summaryrefslogtreecommitdiff
path: root/test/webrick/test_httpresponse.rb
diff options
context:
space:
mode:
authorNobuyoshi Nakada <nobu@ruby-lang.org>2019-03-09 19:53:51 +0900
committerHiroshi SHIBATA <hsbt@ruby-lang.org>2019-06-24 10:11:47 +0900
commit11a60f9bdb486b5173946a7eb11b41e5f75a28cd (patch)
tree9f08b42546cb6fd27d6ad04216e98919d59f04de /test/webrick/test_httpresponse.rb
parent97a7f463f683774f054f9d7dafc3756aad39dd1c (diff)
Remove extraneous spaces at the end of status line
Remove extraneous spaces after the status code that is non-compliant with RFC, i.e `HTTP 200 OK `, to unnecessary confusion for WEBrick users, by a risk that WEBrick instances in the wild will have server responses flagged as suspicious or malicious due to a similar bug in [Cobalt Strike misconfiguration]. Reported by Matt Tennis <mtennis@paloaltonetworks.com> [Cobalt Strike misconfiguration]: https://blog.fox-it.com/2019/02/26/identifying-cobalt-strike-team-servers-in-the-wild/
Diffstat (limited to 'test/webrick/test_httpresponse.rb')
-rw-r--r--test/webrick/test_httpresponse.rb7
1 files changed, 7 insertions, 0 deletions
diff --git a/test/webrick/test_httpresponse.rb b/test/webrick/test_httpresponse.rb
index 468c605..a1d7712 100644
--- a/test/webrick/test_httpresponse.rb
+++ b/test/webrick/test_httpresponse.rb
@@ -222,5 +222,12 @@ module WEBrick
assert_match(/#{@res.reason_phrase}/, body)
assert_match(/#{message}/, body)
end
+
+ def test_no_extraneous_space
+ [200, 300, 400, 500].each do |status|
+ @res.status = status
+ assert_match(/\S\r\n/, @res.status_line)
+ end
+ end
end
end