Skip to content

Commit

Permalink
Make SafeRequestBuilderTest check that header values don't leak
Browse files Browse the repository at this point in the history
  • Loading branch information
bantonsson committed Sep 26, 2022
1 parent 8a7400f commit 069de95
Show file tree
Hide file tree
Showing 5 changed files with 33 additions and 8 deletions.
1 change: 1 addition & 0 deletions communication/communication.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ dependencies {
implementation group: 'com.datadoghq', name: 'java-dogstatsd-client', version: "${versions.dogstatsd}"

testImplementation project(':utils:test-utils')
testImplementation deps.truth
testImplementation deps.bytebuddy
testImplementation group: 'org.msgpack', name: 'msgpack-core', version: '0.8.20'
testImplementation group: 'org.msgpack', name: 'jackson-dataformat-msgpack', version: '0.8.20'
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import okhttp3.Request
import okhttp3.RequestBody
import org.junit.Test
import org.junit.Assert
import com.google.common.truth.Truth

class SafeRequestBuilderTest {
SafeRequestBuilder testBuilder = new SafeRequestBuilder()
Expand All @@ -27,18 +28,36 @@ class SafeRequestBuilderTest {
builder = SafeRequestBuilder.addHeader(builder,"test","test")
Assert.assertEquals(builder.build().headers().get("test"),"test")
}
@Test (expected = IllegalArgumentException)
@Test
void "test bad static add header"(){
def name = 'bad_s'
def password = 'very-secret-password'
Request.Builder builder = new Request.Builder().url("http://localhost")
builder = SafeRequestBuilder.addHeader(builder,"\n\n","\n\n")
IllegalArgumentException ex = Assert.assertThrows(IllegalArgumentException, {
builder = SafeRequestBuilder.addHeader(builder, name, "$password\n")
})
Truth.assertThat(ex).hasMessageThat().contains(name)
Truth.assertThat(ex).hasMessageThat().doesNotContain(password)
}
@Test(expected = IllegalArgumentException)
@Test
void "test adding bad header"(){
testBuilder.url("http:localhost").addHeader("\n\n","\n\n")
def name = 'bad'
def password = 'very-secret-password'
IllegalArgumentException ex = Assert.assertThrows(IllegalArgumentException, {
testBuilder.url("http:localhost").addHeader(name, "$password\n")
})
Truth.assertThat(ex).hasMessageThat().contains(name)
Truth.assertThat(ex).hasMessageThat().doesNotContain(password)
}
@Test (expected = IllegalArgumentException)
@Test
void "test adding bad header2"(){
testBuilder.url("localhost").header("\u0019","\u0080")
def name = '\u0019'
def password = 'very-secret-password'
IllegalArgumentException ex = Assert.assertThrows(IllegalArgumentException, {
testBuilder.url("http:localhost").addHeader(name, "\u0080$password")
})
Truth.assertThat(ex).hasMessageThat().contains(name)
Truth.assertThat(ex).hasMessageThat().doesNotContain(password)
}
@Test
void "test building result"(){
Expand Down
4 changes: 4 additions & 0 deletions gradle/dependencies.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ final class CachedData {

spock : "1.3-groovy-$spockGroovyVer",
groovy : groovyVer,
junit4 : "4.13.2",
junit5 : "5.7.1",
logback : "1.2.3",
bytebuddy : "1.12.12",
Expand All @@ -19,6 +20,7 @@ final class CachedData {
scala211 : "2.11.12",
scala212 : "2.12.12",
scala213 : "2.13.4",
truth : "1.1.3",
kotlin : "1.3.72",
coroutines : "1.3.0",
dogstatsd : "4.0.0",
Expand Down Expand Up @@ -62,6 +64,7 @@ final class CachedData {
"org.objenesis:objenesis:2.6" // Last version to support Java7
],
groovy : "org.codehaus.groovy:groovy-all:${versions.groovy}",
junit4 : "junit:junit:${versions.junit4}",
junit5 : [
"org.junit.jupiter:junit-jupiter:${versions.junit5}",
"org.junit.jupiter:junit-jupiter-params:${versions.junit5}"
Expand All @@ -82,6 +85,7 @@ final class CachedData {
scala211 : "org.scala-lang:scala-library:${versions.scala211}",
scala212 : "org.scala-lang:scala-library:${versions.scala212}",
scala213 : "org.scala-lang:scala-library:${versions.scala213}",
truth : "com.google.truth:truth:${versions.truth}",
kotlin : "org.jetbrains.kotlin:kotlin-stdlib:${versions.kotlin}",
coroutines : "org.jetbrains.kotlinx:kotlinx-coroutines-core:${versions.coroutines}",

Expand Down
4 changes: 2 additions & 2 deletions utils/test-agent-utils/decoder/decoder.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,6 @@ ext {

dependencies {
implementation group: 'org.msgpack', name: 'msgpack-core', version: '0.8.24'
testImplementation 'junit:junit:4.13.2'
testImplementation 'com.google.truth:truth:1.1.3'
testImplementation deps.junit4
testImplementation deps.truth
}
1 change: 1 addition & 0 deletions utils/test-utils/test-utils.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ apply from: "$rootDir/gradle/java.gradle"
dependencies {
api deps.groovy
api deps.spock
api deps.junit4

api deps.bytebuddy
api deps.bytebuddyagent
Expand Down

0 comments on commit 069de95

Please sign in to comment.