diff options
| author | Aldo Cortesi <aldo@nullcube.com> | 2012-10-25 10:59:18 +1300 |
|---|---|---|
| committer | Aldo Cortesi <aldo@nullcube.com> | 2012-10-25 10:59:18 +1300 |
| commit | 6174e46023e798517ac206b7681dd9c7d36b1283 (patch) | |
| tree | 77909d09a82834be448903d7d0ef97de5439f0a4 /libpathod | |
| parent | 173b5c596e72700544f0252040adf3cbe8ebcb50 (diff) | |
| download | mitmproxy-6174e46023e798517ac206b7681dd9c7d36b1283.tar.gz mitmproxy-6174e46023e798517ac206b7681dd9c7d36b1283.tar.bz2 mitmproxy-6174e46023e798517ac206b7681dd9c7d36b1283.zip | |
Unit test suite love: 100% coverage
Also start figuring out how to sanitize binary data in the JSON API.
Diffstat (limited to 'libpathod')
| -rw-r--r-- | libpathod/app.py | 18 | ||||
| -rw-r--r-- | libpathod/language.py | 11 | ||||
| -rw-r--r-- | libpathod/pathod.py | 6 |
3 files changed, 22 insertions, 13 deletions
diff --git a/libpathod/app.py b/libpathod/app.py index fc4e23ec..1ebe9901 100644 --- a/libpathod/app.py +++ b/libpathod/app.py @@ -13,17 +13,17 @@ def api(): ) - @app.route('/api/log') - def api_log(): - return jsonify( - log = app.config["pathod"].get_log() - ) +@app.route('/api/log') +def api_log(): + return jsonify( + log = app.config["pathod"].get_log() + ) - @app.route('/api/clear_log') - def api_clear_log(): - app.config["pathod"].clear_log() - return "OK" +@app.route('/api/clear_log') +def api_clear_log(): + app.config["pathod"].clear_log() + return "OK" def render(s, cacheable, **kwargs): diff --git a/libpathod/language.py b/libpathod/language.py index c9aa7f66..fa80360b 100644 --- a/libpathod/language.py +++ b/libpathod/language.py @@ -428,7 +428,7 @@ class _Action: def __repr__(self): return self.spec() - + def accept(self, settings, r): r.actions.append(self) @@ -665,6 +665,7 @@ class Message: # Careful not to log any VALUE specs without sanitizing them first. We truncate at 1k. if hasattr(v, "__len__"): v = v[:TRUNCATE] + v = v.encode("string_escape") ret[i] = v return ret @@ -815,6 +816,10 @@ def parse_response(settings, s): """ May raise ParseException or FileAccessDenied """ + try: + s.decode("ascii") + except UnicodeError: + raise ParseException("Spec must be valid ASCII.", 0, 0) if s.startswith(FILESTART): s = read_file(settings, s) try: @@ -827,6 +832,10 @@ def parse_request(settings, s): """ May raise ParseException or FileAccessDenied """ + try: + s.decode("ascii") + except UnicodeError: + raise ParseException("Spec must be valid ASCII.", 0, 0) if s.startswith(FILESTART): s = read_file(settings, s) try: diff --git a/libpathod/pathod.py b/libpathod/pathod.py index 9d343a51..d4535d03 100644 --- a/libpathod/pathod.py +++ b/libpathod/pathod.py @@ -1,4 +1,4 @@ -import urllib, threading, re, logging, socket, sys +import urllib, threading, re, logging, socket, sys, base64 from netlib import tcp, http, odict, wsgi import netlib.utils import version, app, language @@ -149,10 +149,10 @@ class PathodHandler(tcp.BaseHandler): again, log = self.handle_request() if log: if self.server.logreq: - log["request_bytes"] = self.rfile.get_log() + log["request_bytes"] = self.rfile.get_log().encode("string_escape") self._log_bytes("Request", log["request_bytes"], self.server.hexdump) if self.server.logresp: - log["response_bytes"] = self.wfile.get_log() + log["response_bytes"] = self.wfile.get_log().encode("string_escape") self._log_bytes("Response", log["response_bytes"], self.server.hexdump) self.server.add_log(log) if not again: |