[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] HSTS ready

From: Ander Juaristi
Subject: Re: [Bug-wget] HSTS ready
Date: Mon, 06 Jul 2015 22:23:45 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0


I've reworked my patch according to Tim's suggestions:

    - Removed the countchars() function.
    - Removed the macros SEPARATOR, SETPARAM and COPYPARAM.
    - Fixed some issues detected by Valgrind.

I also include the second patch with the test 'Test-hsts.py', plus some 
modifications in the core testing engine. In short:

  1. I've added a new optional parameter 'req_protocols', which allows to 
specify with protocol we'll be making the request with. Until now, the request 
protocol was coupled to the HTTP server: if the server was listening in HTTP, 
the protocol passed to Wget was automatically 'http://', and there was no way 
to override this. This need became apparent when testing HSTS, where we request 
'http://', but expect Wget to rewrite it to 'https://', and thus we need an 
HTTPS server. If this parameter is omitted, it preserves the original behaviour 
in which the requested protocols are the same as the ones used by the server 
(the parameter 'protocols').

    test = HTTPTest(
        name = TEST_NAME,
        pre_hook = pre_test,
        post_hook = post_test,
        test_params = test_options,
        protocols = Servers,
        req_protocols = Requests

  2. I've decoupled the calls to server_setup() and do_test(), and put them 
into two different functions, setup() and begin(). The first one is used to 
launch the test HTTP server, but not the test. The second one launches the test 
itself, and, in case setup() hasn't been called before, it calls it. This way 
we preserve backward-compatibility with original tests that only call begin(), 
but not setup().

This is how the HSTS test, in 'Test-hsts.py' works: it first calls setup(), and 
retrieves the port in which the HTTP server is listening. It then creates a 
temporary HSTS database with that port, and launches Wget (with begin()) 
against it.

On 07/01/2015 04:47 PM, Ander Juaristi wrote:
Here goes the HSTS engine! Leave your comments, please.

I must say Tim's feedback was both strict and invaluable. Two good things :D

I'm very happy with the end result. I think it's of a high quality, which 
wouldn't be if it wasn't for his feedback.

I'm late with the test cases, though. They'll follow in short. I thought they'd 
be straightforward, as the other tests, but I noticed that the Python test 
suite lacks some features which are needed to test HSTS, so I had to dig into 
the core of the testing engine and tweak some things, while still maintaining 
compatibility with existing tests. I hope I'll have them ready before next 
week, so that we can discuss whether the approach I took to fulfil my 
requirements for testing HSTS was the best one or not. Also, I hope that my 
enhancements to the test suite core will be in some way beneficial for the 
existing tests, and for those that will be written in the future, not only for 

- AJ

Attachment: 0001-Added-support-for-HSTS.patch
Description: Text Data

Attachment: 0002-Enhancements-in-testsuite-engine-new-HSTS-test.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]