHECK_EQUAL(headers.FindFirst("Cache-Control"), "no-cache");
90 BOOST_CHECK_EQUAL(headers.FindFirst("cache-control"), "no-cache");
91 // Additional values are appended, compared case-insensitive
92 headers.Write("cache-control", "max-age=60");
93 BOOST_CHECK_EQUAL(headers.FindFirst("Cache-Control"), "no-cache");
94 BOOST_CHECK((headers.FindAll("Cache-Control") == std::vector<std::string_view>{"no-cache", "max-age=60"}));
96 headers.Write("Pie", "apple");
97 headers.Write("Sandwich", "ham");
98 headers.Write("Coffee", "black");
99 BOOST_CHECK_EQUAL(headers.FindFirst("Pie"), "apple");
101 headers.RemoveAll("Pie");
102 BOOST_CHECK(!headers.FindFirst("Pie"));
103 // Combine for transmission
104 std::string headers_string{headers.Stringify()};
105 BOOST_CHECK_EQUAL(headers_string, "Cache-Control: no-cache\r\n"
106 "cache-control: max-age=60\r\n"
112 // Reading request headers captured from bitcoin-cli
113 constexpr std::string_view bitcoin_cli_headers = "Host: 127.0.0.1\r\n"
114 "Connection: close\r\n"
115 "Content-Type: application/json\r\n"
116 "Authorization: Basic X19jb29raWVfXzozYzJkNTAxNDFlMGJiYmVhMTI5ODg3NzI5MTM3NTRmNThkNjc2OWMwZTYxZjgzNTgyNzEwYTY1OGRkYjVmZGQ3\r\n"
117 "Content-Length: 46\r\n";
118 util::LineReader reader(bitcoin_cli_headers, /*max_line_length=*/MAX_HEADERS_SIZE);
119 HTTPHeaders headers{};
120 headers.Read(reader);
121 BOOST_CHECK_EQUAL(headers.FindFirst("Host"), "127.0.0.1");
122 BOOST_CHECK_EQUAL(headers.FindFirst("Connection"), "close");
123 BOOST_CHECK_EQUAL(headers.FindFirst("Content-Type"), "application/json");
124 BOOST_CHECK_EQUAL(headers.FindFirst("Authorization"), "Basic X19jb29raWVfXzozYzJkNTAxNDFlMGJiYmVhMTI5ODg3NzI5MTM3NTRmNThkNjc2OWMwZTYxZjgzNTgyNzEwYTY1OGRkYjVmZGQ3");
125 BOOST_CHECK_EQUAL(headers.FindFirst("Content-Length"), "46");
126 BOOST_CHECK(!headers.FindFirst("Pizza"));
128 // Ensure invalid headers are rejected
131 util::LineReader reader{"key value\n", /*max_line_length=*/MAX_HEADERS_SIZE};
132 BOOST_CHECK_EXCEPTION(HTTPHeaders{}.Read(reader), std::runtime_error, HasReason{"HTTP header missing colon (:)"});
162 lines.reserve(820 * 10);
163 for (
int i = 0; i < 820; ++i) {
164 lines.append(
"key:value\n");
194 "HTTP/1.1 200 OK\r\n"
195 "Content-Length: 41\r\n"
222 // Malformed: no spaces between data
224 LineReader reader("GET/HTTP/1.0\r\nHost: 127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
225 BOOST_CHECK_EXCEPTION(req.LoadControlData(reader), std::runtime_error, HasReason{"HTTP request line too short"});
228 // Malformed: too many spaces
230 LineReader reader("GET / HTTP / 1.0\r\nHost: 127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
231 BOOST_CHECK_EXCEPTION(req.LoadControlData(reader), std::runtime_error, HasReason{"HTTP request line malformed"});
234 // Malformed: slash missing before version
236 LineReader reader("GET / HTTP1.0\r\nHost: 127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
237 BOOST_CHECK_EXCEPTION(req.LoadControlData(reader), std::runtime_error, HasReason{"HTTP request line too short"});
240 // Malformed: no decimal in version
242 LineReader reader("GET / HTTP/11\r\nHost: 127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
243 BOOST_CHECK_EXCEPTION(req.LoadControlData(reader), std::runtime_error, HasReason{"HTTP request line too short"});
246 // Malformed: version is not a number
248 LineReader reader("GET / HTTP/1.x\r\nHost: 127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
249 BOOST_CHECK_EXCEPTION(req.LoadControlData(reader), std::runtime_error, HasReason{"HTTP bad version"});
252 // Malformed: version is out of range
254 LineReader reader("GET / HTTP/2.0\r\nHost: 127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
255 BOOST_CHECK_EXCEPTION(req.LoadControlData(reader), std::runtime_error, HasReason{"HTTP bad version"});
258 // Malformed: version is out of range
260 LineReader reader("GET / HTTP/0.9\r\nHost: 127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
261 BOOST_CHECK_EXCEPTION(req.LoadControlData(reader), std::runtime_error, HasReason{"HTTP bad version"});
264 // Malformed: version is out of range
266 LineReader reader("GET / HTTP/-1.0\r\nHost: 127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
267 BOOST_CHECK_EXCEPTION(req.LoadControlData(reader), std::runtime_error, HasReason{"HTTP bad version"});
270 // Malformed: version is not exactly two integers and a dot
272 LineReader reader("GET / HTTP/1.00\r\nHost: 127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
273 BOOST_CHECK_EXCEPTION(req.LoadControlData(reader), std::runtime_error, HasReason{"HTTP bad version"});
276 // Malformed: contains NUL
278 LineReader reader{std::string_view{"GET /safe\0/etc/passwd HTTP/1.00\r\nHost: 127.0.0.1\r\n\r\n", 50}, MAX_HEADERS_SIZE};
279 BOOST_CHECK_EXCEPTION(req.LoadControlData(reader), std::runtime_error, HasReason{"Invalid request line contains NUL"});
282 // Malformed: differing Content-Length values, case insensitive
283 constexpr std::string_view differing_length = "GET / HTTP/1.1\n"
285 "Content-Length: 8\n"
286 "content-length: 9\n\n"
289 util::LineReader reader{differing_length, /*max_line_length=*/MAX_HEADERS_SIZE};
290 BOOST_CHECK(req.LoadControlData(reader));
291 BOOST_CHECK(req.LoadHeaders(reader));
292 BOOST_CHECK_EXCEPTION(req.LoadBody(reader), std::runtime_error, HasReason{"Differing Content-Length values"});
295 // Ok: multiple same Content-Length values
296 constexpr std::string_view differing_length = "GET / HTTP/1.1\n"
298 "Content-Length: 8\n"
299 "content-length: 8\n\n"
302 util::LineReader reader{differing_length, /*max_line_length=*/MAX_HEADERS_SIZE};
303 BOOST_CHECK(req.LoadControlData(reader));
304 BOOST_CHECK(req.LoadHeaders(reader));
305 BOOST_CHECK(req.LoadBody(reader));
310 LineReader reader("GET / HTTP/1.0\r\nHost: 127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
311 BOOST_CHECK(req.LoadControlData(reader));
312 BOOST_CHECK(req.LoadHeaders(reader));
313 BOOST_CHECK(req.LoadBody(reader));
314 BOOST_CHECK_EQUAL(req.m_method, HTTPRequestMethod::GET);
315 BOOST_CHECK_EQUAL(req.m_target, "/");
316 BOOST_CHECK_EQUAL(req.m_version.major, 1);
317 BOOST_CHECK_EQUAL(req.m_version.minor, 0);
318 BOOST_CHECK_EQUAL(req.m_headers.FindFirst("Host"), "127.0.0.1");
320 BOOST_CHECK_EQUAL(req.m_body.size(), 0);
323 // Malformed: missing colon
325 LineReader reader("GET / HTTP/1.0\r\nHost=127.0.0.1\r\n\r\n", MAX_HEADERS_SIZE);
326 BOOST_CHECK(req.LoadControlData(reader));
327 BOOST_CHECK_EXCEPTION(req.LoadHeaders(reader), std::runtime_error, HasReason{"HTTP header missing colon (:)"});
367 std::string huge_body(excessive_size,
'x');
368 const std::string request{
"GET / HTTP/1.0\r\nContent-Length: " +
util::ToString(excessive_size) +
"\r\n\r\n" + std::move(huge_body)};
378 const std::string request{
"GET / HTTP/1.0\r\nContent-Length: " +
util::ToString(
MAX_BODY_SIZE) +
"\r\n\r\n" + std::move(max_body)};
397 std::string_view ok_chunked =
"GET / HTTP/1.0\n"
398 "Transfer-Encoding: chunked\n"
401 R
"({"method":"getbl)""\n"
406 LineReader reader(ok_chunked, MAX_HEADERS_SIZE);
407 BOOST_CHECK(req.LoadControlData(reader));
408 BOOST_CHECK(req.LoadHeaders(reader));
409 BOOST_CHECK(req.LoadBody(reader));
410 BOOST_CHECK_EQUAL(req.m_body, R"({"method":"getblockcount"})");
415 std::string_view excessive_chunk_size =
"GET / HTTP/1.0\n"
416 "Transfer-Encoding: chunked\n"
419 R
"({"method":"getbl)""\n"
424 LineReader reader(excessive_chunk_size, MAX_HEADERS_SIZE);
425 BOOST_CHECK(req.LoadControlData(reader));
426 BOOST_CHECK(req.LoadHeaders(reader));
427 BOOST_CHECK_EXCEPTION(req.LoadBody(reader), http_bitcoin::ContentTooLargeError, HasReason{"Chunk will exceed max body size"});
430 // Allow (but ignore) Chunk Extensions
432 std::string_view ok_chunked = "GET / HTTP/1.0\n"
433 "Transfer-Encoding: chunked\n"
435 "10;sha256=715790e8a3b09d704ac9641f42d183a5ebc5fd939663de23da548519ac2165e5\n"
436 R"({"method":"getbl)""\n"
439 "0;why;would;anyone;do;this;\n"
440 "Expires: Wed, 21 Oct 2026 07:28:00 GMT\n"
442 LineReader reader(ok_chunked, MAX_HEADERS_SIZE);
443 BOOST_CHECK(req.LoadControlData(reader));
444 BOOST_CHECK(req.LoadHeaders(reader));
445 BOOST_CHECK(req.LoadBody(reader));
446 BOOST_CHECK_EQUAL(req.m_body, R"({"method":"getblockcount"})");
453 std::string_view invalid_chunked =
"GET / HTTP/1.0\n"
454 "Transfer-Encoding: chunked\n"
457 R
"({"method":"getbl)""\n"
462 LineReader reader(invalid_chunked, MAX_HEADERS_SIZE);
463 BOOST_CHECK(req.LoadControlData(reader));
464 BOOST_CHECK(req.LoadHeaders(reader));
465 BOOST_CHECK_EXCEPTION(req.LoadBody(reader), std::runtime_error, HasReason{"Cannot parse chunk length value"});
468 // Invalid "chunked" transfer, missing chunk termination \n
470 std::string_view invalid_chunked = "GET / HTTP/1.0\n"
471 "Transfer-Encoding: chunked\n"
474 R"({"method":"getbl)"
487 std::string delayed_chunked =
"GET / HTTP/1.0\n"
488 "Transfer-Encoding: chunked\n"
491 R
"({"method":"getbl)""\n"
499 delayed_chunked +=
"\n0\n\n";
515 Mutex requests_mutex;
516 std::deque<std::unique_ptr<HTTPRequest>> requests;
517 auto StoreRequest = [&](std::unique_ptr<HTTPRequest>&& req) {
518 LOCK(requests_mutex);
519 requests.push_back(std::move(req));
526 CService onion_address{
Lookup(
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaam2dqd.onion", 0,
false).value()};
527 auto result{server.BindAndStartListening(onion_address)};
528 BOOST_REQUIRE(!result);
529 BOOST_CHECK_EQUAL(result.error(),
"Bind address family for aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaam2dqd.onion:0 not supported");
536 BOOST_REQUIRE_EQUAL(server.GetListeningSocketCount(), 0);
538 BOOST_REQUIRE(server.BindAndStartListening(addr_bind));
540 BOOST_REQUIRE_EQUAL(server.GetListeningSocketCount(), 1);
543 server.StartSocketsThreads();
551 std::shared_ptr<DynSock::Pipes> mock_client_socket_pipes{ConnectClient(std::as_bytes(std::span(
full_request)))};
555 while (server.GetConnectionsCount() < 1) {
556 std::this_thread::sleep_for(10ms);
557 BOOST_REQUIRE(--attempts > 0);
561 std::shared_ptr<HTTPRemoteClient> client;
569 LOCK(requests_mutex);
571 if (requests.size() == 1) {
573 BOOST_CHECK_EQUAL(requests.front()->m_body, R
"({"method":"getblockcount","params":[],"id":1})""\n");
574 BOOST_CHECK_EQUAL(requests.front()->GetPeer().ToStringAddrPort(), "5.5.5.5:6789");
576 // Inspect the connection pointed to from the request
577 client = requests.front()->m_client;
578 BOOST_CHECK_EQUAL(client->m_origin, "5.5.5.5:6789");
580 // Respond to request
581 requests.front()->WriteReply(HTTP_OK, "874140\n");
586 std::this_thread::sleep_for(10ms);
587 BOOST_REQUIRE(--attempts > 0);
590 // Check the sent response from the mock client at the other end of the mock socket
592 // Wait up to one minute for all the bytes to appear in the "send" pipe.
593 char buf[0x10000] = {};
597 ssize_t bytes_read = mock_client_socket_pipes->send.GetBytes(buf, sizeof(buf), 0);
598 if (bytes_read > 0) {
599 actual.append(buf, bytes_read);
600 if (actual.length() == 146) {
604 std::this_thread::sleep_for(10ms);
607 BOOST_CHECK(actual.starts_with("HTTP/1.1 200 OK\r\n"));
608 BOOST_CHECK(actual.ends_with("\r\n874140\n"));
609 // Headers can be sorted in any order, and will be, since we use unordered_map
610 BOOST_CHECK(actual.find("Connection: close\r\n") != std::string::npos);
611 BOOST_CHECK(actual.find("Content-Length: 7\r\n") != std::string::npos);
612 BOOST_CHECK(actual.find("Content-Type: text/html; charset=ISO-8859-1\r\n") != std::string::npos);
613 BOOST_CHECK(actual.find("Date: Wed, 11 Dec 2024 00:47:09 GMT\r\n") != std::string::npos);
615 // Wait up to one minute for connection to be automatically closed, because
616 // keep-alive was not set by the client and we are done responding to their request.
618 while (server.GetConnectionsCount() != 0) {
619 std::this_thread::sleep_for(10ms);
620 BOOST_REQUIRE(--attempts > 0);
623 // Stop the I/O loop and shutdown
624 server.InterruptNet();
625 // Wait for I/O loop to finish, after all connected sockets are closed
626 server.JoinSocketsThreads();
627 // Close all listening sockets
628 server.StopListening();
631BOOST_AUTO_TEST_SUITE_END()
A combination of a network address (CNetAddr) and a (TCP) port.
BOOST_CHECK_EXCEPTION predicates to check the specific validation error.
std::string GetURI() const
HTTPRequestMethod m_method
bool LoadHeaders(LineReader &reader)
bool LoadControlData(LineReader &reader)
Methods that attempt to parse HTTP request fields line-by-line from a receive buffer.
HTTPRequestMethod GetRequestMethod() const
bool LoadBody(LineReader &reader)
std::string StringifyHeaders() const
BOOST_AUTO_TEST_CASE(http_response_tests)
std::string_view excessive_headers
BOOST_CHECK_GT(excessive_headers.size(), MAX_HEADERS_SIZE)
BOOST_CHECK_EQUAL(headers.FindFirst("key"), "value")
BOOST_CHECK_EXCEPTION(HTTPHeaders{}.Read(reader), std::runtime_error, HasReason{"Empty HTTP header name"})
constexpr std::string_view full_request
std::optional< std::string > GetQueryParameterFromUri(const std::string_view uri, const std::string_view key)
constexpr uint64_t MAX_BODY_SIZE
Maximum size of an HTTP request body.
constexpr size_t MAX_HEADERS_SIZE
Maximum size of each headers line in an HTTP request, also the maximum size of all headers total.
std::string ToString(const T &t)
Locale-independent version of std::to_string.
std::vector< CService > Lookup(const std::string &name, uint16_t portDefault, bool fAllowLookup, unsigned int nMaxSolutions, DNSLookupFn dns_lookup_function)
Resolve a service string to its corresponding service.
#define BOOST_CHECK(expr)
Thrown when a request body exceeds MAX_BODY_SIZE (or will exceed, in chunked transfer) so the server ...
uint8_t major
Default HTTP protocol version 1.1 is used by error responses when a request is unreadable.
size_t Remaining() const
Returns remaining size of bytes in buffer.
void SetMockTime(int64_t nMockTimeIn)
DEPRECATED Use SetMockTime with chrono type.
1.9.4