Skip to content

Commit e2b52a3

Browse files
committed
Improve tests accepted results
1 parent e49f77c commit e2b52a3

4 files changed

Lines changed: 10 additions & 8 deletions

File tree

docs/content/docs/malformed-input/post-cl-huge-no-body.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ weight: 26
99
| **Test ID** | `MAL-POST-CL-HUGE-NO-BODY` |
1010
| **Category** | Malformed Input |
1111
| **RFC** | [RFC 9112 Section 6.2](https://www.rfc-editor.org/rfc/rfc9112#section-6.2) |
12-
| **Expected** | `400`/close/timeout |
12+
| **Expected** | `400`/`413`/close/timeout |
1313

1414
## What it sends
1515

@@ -34,7 +34,7 @@ The value `999999999` (~1GB) is a syntactically valid Content-Length, but no bod
3434

3535
> "The 400 (Bad Request) status code indicates that the server cannot or will not process the request due to something that is perceived to be a client error." — RFC 9110 Section 15.5.1
3636
37-
A server may reject the request with 400 if the declared body size exceeds its limits, close the connection, or timeout waiting for body data that never arrives.
37+
A server may reject the request with 400 or 413 if the declared body size exceeds its limits, close the connection, or timeout waiting for body data that never arrives.
3838

3939
## Why it matters
4040

docs/content/docs/smuggling/expect-100-cl.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ weight: 33
1010
| **Category** | Smuggling |
1111
| **RFC** | [RFC 9110 §10.1.1](https://www.rfc-editor.org/rfc/rfc9110#section-10.1.1) |
1212
| **Requirement** | Unscored |
13-
| **Expected** | `400` or `2xx` |
13+
| **Expected** | `100`, `400` or `2xx` |
1414

1515
## What it sends
1616

@@ -39,7 +39,7 @@ The body is sent immediately without waiting for a `100 Continue` response.
3939
The RFC requires the server to send either a `100 Continue` interim response or a final status code when it receives `Expect: 100-continue`. However, the client in this test sends the body immediately without waiting. The server may still process the body normally (responding `2xx`), or it may reject the request. Both behaviors are implementation-dependent and valid.
4040

4141
**Pass:** Server rejects with `400` (strict, safe).
42-
**Warn:** Server accepts and responds `2xx` (processes body despite Expect header).
42+
**Warn:** Server responds `100 Continue` (valid — sent interim response despite already having the body) or `2xx` (processes body despite Expect header).
4343

4444
## Why it matters
4545

src/Http11Probe/TestCases/Suites/MalformedInputSuite.cs

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -585,12 +585,12 @@ public static IEnumerable<TestCase> GetTestCases()
585585
$"POST / HTTP/1.1\r\nHost: {ctx.HostHeader}\r\nContent-Length: 999999999\r\n\r\n"),
586586
Expected = new ExpectedBehavior
587587
{
588-
Description = "400/close/timeout",
588+
Description = "400/413/close/timeout",
589589
CustomValidator = (response, state) =>
590590
{
591-
// If server sent a response, only 400 is acceptable
591+
// If server sent a response, 400 or 413 are acceptable
592592
if (response is not null)
593-
return response.StatusCode == 400 ? TestVerdict.Pass : TestVerdict.Fail;
593+
return response.StatusCode is 400 or 413 ? TestVerdict.Pass : TestVerdict.Fail;
594594
// No response: close or timeout means server correctly waited
595595
if (state is ConnectionState.TimedOut or ConnectionState.ClosedByServer)
596596
return TestVerdict.Pass;

src/Http11Probe/TestCases/Suites/SmugglingSuite.cs

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1082,13 +1082,15 @@ public static IEnumerable<TestCase> GetTestCases()
10821082
$"POST / HTTP/1.1\r\nHost: {ctx.HostHeader}\r\nContent-Length: 5\r\nExpect: 100-continue\r\n\r\nhello"),
10831083
Expected = new ExpectedBehavior
10841084
{
1085-
Description = "400 or 2xx",
1085+
Description = "100, 400 or 2xx",
10861086
CustomValidator = (response, state) =>
10871087
{
10881088
if (response is null)
10891089
return state == ConnectionState.ClosedByServer ? TestVerdict.Pass : TestVerdict.Fail;
10901090
if (response.StatusCode == 400)
10911091
return TestVerdict.Pass;
1092+
if (response.StatusCode == 100)
1093+
return TestVerdict.Warn;
10921094
if (response.StatusCode is >= 200 and < 300)
10931095
return TestVerdict.Warn;
10941096
return TestVerdict.Fail;

0 commit comments

Comments
 (0)