Mercurial > hg > nginx-tests
view auth_delay.t @ 1961:fe6f22da53ec default tip
Tests: tests for usage of discarded body.
The client_max_body_size limit should be ignored when the request body
is already discarded. In HTTP/1.x, this is done by checking the
r->discard_body flag when the body is being discarded, and because
r->headers_in.content_length_n is 0 when it's already discarded. This,
however, does not happen with HTTP/2 and HTTP/3, and therefore
"error_page 413" does not work without relaxing the limit.
Further, with proxy_pass, r->headers_in.content_length_n is used to determine
length of the request body, and therefore is not correct if discarding of
the request body isn't yet complete. While discarding the request body,
r->headers_in.content_length_n contains the rest of the body to discard
(or, in case of chunked request body, the rest of the current chunk to
discard).
Similarly, the $content_length variable uses r->headers_in.content_length
if available, and also incorrect. The $content_length variable is used
when proxying with fastcgi_pass, grpc_pass, and uwsgi_pass (scgi_pass uses
the value calculated based on the actual request body buffers, and therefore
works correctly).
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Sat, 27 Apr 2024 18:55:50 +0300 |
parents | 5ac6efbe5552 |
children |
line wrap: on
line source
#!/usr/bin/perl # (C) Sergey Kandaurov # (C) Nginx, Inc. # Tests for auth_delay directive using auth basic module. ############################################################################### use warnings; use strict; use Test::More; use MIME::Base64; BEGIN { use FindBin; chdir($FindBin::Bin); } use lib 'lib'; use Test::Nginx; ############################################################################### select STDERR; $| = 1; select STDOUT; $| = 1; my $t = Test::Nginx->new()->has(qw/http auth_basic/) ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% daemon off; events { } http { %%TEST_GLOBALS_HTTP%% server { listen 127.0.0.1:8080; server_name localhost; location / { auth_delay 2s; auth_basic "closed site"; auth_basic_user_file %%TESTDIR%%/htpasswd; } } } EOF $t->write_file('index.html', ''); $t->write_file('htpasswd', 'user:' . '{PLAIN}good' . "\n"); $t->run()->plan(4); ############################################################################### my $t1 = time(); like(http_get_auth('/', 'user', 'bad'), qr/401 Unauthorize/, 'not authorized'); cmp_ok(time() - $t1, '>=', 2, 'auth delay'); $t1 = time(); like(http_get_auth('/', 'user', 'good'), qr/200 OK/, 'authorized'); cmp_ok(time() - $t1, '<', 2, 'no delay'); ############################################################################### sub http_get_auth { my ($url, $user, $password) = @_; my $auth = encode_base64($user . ':' . $password, ''); return http(<<EOF); GET $url HTTP/1.0 Host: localhost Authorization: Basic $auth EOF } ###############################################################################