CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/spec/lib/rex/proto/http/response_spec.rb
Views: 1904
require 'nokogiri'12RSpec.describe Rex::Proto::Http::Response do34let(:get_cookies_test_no_cookies) do5<<-HEREDOC.gsub(/^ {6}/, '')6HTTP/1.1 200 OK7Date: Fri, 26 Apr 2013 12:43:12 GMT8Server: Apache/2.2.22 (Ubuntu)9X-Powered-By: PHP/5.4.6-1ubuntu1.210Expires: Thu, 19 Nov 1981 08:52:00 GMT11Cache-Control: private, max-age=10800, pre-check=1080012Last-Modified: Fri, 26 Apr 2013 12:01:52 GMT13Vary: Accept-Encoding14Content-Length: 6395115Keep-Alive: timeout=5, max=10016Connection: Keep-Alive17Content-Type: text/html1819<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">'20HEREDOC21end2223let(:get_cookies_test_five_cookies) do24<<-HEREDOC.gsub(/^ {6}/, '')25HTTP/1.1 200 OK26Date: Fri, 26 Apr 2013 08:44:54 GMT27Server: Apache/2.2.22 (Ubuntu)28X-Powered-By: PHP/5.4.6-1ubuntu1.229Set-Cookie: phpMyAdmin=gpjif0gtpqbvfion91ddtrq8p8vgjtue; path=/phpmyadmin/; HttpOnly30Expires: Thu, 19 Nov 1981 08:52:00 GMT31Cache-Control: private, max-age=10800, pre-check=1080032Last-Modified: Sun, 12 Aug 2012 13:38:18 GMT33Set-Cookie: pma_lang=en; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly34Set-Cookie: pma_collation_connection=utf8_general_ci; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly35Set-Cookie: pma_mcrypt_iv=mF1NmTE64IY%3D; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly36Set-Cookie: phpMyAdmin=fmilioji5cn4m8bo5vjrrr6q9cada954; path=/phpmyadmin/; HttpOnly37Vary: Accept-Encoding38Content-Length: 735639Keep-Alive: timeout=5, max=10040Connection: Keep-Alive41Content-Type: text/html; charset=utf-84243<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"44"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">45HEREDOC46end4748let (:get_cookies_test_five_ordered_cookies) do49<<-HEREDOC.gsub(/^ {6}/, '')50HTTP/1.1 200 OK51Date: Fri, 26 Apr 2013 08:44:54 GMT52Server: Apache/2.2.22 (Ubuntu)53X-Powered-By: PHP/5.4.6-1ubuntu1.254Expires: Thu, 19 Nov 1981 08:52:00 GMT55Cache-Control: private, max-age=10800, pre-check=1080056Last-Modified: Sun, 12 Aug 2012 13:38:18 GMT57Set-Cookie: pma_lang=en; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly58Set-Cookie: pma_collation_connection=utf8_general_ci; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly59Set-Cookie: pma_mcrypt_iv=mF1NmTE64IY%3D; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly60Set-Cookie: phpMyAdmin=fmilioji5cn4m8bo5vjrrr6q9cada954; path=/phpmyadmin/; HttpOnly61Set-Cookie: superC00kie!=stupidcookie; Path=/parp/; domain=.foo.com; HttpOnly; Expires=Wed, 13-Jan-2012 22:23:01 GMT; Secure62Vary: Accept-Encoding63Content-Length: 735664Keep-Alive: timeout=5, max=10065Connection: Keep-Alive66Content-Type: text/html; charset=utf-86768<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"69"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">70HEREDOC71end7273let (:get_cookies_test_with_empty_cookie) do74<<-HEREDOC.gsub(/^ {6}/, '')75HTTP/1.1 200 OK76Date: Fri, 26 Apr 2013 08:44:54 GMT77Server: Apache/2.2.22 (Ubuntu)78X-Powered-By: PHP/5.4.6-1ubuntu1.279Set-Cookie: phpMyAdmin=gpjif0gtpqbvfion91ddtrq8p8vgjtue; path=/phpmyadmin/; HttpOnly80Expires: Thu, 19 Nov 1981 08:52:00 GMT81Cache-Control: private, max-age=10800, pre-check=1080082Last-Modified: Sun, 12 Aug 2012 13:38:18 GMT83Set-Cookie: pma_lang=en; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly84Set-Cookie: pma_collation_connection=utf8_general_ci; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly85Set-Cookie: pma_mcrypt_iv=mF1NmTE64IY%3D; expires=Sun, 26-May-2013 08:44:54 GMT; path=/phpmyadmin/; httponly86Set-Cookie: phpMyAdmin=; path=/phpmyadmin/; HttpOnly87Vary: Accept-Encoding88Content-Length: 735689Keep-Alive: timeout=5, max=10090Connection: Keep-Alive91Content-Type: text/html; charset=utf-89293<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"94"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">95HEREDOC96end9798let (:get_cookies_test_one_set_cookie_header) do99<<-HEREDOC.gsub(/^ {6}/, '')100HTTP/1.1 200 OK101Date: Wed, 25 Sep 2013 20:29:23 GMT102Server: Apache/2.2.22 (Ubuntu)103X-Powered-By: PHP/5.4.9-4ubuntu2.2104Expires: Wed, 11 Jan 1984 05:00:00 GMT105Last-Modified: Wed, 25 Sep 2013 20:29:23 GMT106Cache-Control: no-cache, must-revalidate, max-age=0107Pragma: no-cache108Set-Cookie: wordpressuser_a97c5267613d6de70e821ff82dd1ab94=admin; path=/wordpress-2.0/, wordpresspass_a97c5267613d6de70e821ff82dd1ab94=c3284d0f94606de1fd2af172aba15bf3; path=/wordpress-2.0/109Vary: Accept-Encoding110Content-Length: 0111Content-Type: text/html; charset=UTF-8112113<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"114"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">115HEREDOC116end117118let (:get_cookies_comma_separated) do119<<-HEREDOC.gsub(/^ {6}/, '')120HTTP/1.1 200 OK121Expires: Thu, 26 Oct 1978 00:00:00 GMT122Content-Length: 8556123Server: CherryPy/3.1.2124Date: Sun, 06 Jul 2014 20:09:28 GMT125Cache-Control: no-store, max-age=0, no-cache, must-revalidate126Content-Type: text/html;charset=utf-8127Set-Cookie: cval=880350187, session_id_8000=83466b1a1a7a27ce13d35f78155d40ca3a1e7a28; expires=Mon, 07 Jul 2014 20:09:28 GMT; httponly; Path=/, uid=348637C4-9B10-485A-BFA9-5E892432FCFD; expires=Fri, 05-Jul-2019 20:09:28 GMT128129<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">130<!--[if lt IE 7]> <html xmlns="http://www.w3.org/1999/xhtml" xmlns:s="http://www.splunk.com/xhtml-extensions/1.0" xml:lang="en" lang="en" class="no-js lt-ie9 lt-ie8 lt-131HEREDOC132end133134let (:get_cookies_spaces_and_missing_semicolon) do135<<-HEREDOC.gsub(/^ {6}/, '')136HTTP/1.1 200 OK137Set-Cookie: k1=v1; k2=v2;k3=v3138139HEREDOC140end141142let (:meta_name) do143'META_NAME'144end145146let (:meta_content) do147'META_CONTENT'148end149150let (:get_html_body) do151%Q|152<html>153<head>154<title>TEST</title>155<meta name="#{meta_name}" content="#{meta_content}">156</head>157<body>158<form action="test.php">159<input name="input_1" type="hidden" value="some_value_1" />160</form>161<form>162<input name="input_0" type="text" value="Not a hidden input" />163<input name="input_1" type="hidden" value="some_value_1" />164<INPUT name="input_2" type="hidden" value="" />165</form>166<script>167function test() {168alert("hello, world!");169}170</script>171</body>172</htm>173|174end175176let (:get_xml_body) do177%Q|<?xml version="1.0"?>178<catalog>179<book id="bk101">180<author>Gambardella, Matthew</author>181<title>XML Developer's Guide</title>182<genre>Computer</genre>183<price>44.95</price>184<publish_date>2000-10-01</publish_date>185<description>An in-depth look at creating applications186with XML.</description>187</book>188</catalog>189|190end191192let (:get_json_body) do193%Q|{ "firstName": "John" }|194end195196def cookie_sanity_check(meth)197resp = described_class.new()198resp.parse(self.send meth)199cookies = resp.get_cookies200expect(cookies).not_to be_nil201expect(cookies).not_to be ''202cookies.split(';').map(&:strip)203end204205describe 'HTML parsing' do206let(:response) do207res = Rex::Proto::Http::Response.new(200, 'OK')208res.body = get_html_body209res210end211212subject do213cli = Rex::Proto::Http::Client.new('127.0.0.1')214cli.connect215req = cli.request_cgi({'uri'=>'/'})216res = cli.send_recv(req)217res218end219220before(:example) do221allow_any_instance_of(Rex::Proto::Http::Client).to receive(:request_cgi).with(any_args)222allow_any_instance_of(Rex::Proto::Http::Client).to receive(:send_recv).with(any_args).and_return(response)223allow_any_instance_of(Rex::Proto::Http::Client).to receive(:set_config).with(any_args)224allow_any_instance_of(Rex::Proto::Http::Client).to receive(:close)225allow_any_instance_of(Rex::Proto::Http::Client).to receive(:connect)226end227228describe '#get_html_document' do229context 'when a response is received' do230it 'returns a Nokogiri::HTML::Document object' do231expect(subject.get_html_document).to be_kind_of(Nokogiri::HTML::Document)232end233end234end235236describe '#get_xml_document' do237let(:response) do238res = Rex::Proto::Http::Response.new(200, 'OK')239res.body = get_xml_body240res241end242243before(:example) do244allow_any_instance_of(Rex::Proto::Http::Client).to receive(:send_recv).with(any_args).and_return(response)245end246247context 'when a response is received' do248it 'returns a Nokogiri::XML::Document object' do249expect(subject.get_xml_document).to be_kind_of(Nokogiri::XML::Document)250end251end252end253254describe '#get_json_document' do255let(:response) do256res = Rex::Proto::Http::Response.new(200, 'OK')257res.body = get_json_body258res259end260261before(:example) do262allow_any_instance_of(Rex::Proto::Http::Client).to receive(:send_recv).with(any_args).and_return(response)263end264265context 'when a response is received' do266it 'returns a Hash object' do267expect(subject.get_json_document).to be_kind_of(Hash)268end269end270end271272describe '#get_html_meta_elements' do273let(:meta_elements) do274subject.get_html_meta_elements275end276277context 'when there is a meta tag in the HTML body' do278it 'returns one Nokogiri::XML::Element object' do279expect(meta_elements.length).to eq(1)280end281282it 'returns the meta tag name' do283expect(meta_elements.first.attributes['name'].value).to eq(meta_name)284end285286it 'returns the meta tag content' do287expect(meta_elements.first.attributes['content'].value).to eq(meta_content)288end289end290end291292describe '#get_html_scripts' do293let(:script_elements) do294subject.get_html_scripts295end296297context 'when there is a script block' do298it 'returns one RKelly::Nodes::SourceElementsNode object' do299expect(script_elements.length).to eq(1)300expect(script_elements.first).to be_kind_of(RKelly::Nodes::SourceElementsNode)301end302end303end304305describe '#get_hidden_inputs' do306context 'when an HTML page contains two forms containing hidden inputs' do307it 'returns an array' do308expect(subject.get_hidden_inputs).to be_kind_of(Array)309end310311it 'returns hashes in the array' do312subject.get_hidden_inputs.each do |form|313expect(form).to be_kind_of(Hash)314end315end316317it 'returns \'some_value_1\' in the input_1 hidden input from the first element' do318expect(subject.get_hidden_inputs[0]['input_1']).to eq('some_value_1')319end320321it 'returns two hidden inputs in the second element' do322expect(subject.get_hidden_inputs[1].length).to eq(2)323end324325it 'returns an empty string for the input_2 hidden input from the second element' do326expect(subject.get_hidden_inputs[1]['input_2']).to be_empty327end328end329end330end331332333context "#get_cookies" do334335it 'returns empty string for no Set-Cookies' do336resp = described_class.new()337resp.parse(get_cookies_test_no_cookies)338expect(resp.get_cookies).to eq('')339end340341it 'returns 5 cookies when given 5 cookies non-sequentially' do342cookies_array = cookie_sanity_check(:get_cookies_test_five_cookies)343expect(cookies_array.count).to eq(5)344expect(cookies_array).to match_array %w(345pma_lang=en346pma_collation_connection=utf8_general_ci347pma_mcrypt_iv=mF1NmTE64IY%3D348phpMyAdmin=fmilioji5cn4m8bo5vjrrr6q9cada954349phpMyAdmin=gpjif0gtpqbvfion91ddtrq8p8vgjtue350)351end352353it 'returns and parses 5 cookies when given 5 ordered cookies' do354cookies_array = cookie_sanity_check(:get_cookies_test_five_ordered_cookies)355expect(cookies_array.count).to eq(5)356expected_cookies = %w{357pma_lang=en358pma_collation_connection=utf8_general_ci359pma_mcrypt_iv=mF1NmTE64IY%3D360phpMyAdmin=fmilioji5cn4m8bo5vjrrr6q9cada954361superC00kie!=stupidcookie362}363expected_cookies.shuffle!364expect(cookies_array).to include(*expected_cookies)365end366367it 'parses an empty cookie value' do368cookies_array = cookie_sanity_check(:get_cookies_test_with_empty_cookie)369expect(cookies_array.count).to eq(5)370expected_cookies = %w{371pma_lang=en372pma_collation_connection=utf8_general_ci373pma_mcrypt_iv=mF1NmTE64IY%3D374phpMyAdmin=375phpMyAdmin=gpjif0gtpqbvfion91ddtrq8p8vgjtue376}377expected_cookies.shuffle!378expect(cookies_array).to include(*expected_cookies)379380end381382it 'parses multiple cookies in one Set-Cookie header' do383cookies_array = cookie_sanity_check(:get_cookies_test_one_set_cookie_header)384expect(cookies_array.count).to eq(2)385expected_cookies = %w{386wordpressuser_a97c5267613d6de70e821ff82dd1ab94=admin387wordpresspass_a97c5267613d6de70e821ff82dd1ab94=c3284d0f94606de1fd2af172aba15bf3388}389expected_cookies.shuffle!390expect(cookies_array).to include(*expected_cookies)391end392393it 'parses comma separated cookies' do394cookies_array = cookie_sanity_check(:get_cookies_comma_separated)395expect(cookies_array.count).to eq(3)396expected_cookies = %w{397cval=880350187398session_id_8000=83466b1a1a7a27ce13d35f78155d40ca3a1e7a28399uid=348637C4-9B10-485A-BFA9-5E892432FCFD400}401expected_cookies.shuffle!402expect(cookies_array).to include(*expected_cookies)403end404405it 'parses cookies with inconsistent spacing and a missing trailing semicolons' do406resp = described_class.new()407resp.parse(self.send :get_cookies_spaces_and_missing_semicolon)408cookies = resp.get_cookies_parsed409names = cookies.keys.sort410values = []411cookies.each do |_, parsed|412parsed.value.each do |value|413values << value414end415end416values.sort!417expect(names).to eq(%w(k1 k2 k3))418expect(values).to eq(%w(v1 v2 v3))419end420421end422423end424425426427