Make METHRE RFC-7230 compliant

Definition of method is: ``` method = token tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA token = 1*tchar ``` So he had two issues: 1. Not all the characters were allowed. 2. Actually, we did allowed too much characters since `$-_` parsed as: "all characters in range between code 36 ($) and code 95 (_)" instead of "characters with codes 36, 45 and 95". So we did match methods like `[GET]` which are malformed according the spec.
aio-libs · Sep 2, 2018 · 881a7a0 · 881a7a0
1 parent 8aced36
commit 881a7a0
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/aiohttp/http_parser.py b/aiohttp/http_parser.py
@@ -29,7 +29,7 @@
     'RawRequestMessage', 'RawResponseMessage')
 
 ASCIISET = set(string.printable)
-METHRE = re.compile('[A-Z0-9$-_.]+')
+METHRE = re.compile("[!#$%&'*+\-.^_`|~0-9A-Za-z]+")
 VERSRE = re.compile(r'HTTP/(\d+).(\d+)')
 HDRRE = re.compile(rb'[\x00-\x1F\x7F()<>@,;:\[\]={} \t\\\\\"]')
 

diff --git a/tests/test_http_parser.py b/tests/test_http_parser.py
@@ -82,7 +82,7 @@ def test_parse_headers(parser):
     msg = messages[0][0]
 
     assert list(msg.headers.items()) == [('test', 'line continue'),
-                                         ('test2', 'data')]
+                                        ('test2', 'data')]
     assert msg.raw_headers == ((b'test', b'line continue'),
                                (b'test2', b'data'))
     assert not msg.should_close
@@ -540,7 +540,7 @@ def test_http_request_parser_two_slashes(parser):
 
 def test_http_request_parser_bad_method(parser):
     with pytest.raises(http_exceptions.BadStatusLine):
-        parser.feed_data(b'!12%()+=~$ /get HTTP/1.1\r\n\r\n')
+        parser.feed_data(b'=":<G>(e),[T];?" /get HTTP/1.1\r\n\r\n')
 
 
 def test_http_request_parser_bad_version(parser):