nuclei/pkg/protocols/offlinehttp/read_response_test.go

package offlinehttp

import (
	"fmt"
	"io"
	"net/http"
	"net/http/httptest"
	"net/http/httputil"
	"testing"
	"time"

	"github.com/julienschmidt/httprouter"
	"github.com/stretchr/testify/require"
)

func TestReadResponseFromString(t *testing.T) {
	expectedBody := `<!DOCTYPE html>
<html>
<head>
<title>Firing Range</title>
</head>
<body>
   <h1>Version 0.48</h1>
   <h1>What is the Firing Range?</h1>
   <p>
</body>
</html>`

	tests := []struct {
		name string
		data string
	}{
		{
			name: "response",
			data: `HTTP/1.1 200 OK
Age: 0
Cache-Control: public, max-age=600
Content-Type: text/html
Server: Google Frontend

<!DOCTYPE html>
<html>
<head>
<title>Firing Range</title>
</head>
<body>
   <h1>Version 0.48</h1>
   <h1>What is the Firing Range?</h1>
   <p>
</body>
</html>`,
		},
		{
			name: "response-http2-without-minor-version",
			data: `HTTP/2 200 OK
Age: 0
Cache-Control: public, max-age=600
Content-Type: text/html
Server: Google Frontend

<!DOCTYPE html>
<html>
<head>
<title>Firing Range</title>
</head>
<body>
   <h1>Version 0.48</h1>
   <h1>What is the Firing Range?</h1>
   <p>
</body>
</html>`,
		},
		{
			name: "response-http2-with-minor-version",
			data: `HTTP/2.0 200 OK
Age: 0
Cache-Control: public, max-age=600
Content-Type: text/html
Server: Google Frontend

<!DOCTYPE html>
<html>
<head>
<title>Firing Range</title>
</head>
<body>
   <h1>Version 0.48</h1>
   <h1>What is the Firing Range?</h1>
   <p>
</body>
</html>`,
		},
		{
			name: "request-response",
			data: `GET http://public-firing-range.appspot.com/ HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.96 Safari/537.36

HTTP/1.1 200 OK
Age: 0
Cache-Control: public, max-age=600
Content-Type: text/html
Server: Google Frontend

<!DOCTYPE html>
<html>
<head>
<title>Firing Range</title>
</head>
<body>
   <h1>Version 0.48</h1>
   <h1>What is the Firing Range?</h1>
   <p>
</body>
</html>`,
		},
		{
			name: "request-response-without-minor-version",
			data: `GET http://public-firing-range.appspot.com/ HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.96 Safari/537.36

HTTP/2 200 OK
Age: 0
Cache-Control: public, max-age=600
Content-Type: text/html
Server: Google Frontend

<!DOCTYPE html>
<html>
<head>
<title>Firing Range</title>
</head>
<body>
   <h1>Version 0.48</h1>
   <h1>What is the Firing Range?</h1>
   <p>
</body>
</html>`,
		},
	}

	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			resp, err := readResponseFromString(tt.data)
			require.Nil(t, err, "could not read response from string")

			respData, err := io.ReadAll(resp.Body)
			require.Nil(t, err, "could not read response body")
			require.Equal(t, expectedBody, string(respData), "could not get correct parsed body")
			require.Equal(t, "Google Frontend", resp.Header.Get("Server"), "could not get correct headers")
		})
	}

	t.Run("test-live-response-with-content-length", func(t *testing.T) {
		var ts *httptest.Server
		router := httprouter.New()
		router.GET("/", func(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
			w.Header().Add("Server", "Google Frontend")
			_, _ = fmt.Fprintf(w, "%s", `<!DOCTYPE html>
			<html>
			<head>
			<title>Firing Range</title>
			</head>
			<body>
			   <h1>Version 0.48</h1>
			   <h1>What is the Firing Range?</h1>
			   <p>
			</body>
			</html>`)
		})
		ts = httptest.NewServer(router)
		defer ts.Close()

		client := &http.Client{
			Timeout: 3 * time.Second,
		}

		data, err := client.Get(ts.URL)
		require.Nil(t, err, "could not dial url")
		defer func() {
			_ = data.Body.Close()
		}()

		b, err := httputil.DumpResponse(data, true)
		require.Nil(t, err, "could not dump response")

		respData, err := readResponseFromString(string(b))
		require.Nil(t, err, "could not read response from string")

		_, err = io.ReadAll(respData.Body)
		require.Nil(t, err, "could not read response body")

		require.Equal(t, "Google Frontend", respData.Header.Get("Server"), "could not get correct headers")

	})
}
Added offline http response processing feature 2021-02-06 00:36:43 +05:30			`package offlinehttp`

			`import (`
Fixing http test using local http mock server 2021-11-10 18:04:53 +01:00			`"fmt"`
Refactoring file templates to handle large files in chunks + removing deprecated io methods 2022-02-23 13:54:46 +01:00			`"io"`
add test live response 2021-10-02 22:10:05 +07:00			`"net/http"`
Fixing http test using local http mock server 2021-11-10 18:04:53 +01:00			`"net/http/httptest"`
add test live response 2021-10-02 22:10:05 +07:00			`"net/http/httputil"`
Added offline http response processing feature 2021-02-06 00:36:43 +05:30			`"testing"`
add test live response 2021-10-02 22:10:05 +07:00			`"time"`
Added offline http response processing feature 2021-02-06 00:36:43 +05:30
Fixing http test using local http mock server 2021-11-10 18:04:53 +01:00			`"github.com/julienschmidt/httprouter"`
Added offline http response processing feature 2021-02-06 00:36:43 +05:30			`"github.com/stretchr/testify/require"`
			`)`

			`func TestReadResponseFromString(t *testing.T) {`
			expectedBody := `<!DOCTYPE html>
			`<html>`
			`<head>`
			`<title>Firing Range</title>`
			`</head>`
			`<body>`
			`<h1>Version 0.48</h1>`
			`<h1>What is the Firing Range?</h1>`
			`<p>`
			`</body>`
			</html>`

using table driven tests 2021-10-02 15:05:03 +07:00			`tests := []struct {`
			`name string`
			`data string`
			`}{`
			`{`
			`name: "response",`
			data: `HTTP/1.1 200 OK
Added offline http response processing feature 2021-02-06 00:36:43 +05:30			`Age: 0`
			`Cache-Control: public, max-age=600`
			`Content-Type: text/html`
			`Server: Google Frontend`

add test for response without http minor version 2021-10-02 14:31:18 +07:00			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<title>Firing Range</title>`
			`</head>`
			`<body>`
			`<h1>Version 0.48</h1>`
			`<h1>What is the Firing Range?</h1>`
			`<p>`
			`</body>`
using table driven tests 2021-10-02 15:05:03 +07:00			</html>`,
			`},`
			`{`
			`name: "response-http2-without-minor-version",`
			data: `HTTP/2 200 OK
add test for response without http minor version 2021-10-02 14:31:18 +07:00			`Age: 0`
			`Cache-Control: public, max-age=600`
			`Content-Type: text/html`
			`Server: Google Frontend`

			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<title>Firing Range</title>`
			`</head>`
			`<body>`
			`<h1>Version 0.48</h1>`
			`<h1>What is the Firing Range?</h1>`
			`<p>`
			`</body>`
using table driven tests 2021-10-02 15:05:03 +07:00			</html>`,
			`},`
			`{`
			`name: "response-http2-with-minor-version",`
			data: `HTTP/2.0 200 OK
add test for response without http minor version 2021-10-02 14:31:18 +07:00			`Age: 0`
			`Cache-Control: public, max-age=600`
			`Content-Type: text/html`
			`Server: Google Frontend`

Added offline http response processing feature 2021-02-06 00:36:43 +05:30			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<title>Firing Range</title>`
			`</head>`
			`<body>`
			`<h1>Version 0.48</h1>`
			`<h1>What is the Firing Range?</h1>`
			`<p>`
			`</body>`
using table driven tests 2021-10-02 15:05:03 +07:00			</html>`,
			`},`
			`{`
			`name: "request-response",`
			data: `GET http://public-firing-range.appspot.com/ HTTP/1.1
Added offline http response processing feature 2021-02-06 00:36:43 +05:30			`Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9`
			`Accept-Encoding: gzip, deflate`
			`Upgrade-Insecure-Requests: 1`
			`User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.96 Safari/537.36`

			`HTTP/1.1 200 OK`
			`Age: 0`
			`Cache-Control: public, max-age=600`
			`Content-Type: text/html`
			`Server: Google Frontend`

			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<title>Firing Range</title>`
			`</head>`
			`<body>`
			`<h1>Version 0.48</h1>`
			`<h1>What is the Firing Range?</h1>`
			`<p>`
			`</body>`
using table driven tests 2021-10-02 15:05:03 +07:00			</html>`,
			`},`
			`{`
			`name: "request-response-without-minor-version",`
			data: `GET http://public-firing-range.appspot.com/ HTTP/1.1
add test for response without http minor version 2021-10-02 14:31:18 +07:00			`Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9`
			`Accept-Encoding: gzip, deflate`
			`Upgrade-Insecure-Requests: 1`
			`User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 11_1_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.96 Safari/537.36`

			`HTTP/2 200 OK`
			`Age: 0`
			`Cache-Control: public, max-age=600`
			`Content-Type: text/html`
			`Server: Google Frontend`

			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<title>Firing Range</title>`
			`</head>`
			`<body>`
			`<h1>Version 0.48</h1>`
			`<h1>What is the Firing Range?</h1>`
			`<p>`
			`</body>`
using table driven tests 2021-10-02 15:05:03 +07:00			</html>`,
			`},`
			`}`

			`for _, tt := range tests {`
			`t.Run(tt.name, func(t *testing.T) {`
			`resp, err := readResponseFromString(tt.data)`
			`require.Nil(t, err, "could not read response from string")`

Refactoring file templates to handle large files in chunks + removing deprecated io methods 2022-02-23 13:54:46 +01:00			`respData, err := io.ReadAll(resp.Body)`
using table driven tests 2021-10-02 15:05:03 +07:00			`require.Nil(t, err, "could not read response body")`
			`require.Equal(t, expectedBody, string(respData), "could not get correct parsed body")`
			`require.Equal(t, "Google Frontend", resp.Header.Get("Server"), "could not get correct headers")`
			`})`
			`}`
add test live response 2021-10-02 22:10:05 +07:00
			`t.Run("test-live-response-with-content-length", func(t *testing.T) {`
Fixing http test using local http mock server 2021-11-10 18:04:53 +01:00			`var ts *httptest.Server`
			`router := httprouter.New()`
refactor: removed redundant type conversion 2021-11-25 17:18:54 +02:00			`router.GET("/", func(w http.ResponseWriter, r *http.Request, p httprouter.Params) {`
Fixing http test using local http mock server 2021-11-10 18:04:53 +01:00			`w.Header().Add("Server", "Google Frontend")`
build: bump all direct modules (#6290) * chore: fix non-constant fmt string in call Signed-off-by: Dwi Siswanto <git@dw1.io> * build: bump all direct modules Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(hosterrorscache): update import path Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(charts): break changes Signed-off-by: Dwi Siswanto <git@dw1.io> * build: pinned `github.com/zmap/zcrypto` to v0.0.0-20240512203510-0fef58d9a9db Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: golangci-lint auto fixes Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: satisfy lints Signed-off-by: Dwi Siswanto <git@dw1.io> * build: migrate `github.com/xanzy/go-gitlab` => `gitlab.com/gitlab-org/api/client-go` Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(json): update build constraints Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: dont panicking on close err Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> 2025-07-01 00:40:44 +07:00			_, _ = fmt.Fprintf(w, "%s", `<!DOCTYPE html>
Fixing http test using local http mock server 2021-11-10 18:04:53 +01:00			`<html>`
			`<head>`
			`<title>Firing Range</title>`
			`</head>`
			`<body>`
			`<h1>Version 0.48</h1>`
			`<h1>What is the Firing Range?</h1>`
			`<p>`
			`</body>`
			</html>`)
refactor: removed redundant type conversion 2021-11-25 17:18:54 +02:00			`})`
Fixing http test using local http mock server 2021-11-10 18:04:53 +01:00			`ts = httptest.NewServer(router)`
			`defer ts.Close()`

add test live response 2021-10-02 22:10:05 +07:00			`client := &http.Client{`
			`Timeout: 3 * time.Second,`
			`}`

Fixing http test using local http mock server 2021-11-10 18:04:53 +01:00			`data, err := client.Get(ts.URL)`
add test live response 2021-10-02 22:10:05 +07:00			`require.Nil(t, err, "could not dial url")`
build: bump all direct modules (#6290) * chore: fix non-constant fmt string in call Signed-off-by: Dwi Siswanto <git@dw1.io> * build: bump all direct modules Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(hosterrorscache): update import path Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(charts): break changes Signed-off-by: Dwi Siswanto <git@dw1.io> * build: pinned `github.com/zmap/zcrypto` to v0.0.0-20240512203510-0fef58d9a9db Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: golangci-lint auto fixes Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: satisfy lints Signed-off-by: Dwi Siswanto <git@dw1.io> * build: migrate `github.com/xanzy/go-gitlab` => `gitlab.com/gitlab-org/api/client-go` Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(json): update build constraints Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: dont panicking on close err Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> 2025-07-01 00:40:44 +07:00			`defer func() {`
			`_ = data.Body.Close()`
			`}()`
add test live response 2021-10-02 22:10:05 +07:00
			`b, err := httputil.DumpResponse(data, true)`
			`require.Nil(t, err, "could not dump response")`

			`respData, err := readResponseFromString(string(b))`
			`require.Nil(t, err, "could not read response from string")`

Refactoring file templates to handle large files in chunks + removing deprecated io methods 2022-02-23 13:54:46 +01:00			`_, err = io.ReadAll(respData.Body)`
add test live response 2021-10-02 22:10:05 +07:00			`require.Nil(t, err, "could not read response body")`

			`require.Equal(t, "Google Frontend", respData.Header.Get("Server"), "could not get correct headers")`

			`})`
Added offline http response processing feature 2021-02-06 00:36:43 +05:30			`}`