You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
{
"comment" : "Tests for HTTP response headers: Deny OCSP request, Remove Accept-Encoding, and Do not remove Referer" ,
"configs" : {
"1" : {
"proto" : {
"proto" : "tcp"
} ,
"client" : {
"ip" : "127.0.0.1" ,
"port" : "8186"
} ,
"server" : {
"ip" : "127.0.0.1" ,
"port" : "9186"
}
} ,
"2" : {
"proto" : {
"proto" : "ssl" ,
"crt" : "server.crt" ,
"key" : "server.key"
} ,
"client" : {
"ip" : "127.0.0.1" ,
"port" : "8448"
} ,
"server" : {
"ip" : "127.0.0.1" ,
"port" : "9448"
}
}
} ,
"tests" : {
"1" : {
"comment" : "Denies OCSP request" ,
"states" : {
"1" : {
"testend" : "client" ,
"cmd" : "send" ,
"payload" : "POST / HTTP/1.1\r\nHost: comixwall.org\r\nContent-Type: application/ocsp-request\r\n\r\n" ,
"comment" : "It is easier to send a dummy POST ocsp request than a valid GET one"
} ,
"2" : {
"testend" : "client" ,
"cmd" : "recv" ,
"payload_file" : "payload_ocsp_denied_response.bin" ,
"comment" : "The client should certainly receive the ocsp denied response from SSLproxy" ,
"comment" : "But it is not certain if the server should receive the ocsp request of the client or not, it depends on libevent and various conditions at that moment"
}
}
} ,
"2" : {
"comment" : "Remove Accept-Encoding" ,
"states" : {
"1" : {
"testend" : "client" ,
"cmd" : "send" ,
"payload" : "GET / HTTP/1.1\r\nHost: comixwall.org\r\nAccept-Encoding: encoding\r\n\r\n"
} ,
"2" : {
"testend" : "server" ,
"cmd" : "recv" ,
"payload" : "GET / HTTP/1.1\r\nHost: comixwall.org\r\nConnection: close\r\n\r\n"
}
}
} ,
"3" : {
"comment" : "Does not remove Referer" ,
"states" : {
"1" : {
"testend" : "client" ,
"cmd" : "send" ,
"payload" : "GET / HTTP/1.1\r\nHost: comixwall.org\r\nReferer: referer\r\n\r\n"
} ,
"2" : {
"testend" : "server" ,
"cmd" : "recv" ,
"payload" : "GET / HTTP/1.1\r\nHost: comixwall.org\r\nReferer: referer\r\nConnection: close\r\n\r\n"
}
}
}
}
}