internal static BadHttpRequestException GetException(RequestRejectionReason reason, string detail) { BadHttpRequestException ex; switch (reason) { case RequestRejectionReason.TlsOverHttpError: ex = new BadHttpRequestException(CoreStrings.HttpParserTlsOverHttpError, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.InvalidRequestLine: ex = new BadHttpRequestException(CoreStrings.FormatBadRequest_InvalidRequestLine_Detail(detail), StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.InvalidRequestTarget: ex = new BadHttpRequestException(CoreStrings.FormatBadRequest_InvalidRequestTarget_Detail(detail), StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.InvalidRequestHeader: ex = new BadHttpRequestException(CoreStrings.FormatBadRequest_InvalidRequestHeader_Detail(detail), StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.InvalidContentLength: ex = new BadHttpRequestException(CoreStrings.FormatBadRequest_InvalidContentLength_Detail(detail), StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.UnrecognizedHTTPVersion: ex = new BadHttpRequestException(CoreStrings.FormatBadRequest_UnrecognizedHTTPVersion(detail), StatusCodes.Status505HttpVersionNotsupported, reason); break; case RequestRejectionReason.FinalTransferCodingNotChunked: ex = new BadHttpRequestException(CoreStrings.FormatBadRequest_FinalTransferCodingNotChunked(detail), StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.LengthRequired: ex = new BadHttpRequestException(CoreStrings.FormatBadRequest_LengthRequired(detail), StatusCodes.Status411LengthRequired, reason); break; case RequestRejectionReason.LengthRequiredHttp10: ex = new BadHttpRequestException(CoreStrings.FormatBadRequest_LengthRequiredHttp10(detail), StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.InvalidHostHeader: ex = new BadHttpRequestException(CoreStrings.FormatBadRequest_InvalidHostHeader_Detail(detail), StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.RequestBodyTooLarge: ex = new BadHttpRequestException(CoreStrings.FormatBadRequest_RequestBodyTooLarge(detail), StatusCodes.Status413PayloadTooLarge, reason); break; default: ex = new BadHttpRequestException(CoreStrings.BadRequest, StatusCodes.Status400BadRequest, reason); break; } return(ex); }
public async Task RejectsRequestWithContentLengthHeaderExceedingPerRequestLimit() { // 8 GiB var globalMaxRequestBodySize = 0x200000000; // 4 GiB var perRequestMaxRequestBodySize = 0x100000000; #pragma warning disable CS0618 // Type or member is obsolete BadHttpRequestException requestRejectedEx = null; #pragma warning restore CS0618 // Type or member is obsolete await using (var server = new TestServer(async context => { var feature = context.Features.Get <IHttpMaxRequestBodySizeFeature>(); Assert.Equal(globalMaxRequestBodySize, feature.MaxRequestBodySize); // Disable the MaxRequestBodySize prior to calling Request.Body.ReadAsync(); feature.MaxRequestBodySize = perRequestMaxRequestBodySize; var buffer = new byte[1]; #pragma warning disable CS0618 // Type or member is obsolete requestRejectedEx = await Assert.ThrowsAsync <BadHttpRequestException>( #pragma warning restore CS0618 // Type or member is obsolete async() => await context.Request.Body.ReadAsync(buffer, 0, 1)); throw requestRejectedEx; }, new TestServiceContext(LoggerFactory) { ServerOptions = { Limits = { MaxRequestBodySize = globalMaxRequestBodySize } } })) { using (var connection = server.CreateConnection()) { await connection.Send( "POST / HTTP/1.1", "Host:", "Content-Length: " + (perRequestMaxRequestBodySize + 1), "", ""); await connection.ReceiveEnd( "HTTP/1.1 413 Payload Too Large", "Content-Length: 0", "Connection: close", $"Date: {server.Context.DateHeaderValue}", "", ""); } } Assert.NotNull(requestRejectedEx); Assert.Equal(CoreStrings.FormatBadRequest_RequestBodyTooLarge(perRequestMaxRequestBodySize), requestRejectedEx.Message); }
public async Task ChunkFramingAndExtensionsCountTowardsRequestBodySize() { var chunkedPayload = "5;random chunk extension\r\nHello\r\n6\r\n World\r\n0\r\n\r\n"; var globalMaxRequestBodySize = chunkedPayload.Length - 1; #pragma warning disable CS0618 // Type or member is obsolete BadHttpRequestException requestRejectedEx = null; #pragma warning restore CS0618 // Type or member is obsolete await using (var server = new TestServer(async context => { var buffer = new byte[11]; #pragma warning disable CS0618 // Type or member is obsolete requestRejectedEx = await Assert.ThrowsAsync <BadHttpRequestException>(async() => #pragma warning restore CS0618 // Type or member is obsolete { var count = 0; do { count = await context.Request.Body.ReadAsync(buffer, 0, 11); } while (count != 0); }); throw requestRejectedEx; }, new TestServiceContext(LoggerFactory) { ServerOptions = { Limits = { MaxRequestBodySize = globalMaxRequestBodySize } } })) { using (var connection = server.CreateConnection()) { await connection.Send( "POST / HTTP/1.1", "Host:", "Transfer-Encoding: chunked", "", chunkedPayload); await connection.ReceiveEnd( "HTTP/1.1 413 Payload Too Large", "Content-Length: 0", "Connection: close", $"Date: {server.Context.DateHeaderValue}", "", ""); } } Assert.NotNull(requestRejectedEx); Assert.Equal(CoreStrings.FormatBadRequest_RequestBodyTooLarge(globalMaxRequestBodySize), requestRejectedEx.Message); }
public async Task RejectsRequestWithBodySizeExceedingPerRequestLimitAndExceptionWasCaughtByApplication() { var maxRequestBodySize = 3; var requestBody = "client content"; var customApplicationResponse = "custom"; Assert.True(requestBody.Length > maxRequestBodySize); await using (var server = new TestServer(async context => { #pragma warning disable CS0618 // Type or member is obsolete BadHttpRequestException requestRejectedEx = await Assert.ThrowsAsync <BadHttpRequestException>(async() => #pragma warning restore CS0618 // Type or member is obsolete { using (var stream = new StreamReader(context.Request.Body)) { string body = await stream.ReadToEndAsync(); } }); context.Response.StatusCode = requestRejectedEx.StatusCode; await context.Response.WriteAsync(customApplicationResponse); throw requestRejectedEx; }, new TestServiceContext(LoggerFactory) { ServerOptions = { Limits = { MaxRequestBodySize = maxRequestBodySize } } })) { using var connection = server.CreateConnection(); await connection.Send( "POST / HTTP/1.1", "Host:", $"Content-Length: {requestBody.Length}", "", requestBody); await connection.ReceiveEnd( "HTTP/1.1 413 Payload Too Large", "Connection: close", $"Date: {server.Context.DateHeaderValue}", "Transfer-Encoding: chunked", "", $"{customApplicationResponse.Length}", customApplicationResponse, ""); } }
public async Task EveryReadFailsWhenChunkedPayloadExceedsGlobalLimit() { #pragma warning disable CS0618 // Type or member is obsolete BadHttpRequestException requestRejectedEx1 = null; BadHttpRequestException requestRejectedEx2 = null; #pragma warning restore CS0618 // Type or member is obsolete await using (var server = new TestServer(async context => { var buffer = new byte[1]; #pragma warning disable CS0618 // Type or member is obsolete requestRejectedEx1 = await Assert.ThrowsAsync <BadHttpRequestException>( async() => await context.Request.Body.ReadAsync(buffer, 0, 1)); requestRejectedEx2 = await Assert.ThrowsAsync <BadHttpRequestException>( async() => await context.Request.Body.ReadAsync(buffer, 0, 1)); #pragma warning restore CS0618 // Type or member is obsolete throw requestRejectedEx2; }, new TestServiceContext(LoggerFactory) { ServerOptions = { Limits = { MaxRequestBodySize = 0 } } })) { using (var connection = server.CreateConnection()) { await connection.Send( "POST / HTTP/1.1", "Host:", "Transfer-Encoding: chunked", "", "1\r\n"); await connection.ReceiveEnd( "HTTP/1.1 413 Payload Too Large", "Content-Length: 0", "Connection: close", $"Date: {server.Context.DateHeaderValue}", "", ""); } } Assert.NotNull(requestRejectedEx1); Assert.NotNull(requestRejectedEx2); Assert.Equal(CoreStrings.FormatBadRequest_RequestBodyTooLarge(0), requestRejectedEx1.Message); Assert.Equal(CoreStrings.FormatBadRequest_RequestBodyTooLarge(0), requestRejectedEx2.Message); }
#pragma warning disable CS0618 // Type or member is obsolete internal static BadHttpRequestException GetException(RequestRejectionReason reason) { BadHttpRequestException ex; switch (reason) { case RequestRejectionReason.InvalidRequestHeadersNoCRLF: ex = new BadHttpRequestException(CoreStrings.BadRequest_InvalidRequestHeadersNoCRLF, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.InvalidRequestLine: ex = new BadHttpRequestException(CoreStrings.BadRequest_InvalidRequestLine, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.MalformedRequestInvalidHeaders: ex = new BadHttpRequestException(CoreStrings.BadRequest_MalformedRequestInvalidHeaders, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.MultipleContentLengths: ex = new BadHttpRequestException(CoreStrings.BadRequest_MultipleContentLengths, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.UnexpectedEndOfRequestContent: ex = new BadHttpRequestException(CoreStrings.BadRequest_UnexpectedEndOfRequestContent, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.BadChunkSuffix: ex = new BadHttpRequestException(CoreStrings.BadRequest_BadChunkSuffix, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.BadChunkSizeData: ex = new BadHttpRequestException(CoreStrings.BadRequest_BadChunkSizeData, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.ChunkedRequestIncomplete: ex = new BadHttpRequestException(CoreStrings.BadRequest_ChunkedRequestIncomplete, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.InvalidCharactersInHeaderName: ex = new BadHttpRequestException(CoreStrings.BadRequest_InvalidCharactersInHeaderName, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.RequestLineTooLong: ex = new BadHttpRequestException(CoreStrings.BadRequest_RequestLineTooLong, StatusCodes.Status414UriTooLong, reason); break; case RequestRejectionReason.HeadersExceedMaxTotalSize: ex = new BadHttpRequestException(CoreStrings.BadRequest_HeadersExceedMaxTotalSize, StatusCodes.Status431RequestHeaderFieldsTooLarge, reason); break; case RequestRejectionReason.TooManyHeaders: ex = new BadHttpRequestException(CoreStrings.BadRequest_TooManyHeaders, StatusCodes.Status431RequestHeaderFieldsTooLarge, reason); break; case RequestRejectionReason.RequestHeadersTimeout: ex = new BadHttpRequestException(CoreStrings.BadRequest_RequestHeadersTimeout, StatusCodes.Status408RequestTimeout, reason); break; case RequestRejectionReason.RequestBodyTimeout: ex = new BadHttpRequestException(CoreStrings.BadRequest_RequestBodyTimeout, StatusCodes.Status408RequestTimeout, reason); break; case RequestRejectionReason.OptionsMethodRequired: ex = new BadHttpRequestException(CoreStrings.BadRequest_MethodNotAllowed, StatusCodes.Status405MethodNotAllowed, reason, HttpMethod.Options); break; case RequestRejectionReason.ConnectMethodRequired: ex = new BadHttpRequestException(CoreStrings.BadRequest_MethodNotAllowed, StatusCodes.Status405MethodNotAllowed, reason, HttpMethod.Connect); break; case RequestRejectionReason.MissingHostHeader: ex = new BadHttpRequestException(CoreStrings.BadRequest_MissingHostHeader, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.MultipleHostHeaders: ex = new BadHttpRequestException(CoreStrings.BadRequest_MultipleHostHeaders, StatusCodes.Status400BadRequest, reason); break; case RequestRejectionReason.InvalidHostHeader: ex = new BadHttpRequestException(CoreStrings.BadRequest_InvalidHostHeader, StatusCodes.Status400BadRequest, reason); break; default: ex = new BadHttpRequestException(CoreStrings.BadRequest, StatusCodes.Status400BadRequest, reason); break; } return(ex); }