How to use hpack - 10 common examples
To help you get started, we’ve selected a few hpack examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
python-hyper / hyper / test / test_integration.py View on Github 
def socket_handler(listener):
sock = listener.accept()[0]
e = Encoder()
# We get two messages for the connection open and then a HEADERS
# frame.
receive_preamble(sock)
sock.recv(65535)
# Wait for request
req_event.wait(5)
# Now, send the headers for the response.
f = build_headers_frame(
[(':status', '200'), ('content-length', '14')],
e
)
f.stream_id = 1
sock.send(f.serialize())for a, b in zip(block_a, block_b):
assert a == b
assert a.__class__ is b.__class__
class TestHeaderIndexing(object):
"""
Test that Hyper-h2 can correctly handle never indexed header fields using
the appropriate hpack data structures.
"""
example_request_headers = [
HeaderTuple(u':authority', u'example.com'),
HeaderTuple(u':path', u'/'),
HeaderTuple(u':scheme', u'https'),
HeaderTuple(u':method', u'GET'),
]
bytes_example_request_headers = [
HeaderTuple(b':authority', b'example.com'),
HeaderTuple(b':path', b'/'),
HeaderTuple(b':scheme', b'https'),
HeaderTuple(b':method', b'GET'),
]
extended_request_headers = [
HeaderTuple(u':authority', u'example.com'),
HeaderTuple(u':path', u'/'),
HeaderTuple(u':scheme', u'https'),
HeaderTuple(u':method', u'GET'),
NeverIndexedHeaderTuple(u'authorization', u'realpassword'),
]
bytes_extended_request_headers = [NeverIndexedHeaderTuple(u'authorization', u'test'),
NeverIndexedHeaderTuple(u'Authorization', u'test'),
NeverIndexedHeaderTuple(u'authorization', u'really long test'),
(b'authorization', b'test'),
(b'Authorization', b'test'),
(b'authorization', b'really long test'),
HeaderTuple(b'authorization', b'test'),
HeaderTuple(b'Authorization', b'test'),
HeaderTuple(b'authorization', b'really long test'),
NeverIndexedHeaderTuple(b'authorization', b'test'),
NeverIndexedHeaderTuple(b'Authorization', b'test'),
NeverIndexedHeaderTuple(b'authorization', b'really long test'),
(u'proxy-authorization', u'test'),
(u'Proxy-Authorization', u'test'),
(u'proxy-authorization', u'really long test'),
HeaderTuple(u'proxy-authorization', u'test'),
HeaderTuple(u'Proxy-Authorization', u'test'),
HeaderTuple(u'proxy-authorization', u'really long test'),
NeverIndexedHeaderTuple(u'proxy-authorization', u'test'),
NeverIndexedHeaderTuple(u'Proxy-Authorization', u'test'),
NeverIndexedHeaderTuple(u'proxy-authorization', u'really long test'),
(b'proxy-authorization', b'test'),
(b'Proxy-Authorization', b'test'),
(b'proxy-authorization', b'really long test'),
HeaderTuple(b'proxy-authorization', b'test'),
HeaderTuple(b'Proxy-Authorization', b'test'),
HeaderTuple(b'proxy-authorization', b'really long test'),
NeverIndexedHeaderTuple(b'proxy-authorization', b'test'),
NeverIndexedHeaderTuple(b'Proxy-Authorization', b'test'),
NeverIndexedHeaderTuple(b'proxy-authorization', b'really long test'),
]
secured_cookie_headers = [(u':path', u'/'),
(u':scheme', u'https'),
(u':method', u'GET'),
]
bytes_example_request_headers = [
(b':authority', b'example.com'),
(b':path', b'/'),
(b':scheme', b'https'),
(b':method', b'GET'),
]
possible_auth_headers = [
(u'authorization', u'test'),
(u'Authorization', u'test'),
(u'authorization', u'really long test'),
HeaderTuple(u'authorization', u'test'),
HeaderTuple(u'Authorization', u'test'),
HeaderTuple(u'authorization', u'really long test'),
NeverIndexedHeaderTuple(u'authorization', u'test'),
NeverIndexedHeaderTuple(u'Authorization', u'test'),
NeverIndexedHeaderTuple(u'authorization', u'really long test'),
(b'authorization', b'test'),
(b'Authorization', b'test'),
(b'authorization', b'really long test'),
HeaderTuple(b'authorization', b'test'),
HeaderTuple(b'Authorization', b'test'),
HeaderTuple(b'authorization', b'really long test'),
NeverIndexedHeaderTuple(b'authorization', b'test'),
NeverIndexedHeaderTuple(b'Authorization', b'test'),
NeverIndexedHeaderTuple(b'authorization', b'really long test'),
(u'proxy-authorization', u'test'),
(u'Proxy-Authorization', u'test'),
(u'proxy-authorization', u'really long test'),NeverIndexedHeaderTuple(b'Authorization', b'test'),
NeverIndexedHeaderTuple(b'authorization', b'really long test'),
(u'proxy-authorization', u'test'),
(u'Proxy-Authorization', u'test'),
(u'proxy-authorization', u'really long test'),
HeaderTuple(u'proxy-authorization', u'test'),
HeaderTuple(u'Proxy-Authorization', u'test'),
HeaderTuple(u'proxy-authorization', u'really long test'),
NeverIndexedHeaderTuple(u'proxy-authorization', u'test'),
NeverIndexedHeaderTuple(u'Proxy-Authorization', u'test'),
NeverIndexedHeaderTuple(u'proxy-authorization', u'really long test'),
(b'proxy-authorization', b'test'),
(b'Proxy-Authorization', b'test'),
(b'proxy-authorization', b'really long test'),
HeaderTuple(b'proxy-authorization', b'test'),
HeaderTuple(b'Proxy-Authorization', b'test'),
HeaderTuple(b'proxy-authorization', b'really long test'),
NeverIndexedHeaderTuple(b'proxy-authorization', b'test'),
NeverIndexedHeaderTuple(b'Proxy-Authorization', b'test'),
NeverIndexedHeaderTuple(b'proxy-authorization', b'really long test'),
]
secured_cookie_headers = [
(u'cookie', u'short'),
(u'Cookie', u'short'),
(u'cookie', u'nineteen byte cooki'),
HeaderTuple(u'cookie', u'short'),
HeaderTuple(u'Cookie', u'short'),
HeaderTuple(u'cookie', u'nineteen byte cooki'),
NeverIndexedHeaderTuple(u'cookie', u'short'),
NeverIndexedHeaderTuple(u'Cookie', u'short'),
NeverIndexedHeaderTuple(u'cookie', u'nineteen byte cooki'),
NeverIndexedHeaderTuple(u'cookie', u'longer manually secured cookie'),of their tuples. Doesn't return anything.
"""
assert len(block_a) == len(block_b)
for a, b in zip(block_a, block_b):
assert a == b
assert a.__class__ is b.__class__
class TestHeaderIndexing(object):
"""
Test that Hyper-h2 can correctly handle never indexed header fields using
the appropriate hpack data structures.
"""
example_request_headers = [
HeaderTuple(u':authority', u'example.com'),
HeaderTuple(u':path', u'/'),
HeaderTuple(u':scheme', u'https'),
HeaderTuple(u':method', u'GET'),
]
bytes_example_request_headers = [
HeaderTuple(b':authority', b'example.com'),
HeaderTuple(b':path', b'/'),
HeaderTuple(b':scheme', b'https'),
HeaderTuple(b':method', b'GET'),
]
extended_request_headers = [
HeaderTuple(u':authority', u'example.com'),
HeaderTuple(u':path', u'/'),
HeaderTuple(u':scheme', u'https'),
HeaderTuple(u':method', u'GET'),example_response_headers = [
HeaderTuple(u':status', u'200'),
HeaderTuple(u'server', u'fake-serv/0.1.0')
]
bytes_example_response_headers = [
HeaderTuple(b':status', b'200'),
HeaderTuple(b'server', b'fake-serv/0.1.0')
]
extended_response_headers = [
HeaderTuple(u':status', u'200'),
HeaderTuple(u'server', u'fake-serv/0.1.0'),
NeverIndexedHeaderTuple(u'secure', u'you-bet'),
]
bytes_extended_response_headers = [
HeaderTuple(b':status', b'200'),
HeaderTuple(b'server', b'fake-serv/0.1.0'),
NeverIndexedHeaderTuple(b'secure', b'you-bet'),
]
server_config = h2.config.H2Configuration(client_side=False)
@pytest.mark.parametrize(
'headers', (
example_request_headers,
bytes_example_request_headers,
extended_request_headers,
bytes_extended_request_headers,
)
)
def test_sending_header_tuples(self, headers, frame_factory):
"""class TestHeaderIndexing(object):
"""
Test that Hyper-h2 can correctly handle never indexed header fields using
the appropriate hpack data structures.
"""
example_request_headers = [
HeaderTuple(u':authority', u'example.com'),
HeaderTuple(u':path', u'/'),
HeaderTuple(u':scheme', u'https'),
HeaderTuple(u':method', u'GET'),
]
bytes_example_request_headers = [
HeaderTuple(b':authority', b'example.com'),
HeaderTuple(b':path', b'/'),
HeaderTuple(b':scheme', b'https'),
HeaderTuple(b':method', b'GET'),
]
extended_request_headers = [
HeaderTuple(u':authority', u'example.com'),
HeaderTuple(u':path', u'/'),
HeaderTuple(u':scheme', u'https'),
HeaderTuple(u':method', u'GET'),
NeverIndexedHeaderTuple(u'authorization', u'realpassword'),
]
bytes_extended_request_headers = [
HeaderTuple(b':authority', b'example.com'),
HeaderTuple(b':path', b'/'),
HeaderTuple(b':scheme', b'https'),
HeaderTuple(b':method', b'GET'),class TestHeaderIndexing(object):
"""
Test that Hyper-h2 can correctly handle never indexed header fields using
the appropriate hpack data structures.
"""
example_request_headers = [
HeaderTuple(u':authority', u'example.com'),
HeaderTuple(u':path', u'/'),
HeaderTuple(u':scheme', u'https'),
HeaderTuple(u':method', u'GET'),
]
bytes_example_request_headers = [
HeaderTuple(b':authority', b'example.com'),
HeaderTuple(b':path', b'/'),
HeaderTuple(b':scheme', b'https'),
HeaderTuple(b':method', b'GET'),
]
extended_request_headers = [
HeaderTuple(u':authority', u'example.com'),
HeaderTuple(u':path', u'/'),
HeaderTuple(u':scheme', u'https'),
HeaderTuple(u':method', u'GET'),
NeverIndexedHeaderTuple(u'authorization', u'realpassword'),
]
bytes_extended_request_headers = [
HeaderTuple(b':authority', b'example.com'),
HeaderTuple(b':path', b'/'),
HeaderTuple(b':scheme', b'https'),
HeaderTuple(b':method', b'GET'),
NeverIndexedHeaderTuple(b'authorization', b'realpassword'),
]never-indexed fields to ensure they don't get added to header compression
contexts.
This function currently implements two rules:
- 'authorization' and 'proxy-authorization' fields are automatically made
never-indexed.
- Any 'cookie' header field shorter than 20 bytes long is made
never-indexed.
These fields are the most at-risk. These rules are inspired by Firefox
and nghttp2.
"""
for header in headers:
if header[0] in _SECURE_HEADERS:
yield NeverIndexedHeaderTuple(*header)
elif header[0] in (b'cookie', u'cookie') and len(header[1]) < 20:
yield NeverIndexedHeaderTuple(*header)
else:
yield header
