+package de.juplo.accelerator;
+
+import com.meterware.httpunit.WebResponse;
+import de.juplo.testingtools.HttpTestCase;
+import java.net.URLEncoder;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import java.text.SimpleDateFormat;
+import java.util.Calendar;
+import java.util.Date;
+import java.util.HashSet;
+import java.util.Locale;
+import java.util.Set;
+import org.junit.Assert;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+
+
+/**
+ *
+ * @author kai
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+ "classpath:/config.xml"
+})
+public class ParameterGuessingTest extends HttpTestCase {
+ private final static Logger log = LoggerFactory.getLogger(ParameterGuessingTest.class);
+
+
+ public ParameterGuessingTest() {
+ super("src/test/resources/web.xml");
+ }
+
+
+ @Test
+ public void testNothingSet() throws Exception {
+
+ log.info("-------- Test: Servlet does not implement getLastModified() and sets no Headers...");
+
+ WebResponse response = executeRequest("http://localhost/parameter-guessing?n=16");
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ SimpleDateFormat df = new SimpleDateFormat(Headers.RFC_1123_DATE_FORMAT, Locale.US);
+ long date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ long expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+ }
+
+ @Test
+ public void testSetUnfilteredHeaders() throws Exception {
+
+ log.info("-------- Test: Servlet sets unfiltered Headers...");
+
+ WebResponse response = executeRequest("http://localhost/parameter-guessing?n=16&X-Debug=bla&Age=34&Content-Language=de");
+ Assert.assertEquals("bla", response.getHeaderField("X-Debug"));
+ Assert.assertEquals("34", response.getHeaderField("Age"));
+ Assert.assertEquals("de", response.getHeaderField("Content-Language"));
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ SimpleDateFormat df = new SimpleDateFormat(Headers.RFC_1123_DATE_FORMAT, Locale.US);
+ long date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ long expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+ }
+
+ @Test
+ public void testETagSet() throws Exception {
+
+ log.info("-------- Test: Servlet sets Header \"ETag\"");
+
+ SimpleDateFormat df = new SimpleDateFormat(Headers.RFC_1123_DATE_FORMAT, Locale.US);
+ WebResponse response;
+ long date, expires;
+
+ response = executeRequest("http://localhost/parameter-guessing?n=16&ETag=" + URLEncoder.encode("\"bla\"", "UTF-8"));
+ Assert.assertEquals("\"bla\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+
+ response = executeRequest("http://localhost/parameter-guessing?n=16&ETag=" + URLEncoder.encode("\"bÄl\"a\"", "UTF-8"));
+ Assert.assertEquals("\"bla\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+
+ response = executeRequest("http://localhost/parameter-guessing?n=16&ETag=" + URLEncoder.encode("bla", "UTF-8"));
+ Assert.assertEquals("\"bla\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+
+ response = executeRequest("http://localhost/parameter-guessing?n=16&ETag=" + URLEncoder.encode("bÄl\"a", "UTF-8"));
+ Assert.assertEquals("\"bla\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+
+ response = executeRequest("http://localhost/parameter-guessing?n=16&ETag=" + URLEncoder.encode("W/\"blub\"", "UTF-8"));
+ Assert.assertEquals("W/\"blub\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+
+ response = executeRequest("http://localhost/parameter-guessing?n=16&ETag=" + URLEncoder.encode("W/\"bÄl\"ub\"", "UTF-8"));
+ Assert.assertEquals("W/\"blub\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+
+ response = executeRequest("http://localhost/parameter-guessing?n=16&ETag=" + URLEncoder.encode("W/blub", "UTF-8"));
+ Assert.assertEquals("W/\"blub\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+
+ response = executeRequest("http://localhost/parameter-guessing?n=16&ETag=" + URLEncoder.encode("W/bÄl\"ub", "UTF-8"));
+ Assert.assertEquals("W/\"blub\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+ }
+
+ @Test
+ public void testLastModifiedImplemented() throws Exception {
+
+ log.info("-------- Test: Servlet implements getLastModified()");
+
+ WebResponse response = executeRequest("http://localhost/parameter-guessing?n=16&l=1324162929861");
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Sat, 17 Dec 2011 23:02:09 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ SimpleDateFormat df = new SimpleDateFormat(Headers.RFC_1123_DATE_FORMAT, Locale.US);
+ long date = df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime();
+ long expires = df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime();
+ Assert.assertTrue("Expires-Header passt nicht zum Date-Header! Unterschied: " + (expires-date)/1000 + " Sekunden.", date + 3600000 == expires);
+ }
+
+ @Test
+ public void testCacheControlSet() throws Exception {
+
+ log.info("-------- Test: Servlet sets Header \"Cache-Control\"");
+
+ SimpleDateFormat df = new SimpleDateFormat(Headers.RFC_1123_DATE_FORMAT, Locale.US);
+ StringBuilder uri;
+ WebResponse response;
+ Date date;
+ long expires;
+ Set<String> params;
+ Calendar calendar = Calendar.getInstance();
+ calendar.set(Calendar.MILLISECOND, 0);
+
+ /** max-age=120 */
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Cache-Control=");
+ uri.append(URLEncoder.encode("max-age=120", "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=120", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE));
+ expires = (date.getTime()/1000l + 120l) * 1000l;
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires, df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+
+ /** max-age=120, s-max-age=60, private, must-revalidate */
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Cache-Control=");
+ uri.append(URLEncoder.encode("max-age=120, s-max-age=60, must-revalidate", "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ params = new HashSet<String>();
+ for (String param : response.getHeaderFields(Headers.HEADER_CACHE_CONTROL))
+ for (String part : param.split(","))
+ params.add(part.trim());
+ Assert.assertTrue(response.getHeaderField(Headers.HEADER_CACHE_CONTROL) + " enthält \"max-age=120\" nicht!", params.contains("max-age=120"));
+ Assert.assertTrue(response.getHeaderField(Headers.HEADER_CACHE_CONTROL) + " enthält \"s-max-age=60\" nicht!", params.contains("s-max-age=60"));
+ Assert.assertTrue(response.getHeaderField(Headers.HEADER_CACHE_CONTROL) + " enthält \"must-revalidate\" nicht!", params.contains("must-revalidate"));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE));
+ expires = (date.getTime()/1000l + 120l) * 1000l;
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires, df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+
+ /** max-age=120, s-max-age=60, private, must-revalidate, BUT: several other values are set before */
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Cache-Control=");
+ uri.append(URLEncoder.encode("no-store", "UTF-8"));
+ uri.append("&Cache-Control=");
+ uri.append(URLEncoder.encode("max-age=360, s-max-age=600, private", "UTF-8"));
+ uri.append("&Cache-Control=");
+ uri.append(URLEncoder.encode("public", "UTF-8"));
+ uri.append("&Cache-Control=");
+ uri.append(URLEncoder.encode("max-age=120, s-max-age=60, must-revalidate", "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ params = new HashSet<String>();
+ for (String param : response.getHeaderFields(Headers.HEADER_CACHE_CONTROL))
+ for (String part : param.split(","))
+ params.add(part.trim());
+ Assert.assertTrue(response.getHeaderField(Headers.HEADER_CACHE_CONTROL) + " enthält \"max-age=120\" nicht!", params.contains("max-age=120"));
+ Assert.assertTrue(response.getHeaderField(Headers.HEADER_CACHE_CONTROL) + " enthält \"s-max-age=60\" nicht!", params.contains("s-max-age=60"));
+ Assert.assertTrue(response.getHeaderField(Headers.HEADER_CACHE_CONTROL) + " enthält \"must-revalidate\" nicht!", params.contains("must-revalidate"));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE));
+ expires = (date.getTime()/1000l + 120l) * 1000l;
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires, df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+ }
+
+ @Test
+ public void testDateSet() throws Exception {
+
+ log.info("-------- Test: Servlet sets Header \"Date\"");
+
+ SimpleDateFormat df = new SimpleDateFormat(Headers.RFC_1123_DATE_FORMAT, Locale.US);
+ StringBuilder uri;
+ WebResponse response;
+ Date date, expires;
+ Calendar calendar = Calendar.getInstance();
+ calendar.set(Calendar.MILLISECOND, 0);
+
+ /** Date ca NOW -1m */
+ calendar.add(Calendar.MINUTE, -1);
+ date = calendar.getTime();
+ calendar.add(Calendar.MINUTE, 60); /** default max-age=3600 yields 60m! */
+ expires = calendar.getTime();
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Date=");
+ uri.append(URLEncoder.encode(df.format(date), "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertEquals("Unerwartetr Wert für den Date-Header!", date.getTime(), df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime());
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires.getTime(), df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+
+ /** Date ca NOW -1m, BUT: is set to some garbage values before */
+ calendar.add(Calendar.MINUTE, -1);
+ date = calendar.getTime();
+ calendar.add(Calendar.MINUTE, 60); /** default max-age=3600 yields 60m! */
+ expires = calendar.getTime();
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Date=");
+ calendar.add(Calendar.MINUTE, 10);
+ uri.append(URLEncoder.encode(df.format(calendar.getTime()), "UTF-8"));
+ uri.append("&Date=");
+ calendar.add(Calendar.HOUR, -2);
+ uri.append(URLEncoder.encode(df.format(calendar.getTime()), "UTF-8"));
+ uri.append("&Date=");
+ calendar.add(Calendar.DATE, 1);
+ uri.append(URLEncoder.encode(df.format(calendar.getTime()), "UTF-8"));
+ uri.append("&Date=");
+ uri.append(URLEncoder.encode(df.format(date), "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertEquals("Unerwartetr Wert für den Date-Header!", date.getTime(), df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime());
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires.getTime(), df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+ }
+
+ @Test
+ public void testExpiresSet() throws Exception {
+
+ log.info("-------- Test: Servlet sets Header \"Expires\"");
+
+ SimpleDateFormat df = new SimpleDateFormat(Headers.RFC_1123_DATE_FORMAT, Locale.US);
+ StringBuilder uri;
+ WebResponse response;
+ Date date, expires;
+ long age;
+ Calendar calendar = Calendar.getInstance();
+ calendar.set(Calendar.MILLISECOND, 0);
+
+ /** Expires ca. NOW + 10m */
+ calendar.add(Calendar.MINUTE, 10);
+ expires = calendar.getTime();
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Expires=");
+ uri.append(URLEncoder.encode(df.format(expires), "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE));
+ age = (expires.getTime() - date.getTime())/1000l;
+ Assert.assertEquals("max-age=" + age, response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires.getTime(), df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+
+ /** Expires ca. NOW + 10m, BUT: is set to some garbage values before */
+ calendar.add(Calendar.MINUTE, 10);
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Expires=");
+ calendar.add(Calendar.MINUTE, 10);
+ uri.append(URLEncoder.encode(df.format(calendar.getTime()), "UTF-8"));
+ uri.append("&Expires=");
+ calendar.add(Calendar.HOUR, -2);
+ uri.append(URLEncoder.encode(df.format(calendar.getTime()), "UTF-8"));
+ uri.append("&Expires=");
+ calendar.add(Calendar.DATE, 1);
+ uri.append(URLEncoder.encode(df.format(calendar.getTime()), "UTF-8"));
+ uri.append("&Expires=");
+ uri.append(URLEncoder.encode(df.format(expires), "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ date = df.parse(response.getHeaderField(Headers.HEADER_DATE));
+ age = (expires.getTime() - date.getTime())/1000l;
+ Assert.assertEquals("max-age=" + age, response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires.getTime(), df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+ }
+
+ @Test
+ public void testDateAndExpiresSet() throws Exception {
+
+ log.info("-------- Test: Servlet sets Header's \"Date\" and \"Expires\"");
+
+ SimpleDateFormat df = new SimpleDateFormat(Headers.RFC_1123_DATE_FORMAT, Locale.US);
+ StringBuilder uri;
+ WebResponse response;
+ Date date, expires, garbage;
+ Calendar calendar = Calendar.getInstance();
+ calendar.set(Calendar.MILLISECOND, 0);
+
+ /** Expires = Date + 30m */
+ date = calendar.getTime();
+ calendar.add(Calendar.MINUTE, 30);
+ expires = calendar.getTime();
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Date=");
+ uri.append(URLEncoder.encode(df.format(date), "UTF-8"));
+ uri.append("&Expires=");
+ uri.append(URLEncoder.encode(df.format(expires), "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertEquals("max-age=1800", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertEquals("Unerwartetr Wert für den Date-Header!", date.getTime(), df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime());
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires.getTime(), df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+
+ /** Expires = Date + 30m, BUT: Date is set to Date - 2h first and Expires to Date */
+ date = calendar.getTime();
+ calendar.add(Calendar.MINUTE, 30);
+ expires = calendar.getTime();
+ calendar.add(Calendar.HOUR, -2);
+ garbage = calendar.getTime();
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Date=");
+ uri.append(URLEncoder.encode(df.format(garbage), "UTF-8"));
+ uri.append("&Expires=");
+ uri.append(URLEncoder.encode(df.format(date), "UTF-8"));
+ uri.append("&Date=");
+ uri.append(URLEncoder.encode(df.format(date), "UTF-8"));
+ uri.append("&Expires=");
+ uri.append(URLEncoder.encode(df.format(expires), "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertEquals("max-age=1800", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertEquals("Unerwartetr Wert für den Date-Header!", date.getTime(), df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime());
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires.getTime(), df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+
+ /** Expires = Date - 1h --> will be ignored! */
+ date = calendar.getTime();
+ calendar.add(Calendar.MINUTE, -60);
+ garbage = calendar.getTime();
+ calendar.setTime(date);
+ calendar.add(Calendar.MINUTE, 60); /** default max-age=3600 yields 60m! */
+ expires = calendar.getTime();
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Date=");
+ uri.append(URLEncoder.encode(df.format(date), "UTF-8"));
+ uri.append("&Expires=");
+ uri.append(URLEncoder.encode(df.format(garbage), "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertEquals("max-age=3600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertEquals("Unerwartetr Wert für den Date-Header!", date.getTime(), df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime());
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires.getTime(), df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+ }
+
+ @Test
+ public void testCacheControlDateAndExpiresSet() throws Exception {
+
+ log.info("-------- Test: Servlet sets Header's \"Cache-Control\", \"Date\" and \"Expires\"");
+
+ SimpleDateFormat df = new SimpleDateFormat(Headers.RFC_1123_DATE_FORMAT, Locale.US);
+ StringBuilder uri;
+ WebResponse response;
+ Date date, expires, expected;
+ Set<String> params;
+ Calendar calendar = Calendar.getInstance();
+ calendar.set(Calendar.MILLISECOND, 0);
+
+ /** Expires = Date + 30m, Cache-Control: must-revalidate, no-store */
+ date = calendar.getTime();
+ calendar.add(Calendar.MINUTE, 30);
+ expires = calendar.getTime();
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Cache-Control=");
+ uri.append(URLEncoder.encode("must-revalidate, no-store", "UTF-8"));
+ uri.append("&Date=");
+ uri.append(URLEncoder.encode(df.format(date), "UTF-8"));
+ uri.append("&Expires=");
+ uri.append(URLEncoder.encode(df.format(expires), "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ params = new HashSet<String>();
+ for (String param : response.getHeaderFields(Headers.HEADER_CACHE_CONTROL))
+ for (String part : param.split(","))
+ params.add(part.trim());
+ Assert.assertTrue(response.getHeaderField(Headers.HEADER_CACHE_CONTROL) + " enthält \"max-age=1800\" nicht!", params.contains("max-age=1800"));
+ Assert.assertTrue(response.getHeaderField(Headers.HEADER_CACHE_CONTROL) + " enthält \"must-revalidate\" nicht!", params.contains("must-revalidate"));
+ Assert.assertTrue(response.getHeaderField(Headers.HEADER_CACHE_CONTROL) + " enthält \"no-store\" nicht!", params.contains("no-store"));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertEquals("Unerwartetr Wert für den Date-Header!", date.getTime(), df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime());
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expires.getTime(), df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+
+ /** Expires = Date + 30m, BUT: max-age is set to 600s */
+ date = calendar.getTime();
+ calendar.add(Calendar.MINUTE, 10);
+ expected = calendar.getTime();
+ calendar.add(Calendar.MINUTE, 20);
+ expires = calendar.getTime();
+ uri = new StringBuilder();
+ uri.append("http://localhost/parameter-guessing");
+ uri.append("?n=16");
+ uri.append("&Date=");
+ uri.append(URLEncoder.encode(df.format(date), "UTF-8"));
+ uri.append("&Expires=");
+ uri.append(URLEncoder.encode(df.format(expires), "UTF-8"));
+ uri.append("&Cache-Control=");
+ uri.append(URLEncoder.encode("max-age=600", "UTF-8"));
+ response = executeRequest(uri.toString());
+ Assert.assertEquals("W/\"Hallo Welt!\"", response.getHeaderField(Headers.HEADER_ETAG));
+ Assert.assertEquals("Thu, 01 Jan 1970 00:00:00 GMT", response.getHeaderField(Headers.HEADER_LAST_MODIFIED));
+ Assert.assertEquals("gzip", response.getHeaderField(Headers.HEADER_CONTENT_ENCODING));
+ Assert.assertEquals("text/plain; charset=iso-8859-1", response.getHeaderField(Headers.HEADER_CONTENT_TYPE));
+ Assert.assertEquals("max-age=600", response.getHeaderField(Headers.HEADER_CACHE_CONTROL));
+ Assert.assertNotNull("Date-Header was not set!", response.getHeaderField(Headers.HEADER_DATE));
+ Assert.assertEquals("Unerwartetr Wert für den Date-Header!", date.getTime(), df.parse(response.getHeaderField(Headers.HEADER_DATE)).getTime());
+ Assert.assertNotNull("Expires-Header was not set!", response.getHeaderField(Headers.HEADER_EXPIRES));
+ Assert.assertEquals("Unerwartetr Wert für den Expires-Header!", expected.getTime(), df.parse(response.getHeaderField(Headers.HEADER_EXPIRES)).getTime());
+ }
+}