X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=t%2Fhttpd-corner.t;h=c99e5ec76157d0611ad82344425ed17db50a6905;hb=fa19cdc57074e6efeec2379f2b4e8d14f71773e4;hp=1f2bb53f7b932afacaedf22fca57ee871335d973;hpb=9689c65f42c0acc9021953b29ce55730c4cd841d;p=public-inbox.git

diff --git a/t/httpd-corner.t b/t/httpd-corner.t
index 1f2bb53f..c99e5ec7 100644
--- a/t/httpd-corner.t
+++ b/t/httpd-corner.t
@@ -1,4 +1,4 @@
-# Copyright (C) 2016-2019 all contributors <meta@public-inbox.org>
+# Copyright (C) 2016-2020 all contributors <meta@public-inbox.org>
 # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
 # note: our HTTP server should be standalone and capable of running
 # generic PSGI/Plack apps.
@@ -154,6 +154,38 @@ SKIP: {
 	like($head, qr/\b413\b/, 'got 413 response');
 }
 
+{
+	my $conn = conn_for($sock, '1.1 Transfer-Encoding bogus');
+	$conn->write("PUT /sha1 HTTP/1.1\r\nTransfer-Encoding: bogus\r\n\r\n");
+	$conn->read(my $buf, 4096);
+	like($buf, qr!\AHTTP/1\.[0-9] 400 !, 'got 400 response on bogus TE');
+}
+{
+	my $conn = conn_for($sock, '1.1 Content-Length bogus');
+	$conn->write("PUT /sha1 HTTP/1.1\r\nContent-Length: 3.3\r\n\r\n");
+	$conn->read(my $buf, 4096);
+	like($buf, qr!\AHTTP/1\.[0-9] 400 !, 'got 400 response on bad length');
+}
+
+{
+	my $req = "PUT /sha1 HTTP/1.1\r\nContent-Length: 3\r\n" .
+			"Content-Length: 3\r\n\r\n";
+	# this is stricter than it needs to be.  Due to the way
+	# Plack::HTTPParser, PSGI specs, and how hash tables work in common
+	# languages; it's not possible to tell the difference between folded
+	# and intentionally bad commas (e.g. "Content-Length: 3, 3")
+	if (0) {
+		require Plack::HTTPParser; # XS or pure Perl
+		require Data::Dumper;
+		Plack::HTTPParser::parse_http_request($req, my $env = {});
+		diag Data::Dumper::Dumper($env); # "Content-Length: 3, 3"
+	}
+	my $conn = conn_for($sock, '1.1 Content-Length dupe');
+	$conn->write($req);
+	$conn->read(my $buf, 4096);
+	like($buf, qr!\AHTTP/1\.[0-9] 400 !, 'got 400 response on dupe length');
+}
+
 {
 	my $conn = conn_for($sock, 'chunk with pipeline');
 	my $n = 10;
@@ -278,7 +310,7 @@ SKIP: {
 	waitpid($pid, 0);
 	is($?, 0, 'curl exited successfully');
 	is(-s $cerr, 0, 'no errors from curl');
-	$cout->seek(0, SEEK_SET);
+	seek($cout, 0, SEEK_SET);
 	is(<$cout>, sha1_hex($str), 'read expected body');
 
 	open my $fh, '-|', qw(curl -sS), "$base/async-big" or die $!;