Skip to content

Commit

Permalink
feat: Implementing lazy parsing for security and modern headers and u…
Browse files Browse the repository at this point in the history 
…pdating tests
  • Loading branch information
@klkucaj
klkucaj committed Dec 19, 2024
1 parent bd0d49d commit 1dcbf92
Show file tree
Hide file tree
Showing 14 changed files with 433 additions and 138 deletions.
383 changes: 245 additions & 138 deletions lib/src/headers/headers.dart
View file

Large diffs are not rendered by default.

15 changes: 15 additions & 0 deletions test/headers/typed_headers/access_control_allow_headers_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,21 @@ void main() {
},
);

test(
'when a Access-Control-Allow-Headers header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'access-control-allow-headers': '*, Content-Type'},
echoHeaders: false,
);

expect(headers, isNotNull);
},
);

test(
'when a valid Access-Control-Allow-Headers header is passed then it should parse the headers correctly',
() async {
Expand Down
15 changes: 15 additions & 0 deletions test/headers/typed_headers/access_control_allow_methods_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,21 @@ void main() {
},
);

test(
'when a Access-Control-Allow-Methods header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'access-control-allow-methods': 'CUSTOM'},
echoHeaders: false,
);

expect(headers, isNotNull);
},
);

test(
'when a valid Access-Control-Allow-Methods header is passed then it should parse the methods correctly',
() async {
Expand Down
14 changes: 14 additions & 0 deletions test/headers/typed_headers/clear_site_data_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,20 @@ void main() {
},
);

test(
'when a Clear-Site-Data header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'clear-site-data': '"cache", "*", "cookies"'},
echoHeaders: false,
);
expect(headers, isNotNull);
},
);

test(
'when a valid Clear-Site-Data header is passed then it should parse the data types correctly',
() async {
Expand Down
15 changes: 15 additions & 0 deletions test/headers/typed_headers/content_security_policy_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,21 @@ void main() {
},
);

test(
'when a Content-Security-Policy header with an empty value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'content-security-policy': ''},
echoHeaders: false,
);

expect(headers, isNotNull);
},
);

test(
'when a valid Content-Security-Policy header is passed then it should parse the directives correctly',
() async {
Expand Down
14 changes: 14 additions & 0 deletions test/headers/typed_headers/cross_origin_embedder_policy_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,20 @@ void main() {
},
);

test(
'when a Cross-Origin-Embedder-Policy header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'cross-origin-embedder-policy': 'custom-policy'},
echoHeaders: false,
);
expect(headers, isNotNull);
},
);

test(
'when a valid Cross-Origin-Embedder-Policy header is passed then it should parse the policy correctly',
() async {
Expand Down
14 changes: 14 additions & 0 deletions test/headers/typed_headers/cross_origin_opener_policy_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,20 @@ void main() {
},
);

test(
'when a Cross-Origin-Opener-Policy header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'cross-origin-opener-policy': 'custom-policy'},
echoHeaders: false,
);
expect(headers, isNotNull);
},
);

test(
'when a valid Cross-Origin-Opener-Policy header is passed then it should parse the policy correctly',
() async {
Expand Down
14 changes: 14 additions & 0 deletions test/headers/typed_headers/cross_origin_resource_policy_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,20 @@ void main() {
},
);

test(
'when a Cross-Origin-Resource-Policy header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'cross-origin-resource-policy': 'custom-policy'},
echoHeaders: false,
);
expect(headers, isNotNull);
},
);

test(
'when a valid Cross-Origin-Resource-Policy header is passed then it should parse the policy correctly',
() async {
Expand Down
15 changes: 15 additions & 0 deletions test/headers/typed_headers/permissions_policy_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,21 @@ void main() {
},
);

test(
'when a Permissions-Policy header with an empty value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'permissions-policy': ''},
echoHeaders: false,
);

expect(headers, isNotNull);
},
);

test(
'when a valid Permissions-Policy header is passed then it should parse the policies correctly',
() async {
Expand Down
15 changes: 15 additions & 0 deletions test/headers/typed_headers/referrer_policy_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,21 @@ void main() {
},
);

test(
'when a Referrer-Policy header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'referrer-policy': 'invalid-value'},
echoHeaders: false,
);

expect(headers, isNotNull);
},
);

test(
'when a valid Referrer-Policy header is passed then it should parse the policy correctly',
() async {
Expand Down
14 changes: 14 additions & 0 deletions test/headers/typed_headers/sec_fetch_dest_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,20 @@ void main() {
},
);

test(
'when a Sec-Fetch-Dest header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'sec-fetch-dest': 'custom-destination'},
echoHeaders: false,
);
expect(headers, isNotNull);
},
);

test(
'when a valid Sec-Fetch-Dest header is passed then it should parse the destination correctly',
() async {
Expand Down
14 changes: 14 additions & 0 deletions test/headers/typed_headers/sec_fetch_mode_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,20 @@ void main() {
},
);

test(
'when a Sec-Fetch-Mode header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'sec-fetch-mode': 'custom-mode'},
echoHeaders: false,
);
expect(headers, isNotNull);
},
);

test(
'when a valid Sec-Fetch-Mode header is passed then it should parse the mode correctly',
() async {
Expand Down
14 changes: 14 additions & 0 deletions test/headers/typed_headers/sec_fetch_site_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,6 +66,20 @@ void main() {
},
);

test(
'when a Sec-Fetch-Site header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'sec-fetch-site': 'custom-site'},
echoHeaders: false,
);
expect(headers, isNotNull);
},
);

test(
'when a valid Sec-Fetch-Site header is passed then it should parse the site correctly',
() async {
Expand Down
15 changes: 15 additions & 0 deletions test/headers/typed_headers/strict_transport_security_header_test.dart
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,21 @@ void main() {
},
);

test(
'when a Strict-Transport-Security header with an invalid value is passed '
'then the server does not respond with a bad request if the headers '
'is not actually used',
() async {
Headers headers = await getServerRequestHeaders(
server: server,
headers: {'strict-transport-security': 'max-age=abc'},
echoHeaders: false,
);

expect(headers, isNotNull);
},
);

test(
'when a valid Strict-Transport-Security header is passed then it should parse the directives correctly',
() async {
Expand Down

0 comments on commit 1dcbf92

Please sign in to comment.