Fix #790 - Fix exception in securitytxt test when content-type is mis…

…sing (#796)
internetstandards · Nov 7, 2022 · 12426af · 12426af
1 parent 329d9de
commit 12426af
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 4 deletions.
diff --git a/checks/securitytxt.py b/checks/securitytxt.py
@@ -84,11 +84,13 @@ def retrieve_content(request_path) -> Tuple[Optional[int], str, Optional[str], L
 
 
 def _evaluate_response(
-    status: int, content_type: str, domain: str, path: str, content: str, found_host: str
+    status: int, content_type: Optional[str], domain: str, path: str, content: str, found_host: str
 ) -> SecuritytxtRetrieveResult:
     errors = []
-    media_type, params = parse_header(content_type)
-    charset = params.get("charset", "utf-8").lower()
+    media_type, charset = None, None
+    if content_type:
+        media_type, params = parse_header(content_type)
+        charset = params.get("charset", "utf-8").lower()
 
     if not status or status == 404:
         errors.append("Error: security.txt could not be located.")

diff --git a/checks/test/test_securitytxt.py b/checks/test/test_securitytxt.py
@@ -1,5 +1,7 @@
 # Copyright: 2019, NLnet Labs and the Internet.nl contributors
 # SPDX-License-Identifier: Apache-2.0
+from typing import Optional
+
 from checks import scoring
 from checks.securitytxt import (
     SecuritytxtRetrieveResult,
@@ -19,7 +21,7 @@ def test_evaluate_response():
 
     def _evaluate_with_valid_defaults(
         status=200,
-        content_type="text/plain; charset=csutf8",
+        content_type: Optional[str] = "text/plain; charset=csutf8",
         domain="example.com",
         path=SECURITYTXT_EXPECTED_PATH,
         content=sectxt_content,
@@ -58,6 +60,17 @@ def _evaluate_with_valid_defaults(
         errors=["Error: security.txt could not be located (unexpected HTTP response code 500)."],
     )
 
+    result = _evaluate_with_valid_defaults(
+        content_type=None,
+    )
+    assert result == SecuritytxtRetrieveResult(
+        found=True,
+        content=None,
+        url="https://example.com/.well-known/security.txt",
+        found_host="example.nl",
+        errors=["Error: HTTP Content-Type header must be sent."],
+    )
+
     result = _evaluate_with_valid_defaults(
         content_type="; header invalid 💩",
     )