Mercurial > hg
comparison tests/test-http.t @ 31936:806f9a883b4f
url: support auth.cookiesfile for adding cookies to HTTP requests
Mercurial can't currently send cookies as part of HTTP requests.
Some authentication systems use cookies. So, it seems like adding
support for sending cookies seems like a useful feature.
This patch implements support for reading cookies from a file
and automatically sending them as part of the request. We rely
on the "cookiejar" Python module to do the heavy lifting of
parsing cookies files. We currently only support the Mozilla
(really Netscape-era) cookie format. There is another format
supported by cookielib and we may want to consider using that,
especially since the Netscape cookie parser can't parse ports.
It wasn't immediately obvious to me what the format of the other
parser is, so I didn't know how to test it. I /think/ it might
be literal "Cookie" header values, but I'm not sure. If it is
more robust than the Netscape format, we may want to just
support it.
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Thu, 09 Mar 2017 22:40:52 -0800 |
parents | 49e9124cfc23 |
children | 9a782e7e651e |
comparison
equal
deleted
inserted
replaced
31935:566cb89050b7 | 31936:806f9a883b4f |
---|---|
1 #require serve | 1 #require killdaemons serve |
2 | 2 |
3 $ hg init test | 3 $ hg init test |
4 $ cd test | 4 $ cd test |
5 $ echo foo>foo | 5 $ echo foo>foo |
6 $ mkdir foo.d foo.d/bAr.hg.d foo.d/baR.d.hg | 6 $ mkdir foo.d foo.d/bAr.hg.d foo.d/baR.d.hg |
331 requesting all changes | 331 requesting all changes |
332 remote: abort: this is an exercise | 332 remote: abort: this is an exercise |
333 abort: pull failed on remote | 333 abort: pull failed on remote |
334 [255] | 334 [255] |
335 $ cat error.log | 335 $ cat error.log |
336 | |
337 corrupt cookies file should yield a warning | |
338 | |
339 $ cat > $TESTTMP/cookies.txt << EOF | |
340 > bad format | |
341 > EOF | |
342 | |
343 $ hg --config auth.cookiefile=$TESTTMP/cookies.txt id http://localhost:$HGPORT/ | |
344 (error loading cookie file $TESTTMP/cookies.txt: '$TESTTMP/cookies.txt' does not look like a Netscape format cookies file; continuing without cookies) | |
345 56f9bc90cce6 | |
346 | |
347 $ killdaemons.py | |
348 | |
349 Create dummy authentication handler that looks for cookies. It doesn't do anything | |
350 useful. It just raises an HTTP 500 with details about the Cookie request header. | |
351 We raise HTTP 500 because its message is printed in the abort message. | |
352 | |
353 $ cat > cookieauth.py << EOF | |
354 > from mercurial import util | |
355 > from mercurial.hgweb import common | |
356 > def perform_authentication(hgweb, req, op): | |
357 > cookie = req.env.get('HTTP_COOKIE') | |
358 > if not cookie: | |
359 > raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'no-cookie') | |
360 > raise common.ErrorResponse(common.HTTP_SERVER_ERROR, 'Cookie: %s' % cookie) | |
361 > def extsetup(): | |
362 > common.permhooks.insert(0, perform_authentication) | |
363 > EOF | |
364 | |
365 $ hg serve --config extensions.cookieauth=cookieauth.py -R test -p $HGPORT -d --pid-file=pid | |
366 $ cat pid > $DAEMON_PIDS | |
367 | |
368 Request without cookie sent should fail due to lack of cookie | |
369 | |
370 $ hg id http://localhost:$HGPORT | |
371 abort: HTTP Error 500: no-cookie | |
372 [255] | |
373 | |
374 Populate a cookies file | |
375 | |
376 $ cat > cookies.txt << EOF | |
377 > # HTTP Cookie File | |
378 > # Expiration is 2030-01-01 at midnight | |
379 > .example.com TRUE / FALSE 1893456000 hgkey examplevalue | |
380 > EOF | |
381 | |
382 Should not send a cookie for another domain | |
383 | |
384 $ hg --config auth.cookiefile=cookies.txt id http://localhost:$HGPORT/ | |
385 abort: HTTP Error 500: no-cookie | |
386 [255] | |
387 | |
388 Add a cookie entry for our test server and verify it is sent | |
389 | |
390 $ cat >> cookies.txt << EOF | |
391 > localhost.local FALSE / FALSE 1893456000 hgkey localhostvalue | |
392 > EOF | |
393 | |
394 $ hg --config auth.cookiefile=cookies.txt id http://localhost:$HGPORT/ | |
395 abort: HTTP Error 500: Cookie: hgkey=localhostvalue | |
396 [255] |