corazawaf · anuraaga · Nov 21, 2023 · Nov 20, 2023 · Nov 20, 2023 · Nov 20, 2023
@@ -108,7 +108,22 @@
 	return i.w.Header()
 }
 
-var _ http.ResponseWriter = (*rwInterceptor)(nil)
+func (i *rwInterceptor) ReadFrom(r io.Reader) (n int64, err error) {
+	return io.Copy(i, r)
+}
+
+func (i *rwInterceptor) Flush() {
+	// coraza middleware always needs to buffer the entire request, response cycle
+	// we can not flush early
+}
+
+type responseWriter interface {
+	http.ResponseWriter
+	io.ReaderFrom
+	http.Flusher
+}
+
+var _ responseWriter = (*rwInterceptor)(nil)
 
 // wrap wraps the interceptor into a response writer that also preserves
 // the http interfaces implemented by the original response writer to avoid
@@ -168,110 +183,32 @@
 	var (
 		hijacker, isHijacker = i.w.(http.Hijacker)
 		pusher, isPusher     = i.w.(http.Pusher)
-		flusher, isFlusher   = i.w.(http.Flusher)
-		reader, isReader     = i.w.(io.ReaderFrom)
 	)
 
 	switch {
-	case !isHijacker && !isPusher && !isFlusher && !isReader:
+	case !isHijacker && !isPusher:
 		return struct {
-			http.ResponseWriter
+			responseWriter
 		}{i}, responseProcessor
-	case !isHijacker && !isPusher && !isFlusher && isReader:
-		return struct {
-			http.ResponseWriter
-			io.ReaderFrom
-		}{i, reader}, responseProcessor
-	case !isHijacker && !isPusher && isFlusher && !isReader:
-		return struct {
-			http.ResponseWriter
-			http.Flusher
-		}{i, flusher}, responseProcessor
-	case !isHijacker && !isPusher && isFlusher && isReader:
+	case !isHijacker && isPusher:
 		return struct {
-			http.ResponseWriter
-			http.Flusher
-			io.ReaderFrom
-		}{i, flusher, reader}, responseProcessor
-	case !isHijacker && isPusher && !isFlusher && !isReader:
-		return struct {
-			http.ResponseWriter
+			responseWriter
 			http.Pusher
 		}{i, pusher}, responseProcessor
-	case !isHijacker && isPusher && !isFlusher && isReader:
-		return struct {
-			http.ResponseWriter
-			http.Pusher
-			io.ReaderFrom
-		}{i, pusher, reader}, responseProcessor
-	case !isHijacker && isPusher && isFlusher && !isReader:
-		return struct {
-			http.ResponseWriter
-			http.Pusher
-			http.Flusher
-		}{i, pusher, flusher}, responseProcessor
-	case !isHijacker && isPusher && isFlusher && isReader:
-		return struct {
-			http.ResponseWriter
-			http.Pusher
-			http.Flusher
-			io.ReaderFrom
-		}{i, pusher, flusher, reader}, responseProcessor
-	case isHijacker && !isPusher && !isFlusher && !isReader:
+	case isHijacker && !isPusher:
 		return struct {
-			http.ResponseWriter
+			responseWriter
 			http.Hijacker
 		}{i, hijacker}, responseProcessor
-	case isHijacker && !isPusher && !isFlusher && isReader:
+	case isHijacker && isPusher:
 		return struct {
-			http.ResponseWriter
-			http.Hijacker
-			io.ReaderFrom
-		}{i, hijacker, reader}, responseProcessor
-	case isHijacker && !isPusher && isFlusher && !isReader:
-		return struct {
-			http.ResponseWriter
-			http.Hijacker
-			http.Flusher
-		}{i, hijacker, flusher}, responseProcessor
-	case isHijacker && !isPusher && isFlusher && isReader:
-		return struct {
-			http.ResponseWriter
-			http.Hijacker
-			http.Flusher
-			io.ReaderFrom
-		}{i, hijacker, flusher, reader}, responseProcessor
-	case isHijacker && isPusher && !isFlusher && !isReader:
-		return struct {
-			http.ResponseWriter
+			responseWriter
 			http.Hijacker
 			http.Pusher
 		}{i, hijacker, pusher}, responseProcessor
-	case isHijacker && isPusher && !isFlusher && isReader:
-		return struct {
-			http.ResponseWriter
-			http.Hijacker
-			http.Pusher
-			io.ReaderFrom
-		}{i, hijacker, pusher, reader}, responseProcessor
-	case isHijacker && isPusher && isFlusher && !isReader:
-		return struct {
-			http.ResponseWriter
-			http.Hijacker
-			http.Pusher
-			http.Flusher
-		}{i, hijacker, pusher, flusher}, responseProcessor
-	case isHijacker && isPusher && isFlusher && isReader:
-		return struct {
-			http.ResponseWriter
-			http.Hijacker
-			http.Pusher
-			http.Flusher
-			io.ReaderFrom
-		}{i, hijacker, pusher, flusher, reader}, responseProcessor
 	default:
 		return struct {
-			http.ResponseWriter
+			responseWriter
 		}{i}, responseProcessor
 	}
 }
@@ -8,6 +8,8 @@
 package http
 
 import (
+	"bytes"
+	"io"
 	"net/http"
 	"net/http/httptest"
 	"testing"
@@ -44,3 +46,206 @@ func TestWriteHeader(t *testing.T) {
 		t.Errorf("unexpected status code, want %d, have %d", want, have)
 	}
 }
+
+func TestWrite(t *testing.T) {
+	waf, err := coraza.NewWAF(coraza.NewWAFConfig())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tx := waf.NewTransaction()
+	req, _ := http.NewRequest("GET", "", nil)
+	res := httptest.NewRecorder()
+
+	rw, responseProcessor := wrap(res, req, tx)
+	_, err = rw.Write([]byte("hello"))
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	_, err = rw.Write([]byte("world"))
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	err = responseProcessor(tx, req)
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	if want, have := 200, res.Code; want != have {
+		t.Errorf("unexpected status code, want %d, have %d", want, have)
+	}
+}
+
+func TestWriteWithWriteHeader(t *testing.T) {
+	waf, err := coraza.NewWAF(coraza.NewWAFConfig())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tx := waf.NewTransaction()
+	req, _ := http.NewRequest("GET", "", nil)
+	res := httptest.NewRecorder()
+
+	rw, responseProcessor := wrap(res, req, tx)
+	rw.WriteHeader(204)
+	// although we called WriteHeader, status code should be applied until
+	// responseProcessor is called.
+	if unwanted, have := 204, res.Code; unwanted == have {
+		t.Errorf("unexpected status code %d", have)
+	}
+
+	_, err = rw.Write([]byte("hello"))
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	_, err = rw.Write([]byte("world"))
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	err = responseProcessor(tx, req)
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	if want, have := 204, res.Code; want != have {
+		t.Errorf("unexpected status code, want %d, have %d", want, have)
+	}
+}
+
+func TestFlush(t *testing.T) {
+	waf, err := coraza.NewWAF(coraza.NewWAFConfig())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tx := waf.NewTransaction()
+	req, _ := http.NewRequest("GET", "", nil)
+	res := httptest.NewRecorder()
+	rw, responseProcessor := wrap(res, req, tx)
+	rw.WriteHeader(204)
+	rw.(http.Flusher).Flush()
+	// although we called WriteHeader, status code should be applied until
+	// responseProcessor is called.
+	if unwanted, have := 204, res.Code; unwanted == have {
+		t.Errorf("unexpected status code %d", have)
+	}
+
+	err = responseProcessor(tx, req)
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	if want, have := 204, res.Code; want != have {
+		t.Errorf("unexpected status code, want %d, have %d", want, have)
+	}
+}
+
+type testReaderFrom struct {
+	io.Writer
+}
+
+func (x *testReaderFrom) ReadFrom(r io.Reader) (n int64, err error) {
+	return io.Copy(x, r)
+}
+
+func TestReadFrom(t *testing.T) {
+	waf, err := coraza.NewWAF(coraza.NewWAFConfig())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tx := waf.NewTransaction()
+	req, _ := http.NewRequest("GET", "", nil)
+	res := httptest.NewRecorder()
+
+	type responseWriter interface {
+		http.ResponseWriter
+		http.Flusher
+	}
+
+	resWithReaderFrom := struct {
+		responseWriter
+		io.ReaderFrom
+	}{
+		res,
+		&testReaderFrom{res},
+	}
+
+	rw, responseProcessor := wrap(resWithReaderFrom, req, tx)
+	rw.WriteHeader(204)
+	// although we called WriteHeader, status code should be applied until
+	// responseProcessor is called.
+	if unwanted, have := 204, res.Code; unwanted == have {
+		t.Errorf("unexpected status code %d", have)
+	}
+
+	_, err = rw.(io.ReaderFrom).ReadFrom(bytes.NewBuffer([]byte("hello world")))
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	err = responseProcessor(tx, req)
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	if want, have := 204, res.Code; want != have {
+		t.Errorf("unexpected status code, want %d, have %d", want, have)
+	}
+}
+
+type testPusher struct{}
+
+func (x *testPusher) Push(target string, opts *http.PushOptions) error {
+	return nil
+}
+
+func TestPusher(t *testing.T) {
+	waf, err := coraza.NewWAF(coraza.NewWAFConfig())
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	tx := waf.NewTransaction()
+	req, _ := http.NewRequest("GET", "", nil)
+	res := httptest.NewRecorder()
+
+	type responseWriter interface {
+		http.ResponseWriter
+		http.Flusher
+	}
+
+	resWithPush := struct {
+		responseWriter
+		http.Pusher
+	}{
+		res,
+		&testPusher{},
+	}
+
+	rw, responseProcessor := wrap(resWithPush, req, tx)
+	rw.WriteHeader(204)
+	err = rw.(http.Pusher).Push("http://example.com", nil)
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	// although we called WriteHeader, status code should be applied until
+	// responseProcessor is called.
+	if unwanted, have := 204, res.Code; unwanted == have {
+		t.Errorf("unexpected status code %d", have)
+	}
+
+	err = responseProcessor(tx, req)
+	if err != nil {
+		t.Errorf("unexpected error: %v", err)
+	}
+
+	if want, have := 204, res.Code; want != have {
+		t.Errorf("unexpected status code, want %d, have %d", want, have)
+	}
+}