mirror of
https://github.com/bolucat/Archive.git
synced 2025-09-27 04:30:12 +08:00
199 lines
6.2 KiB
Go
199 lines
6.2 KiB
Go
package forwardproxy
|
|
|
|
import (
|
|
"net/http"
|
|
"testing"
|
|
)
|
|
|
|
/*
|
|
test port blocking working
|
|
test blacklist allowed
|
|
test blacklist refused with correct status
|
|
*/
|
|
|
|
func TestWhitelistAllowing(t *testing.T) {
|
|
const useTLS = true
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy(caddyTestTarget.addr, resource, caddyForwardProxyWhiteListing.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if err = responseExpected(response, caddyTestTarget.contents[resource]); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestWhitelistBlocking(t *testing.T) {
|
|
const useTLS = true
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy(caddyHTTPTestTarget.addr, resource, caddyForwardProxyWhiteListing.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy("google.com:6451", resource, caddyForwardProxyWhiteListing.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestLocalhostDefaultForbidden(t *testing.T) {
|
|
const useTLS = true
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy("localhost:6451", resource, caddyForwardProxyNoBlacklistOverride.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy("127.0.0.1:808", resource, caddyForwardProxyNoBlacklistOverride.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy("[::1]:8080", resource, caddyForwardProxyNoBlacklistOverride.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestLocalNetworksDefaultForbidden(t *testing.T) {
|
|
const useTLS = true
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy("10.0.0.0:80", resource, caddyForwardProxyNoBlacklistOverride.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy("127.222.34.1:443", resource, caddyForwardProxyNoBlacklistOverride.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy("172.16.0.1:8080", resource, caddyForwardProxyNoBlacklistOverride.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy("192.168.192.168:888", resource, caddyForwardProxyNoBlacklistOverride.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestBlacklistBlocking(t *testing.T) {
|
|
const useTLS = true
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy(blacklistedDomain, resource, caddyForwardProxyBlackListing.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy(blacklistedIPv4, resource, caddyForwardProxyBlackListing.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy("["+blacklistedIPv6+"]:80", resource, caddyForwardProxyBlackListing.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if response.StatusCode != http.StatusForbidden {
|
|
t.Fatal("Expected response \"403 Forbidden\", got:", response.StatusCode)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestBlacklistAllowing(t *testing.T) {
|
|
const useTLS = true
|
|
for _, httpProxyVer := range testHTTPProxyVersions {
|
|
for _, resource := range testResources {
|
|
response, err := getViaProxy(caddyTestTarget.addr, resource, caddyForwardProxyBlackListing.addr, httpProxyVer,
|
|
"", useTLS)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
} else if err = responseExpected(response, caddyTestTarget.contents[resource]); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
}
|
|
}
|