Make HTTP header parsing RFC-compliant

All this home-grown parsing should be replaced with code from the qhttp*
classes. This would result in a big refactoring though, so this commit
at least tries to make the header parsing RFC compliant and not choke
on perfectly legal "Header:Value" messages.

Change-Id: I14303610dc7187b8d8595568fb221c18e4e0d515
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>

1 files changed, 40 insertions, 0 deletions

diff --git a/tests/auto/websockets/handshakerequest/tst_handshakerequest.cpp b/tests/auto/websockets/handshakerequest/tst_handshakerequest.cpp
index 4a9603f..230b052 100644
--- a/tests/auto/websockets/handshakerequest/tst_handshakerequest.cpp
+++ b/tests/auto/websockets/handshakerequest/tst_handshakerequest.cpp
@@ -63,6 +63,7 @@ private Q_SLOTS:
 
     void tst_multipleValuesInConnectionHeader();
     void tst_multipleVersions();
+    void tst_parsingWhitespaceInHeaders();
 
     void tst_qtbug_39355();
     void tst_qtbug_48123_data();
@@ -194,6 +195,17 @@ void tst_HandshakeRequest::tst_invalidStream_data()
                QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
                QStringLiteral("Upgrade: websocket,ftp\r\n") +
                QStringLiteral("Connection: Upgrade\r\n\r\n");
+    QTest::newRow("Invalid header - starts with continuation")
+            << QStringLiteral("GET . HTTP/1.1\r\n Host: foo\r\nSec-WebSocket-Version: 13\r\n") +
+               QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
+               QStringLiteral("Upgrade: websocket\r\n") +
+               QStringLiteral("Connection: Upgrade\r\n\r\n");
+    QTest::newRow("Invalid header - no colon")
+            << QStringLiteral("GET . HTTP/1.1\r\nHost: foo\r\nSec-WebSocket-Version: 13\r\n") +
+               QStringLiteral("Sec-WebSocket-Key: AVDFBDDFF\r\n") +
+               QStringLiteral("Upgrade: websocket\r\n") +
+               QStringLiteral("X-Custom foo\r\n") +
+               QStringLiteral("Connection: Upgrade\r\n\r\n");
 }
 
 void tst_HandshakeRequest::tst_invalidStream()
@@ -259,6 +271,34 @@ void tst_HandshakeRequest::tst_multipleValuesInConnectionHeader()
     QCOMPARE(request.versions().at(0), QWebSocketProtocol::Version13);
 }
 
+/*
+ * This is a regression test
+ * Checks for RFC compliant header parsing
+ */
+void tst_HandshakeRequest::tst_parsingWhitespaceInHeaders()
+{
+    //doing extensive QStringLiteral concatenations here, because
+    //MSVC 2010 complains when using concatenation literal strings about
+    //concatenation of wide and narrow strings (error C2308)
+    QString header = QStringLiteral("GET /test HTTP/1.1\r\nHost: ") +
+                     QStringLiteral("foo.com\r\nSec-WebSocket-Version:13\r\n") +
+                     QStringLiteral("Sec-WebSocket-Key:   AVD  \r\n\tFBDDFF \r\n") +
+                     QStringLiteral("Upgrade:websocket \r\n") +
+                     QStringLiteral("Connection: Upgrade,keepalive\r\n\r\n");
+    QByteArray data;
+    QTextStream textStream(&data);
+    QWebSocketHandshakeRequest request(80, false);
+
+    textStream << header;
+    textStream.seek(0);
+    request.readHandshake(textStream, MAX_HEADERLINE_LENGTH, MAX_HEADERS);
+
+    QVERIFY(request.isValid());
+    QCOMPARE(request.key(), QStringLiteral("AVD FBDDFF"));
+    QCOMPARE(request.versions().length(), 1);
+    QCOMPARE(request.versions().at(0), QWebSocketProtocol::Version13);
+}
+
 void tst_HandshakeRequest::tst_multipleVersions()
 {
     QString header = QStringLiteral("GET /test HTTP/1.1\r\nHost: foo.com\r\n") +