Grasscutters/mitmproxy
3
0
Fork 0
mirror of https://github.com/Grasscutters/mitmproxy.git synced 2024-11-26 18:18:25 +00:00
Code Issues Projects Releases Wiki Activity

Allow execution of specs from file, using +./path

Browse Source
This commit is contained in:
Aldo Cortesi 2012-07-22 23:37:46 +12:00
parent 33208b8720
commit 1b03fd6780
9 changed files with 88 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
libpathod/pathoc.py
View File

@ -1,4 +1,4 @@
import sys
import sys, os
from netlib import tcp, http
import rparse
@ -18,14 +18,19 @@ def print_full(fp, httpversion, code, msg, headers, content):
class Pathoc(tcp.TCPClient):
def __init__(self, host, port):
tcp.TCPClient.__init__(self, host, port)
self.settings = dict(
staticdir = os.getcwd(),
unconstrained_file_access = True
)
def request(self, spec):
"""
Return an (httpversion, code, msg, headers, content) tuple.
May raise rparse.ParseException and netlib.http.HttpError.
May raise rparse.ParseException, netlib.http.HttpError or
rparse.FileAccessDenied.
"""
r = rparse.parse_request({}, spec)
r = rparse.parse_request(self.settings, spec)
ret = r.serve(self.wfile)
self.wfile.flush()
return http.read_response(self.rfile, r.method, None)
@ -37,7 +42,7 @@ class Pathoc(tcp.TCPClient):
"""
for i in reqs:
try:
r = rparse.parse_request({}, i)
r = rparse.parse_request(self.settings, i)
req = r.serve(self.wfile)
if reqdump:
print >> fp, "\n>>", req["method"], repr(req["path"])
@ -52,6 +57,9 @@ class Pathoc(tcp.TCPClient):
print >> fp, "Error parsing request spec: %s"%v.msg
print >> fp, v.marked()
return
except rparse.FileAccessDenied, v:
print >> fp, "File access error: %s"%v
return
except http.HttpError, v:
print >> fp, "<<", v.msg
return

5
libpathod/pathod.py
View File

@ -71,6 +71,11 @@ class PathodHandler(tcp.BaseHandler):
800,
"Error parsing response spec: %s\n"%v.msg + v.marked()
)
except rparse.FileAccessDenied:
crafted = rparse.InternalResponse(
800,
"Access Denied"
)
request_log = dict(
path = path,

29
libpathod/rparse.py
View File

@ -6,6 +6,8 @@ import utils
BLOCKSIZE = 1024
TRUNCATE = 1024
class FileAccessDenied(Exception): pass
class ParseException(Exception):
def __init__(self, msg, s, col):
Exception.__init__(self)
@ -675,7 +677,29 @@ class InternalResponse(Response):
return d
FILESTART = "+"
def read_file(settings, s):
uf = settings.get("unconstrained_file_access")
sd = settings.get("staticdir")
if not sd:
raise FileAccessDenied("File access disabled.")
sd = os.path.normpath(os.path.abspath(sd))
s = s[1:]
s = os.path.expanduser(s)
s = os.path.normpath(os.path.abspath(os.path.join(sd, s)))
if not uf and not s.startswith(sd):
raise FileAccessDenied("File access outside of configured directory")
if not os.path.isfile(s):
raise FileAccessDenied("File not readable")
return file(s, "r").read()
def parse_response(settings, s):
"""
May raise ParseException or FileAccessDenied
"""
if s.startswith(FILESTART):
s = read_file(settings, s)
try:
return CraftedResponse(settings, s, Response.expr().parseString(s, parseAll=True))
except pp.ParseException, v:
@ -683,6 +707,11 @@ def parse_response(settings, s):
def parse_request(settings, s):
"""
May raise ParseException or FileAccessDenied
"""
if s.startswith(FILESTART):
s = read_file(settings, s)
try:
return CraftedRequest(settings, s, Request.expr().parseString(s, parseAll=True))
except pp.ParseException, v:

2
libpathod/templates/docs_lang.html
View File

@ -109,7 +109,7 @@
<h1>Executing specs from file</h1>
</div>
<pre class="example">=./path/to/spec</pre>
<pre class="example">+./path/to/spec</pre>
<div class="page-header">

1
test/data/request Normal file
View File

@ -0,0 +1 @@
get:/foo

1
test/data/response Normal file
View File

@ -0,0 +1 @@
202

5
test/test_pathoc.py
View File

@ -41,3 +41,8 @@ class TestDaemon:
def test_conn_err(self):
assert "Invalid server response" in self.tval(["get:'/p/200:d2'"])
def test_fileread(self):
d = tutils.test_data.path("data/request")
assert "foo" in self.tval(["+%s"%d])
assert "File" in self.tval(["+/nonexistent"])

4
test/test_pathod.py
View File

@ -121,6 +121,10 @@ class _DaemonTests:
assert l["type"] == "error"
assert "Invalid" in l["msg"]
def test_access_denied(self):
rsp = self.get("=nonexistent")
assert rsp.status_code == 800
class TestDaemon(_DaemonTests):
SSL = False

33
test/test_rparse.py
View File

@ -229,6 +229,12 @@ class TestPauses:
class TestParseRequest:
def test_file(self):
p = tutils.test_data.path("data")
d = dict(staticdir=p)
r = rparse.parse_request(d, "+request")
assert r.path == "/foo"
def test_err(self):
tutils.raises(rparse.ParseException, rparse.parse_request, {}, 'GET')
@ -266,9 +272,9 @@ class TestParseRequest:
GET
"/foo
bar"
ir,@1
@ -394,6 +400,12 @@ class TestResponse:
def dummy_response(self):
return rparse.parse_response({}, "400'msg'")
def test_file(self):
p = tutils.test_data.path("data")
d = dict(staticdir=p)
r = rparse.parse_response(d, "+response")
assert r.code == 202
def test_response(self):
r = rparse.parse_response({}, "400'msg'")
assert r.code == 400
@ -417,3 +429,18 @@ class TestResponse:
testlen(rparse.parse_response({}, "400'msg'"))
testlen(rparse.parse_response({}, "400'msg':h'foo'='bar'"))
testlen(rparse.parse_response({}, "400'msg':h'foo'='bar':b@100b"))
def test_read_file():
tutils.raises(rparse.FileAccessDenied, rparse.read_file, {}, "=/foo")
p = tutils.test_data.path("data")
d = dict(staticdir=p)
assert rparse.read_file(d, "+./file").strip() == "testfile"
assert rparse.read_file(d, "+file").strip() == "testfile"
tutils.raises(rparse.FileAccessDenied, rparse.read_file, d, "+./nonexistent")
tutils.raises(rparse.FileAccessDenied, rparse.read_file, d, "+/nonexistent")
tutils.raises(rparse.FileAccessDenied, rparse.read_file, d, "+../test_rparse.py")
d["unconstrained_file_access"] = True
assert rparse.read_file(d, "+../test_rparse.py")