# Copyright 2016 The Chromium Authors # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. # Fuzzer dictionary targetting HTTP/1.x responses. # Entries that are generally useful in headers ":" "\x0A" "\x0D" "0" "50" "500" # Horizontal whitespace. Matters mostly in status line. " " "\x09" # Header continuation "\x0D\x0A\x09" # Used in a lot of individual headers ";" "=" "," "\"" "-" # Status line components "HTTP" "/1.1" "/1.0" # More interesting status codes. Leading space so can be inserted into # other status lines. " 100" " 200" " 206" " 301" " 302" " 303" " 304" " 307" " 308" " 401" " 403" " 404" " 500" " 501" " 403" # Full status lines (Some with relevant following headers) "HTTP/1.1 200 OK\x0A\x0A" "HTTP/1.1 100 Continue\x0A\x0A" "HTTP/1.1 401 Unauthorized\x0AWWW-Authenticate: Basic realm=\"Middle-Earth\"\x0A\xA0" "HTTP/1.1 407 Proxy Authentication Required\x0AProxy-Authenticate: Digest realm=\"Middle-Earth\", nonce=\"aaaaaaaaaa\"\x0A\x0A" "HTTP/1.0 301 Moved Permanently\x0ALocation: /a\x0A\x0A" "HTTP/1.1 302 Found\x0ALocation: http://lost/\x0A\x0A" # Proxy authentication headers. Note that fuzzers don't support NTLM or # negotiate. "WWW-Authenticate:" "Proxy-Authenticate:" "Basic" "Digest" "realm" "nonce" "Connection:" "Proxy-Connection:" "Keep-Alive" "Close" "Upgrade" "\x0AConnection: Keep-Alive" "\x0AConnection: Close" "\x0AProxy-Connection: Keep-Alive" "\x0AProxy-Connection: Close" "Content-Length:" "Transfer-Encoding:" "chunked" "\x0AContent-Length: 0" "\x0AContent-Length: 500" "\x0ATransfer-Encoding: chunked\x0A\x0A5\x0A12345\x0A0\x0A\x0A" "Location:" "\x0ALocation: http://foo/" "\x0ALocation: http://bar/" "\x0ALocation: https://foo/" "\x0ALocation: https://bar/" "Accept-Ranges:" "bytes" "\x0AAccept-Ranges: bytes" "Content-Range:" "Age:" "\x0AAge: 0" "\x0AAge: 3153600000" "Cache-Control:" "max-age" "no-cache" "no-store" "must-revalidate" "\x0ACache-Control: max-age=3153600000" "\x0ACache-Control: max-age=0" "\x0ACache-Control: no-cache" "\x0ACache-Control: no-store" "\x0ACache-Control: must-revalidate" "Content-Disposition:" "attachment" "filename" "Content-Encoding:" "gzip" "deflate" "sdch" "br" "\x0AContent-Encoding: gzip" "\x0AContent-Encoding: deflate" "\x0AContent-Encoding: sdch" "\x0AContent-Encoding: br" "Date:" "Fri, 01 Apr, 2050 14:14:14 GMT" "Mon, 28 Mar, 2016 04:04:04 GMT" "\x0ADate: Fri, 01 Apr, 2050 14:14:14 GMT" "\x0ADate: Mon, 28 Mar, 2016 04:04:04 GMT" "Last-Modified:" "\x0ALast-Modified: Fri, 01 Apr, 2050 14:14:14 GMT" "\x0ALast-Modified: Mon, 28 Mar, 2016 04:04:04 GMT" "Expires:" "\x0AExpires: Fri, 01 Apr, 2050 14:14:14 GMT" "\x0AExpires: Mon, 28 Mar, 2016 04:04:04 GMT" "Set-Cookie:" "Expires" "Max-Age" "Domain" "Path" "Secure" "HttpOnly" "Priority" "Low" "Medium" "High" "SameSite" "Strict" "Lax" "\x0ASet-Cookie: foo=bar" "\x0ASet-Cookie: foo2=bar2;HttpOnly;Priority=Low;SameSite=Strict;Path=/" "\x0ASet-Cookie: foo=chicken;SameSite=Lax" "Strict-Transport-Security:" "includeSubDomains" "Vary:" "\x0AVary: Cookie" "\x0AVary: Age" "ETag:" "\x0AETag: jumboshrimp" # This part has been generated with testing/libfuzzer/dictionary_generator.py # using net_http_stream_parser_fuzzer binary and RFC 2616. "all" "code" "maximum" "Transfer-Encoding" "D.," "results" "follow" "(LZW)." "provided." "(which" "ISDN" "\"TE\"" "LF>" "FORCE" "calculate" "\"IETF" "UNIX," "ARPA" "\"OPTIONAL\"" "environment" "ENGINEERING" "program" "USENET" "TEXT" "Not" "Nov" "include" "resources" "(STD" "labels" "string" "returning" "HTTP/1.1;" "SP," "SP." "entries" "HTTP/1.1," "HTTP/1.1." "difference" "(URI):" "did" "[CRLF]" "EXPRESS" "list" "HTTP/1.0\"," "(RFC" "large" "ONLY" "Tag" "(LWS" "(URL)\"," "\"A\"..\"Z\">" "unexpected" "GET)" "direct" "Failed" "second" "Version" "\"A\"" "allowed." "GET," "tag." "implemented" "\"HTTP/1.0\"" "errors" "ISO-8859-4," "appear" "incompatible" "section" "CPU" "current" "waiting" "version" "above" "TTL" "new" "CRLF)" "public" "FTP" "NNTP." "WWW-" "never" "equals" "\"HTTP/1.1" "reported" "objects" "address" "active" "\"HEAD\"" "[" "\"POST\"" "HTTP." "change" "MA" "\"AS" "last-modified" "BACK)" "NOT" "NNTP" "named" "useful" "secure" "case." "detected." "\"HTTP\"" "private" "CERN/3.0" "CTE" "(CTE)" "Too" "CTL" "PUT," "user-agent" "PUT)" "POST" "select" "use" "TASK" "from" "exception." "working" "to" "positive" "two" "URI;" "properties" "few" "--THIS_STRING_SEPARATES" "POST," "call" "memory" "MUST," "scope" "type" "authorization" "more" "ISO-8859-9," "(GMT)," "(TE)" "name." "LF," "RFC-850" "warn" "bytes," "Found" "cases" "MHTML" "name:" "must" "Content" "ALL" "MHTML," "RIGHTS" "this" "NTP" "work" "--THIS_STRING_SEPARATES--" "Syntax" "can" "of" "following" "\"I" "closing" "root" "example" "requested," "J.," "type." "reserved" "stream" "process" "attribute" "allowed" "high" "currency" "numbers" "want" "type:" "native" "LF" "class," "end" "Missing" "HTTP-" "HTTP," "links" "1" "line." "2*N" "H." "1XX" "WARRANTIES," "HTTP:" "A" "badly" "HEAD" "may" "insecure" "after" "containing" "tracking" "wrong" "[SP" "ANSI," "date" "such" "data" "parallel" "repeat" "a" "FTP," "All" "short" "Y." "UA" "(2**N)," "element" "so" "cases." "File" "(LWS)" "\"DEFLATE" "order" "charset" "\"SHOULD" "don't" "MIC" "move" "vary" "satisfied" "CD-ROM," "HTTP-WG." "LINK," "pointer" "its" "digest" "before" "HTML" "(OK)" "Rules" "MAY," "fix" "ISO-3166" "actually" "407" "(GNU" "\"HTTP/1.1\"," "P.," "401" "MERCHANTABILITY" "DNS." "into" "\"HTTP" "it." "it," "return" "URL" "URI" "number" "Bad" "not" "However," "SSL" "name" "always" "expectation." "--" "ISO-639" "]URI," "found" "trailer" "mean" "breakdown" "From" "UTC" "(via" "(URI)" "UNLINK" "expect" "exceeded" "(MIC)" "event" "out" "is:" "E." "space" "\"MUST/MAY/SHOULD\"" "REQUIRED" "ALPHA" "HTTP/2.4" "4DIGIT" "increase" "L." "time." "PATCH," "supports" "2DIGIT" "K.," "(A," "This" "free" "\"B\"" "RFC" "base" "IMPLIED," "byte" "received." "generate" "text/plain" "ISO-8859-7," "\"HTTP/1.1\"" "Partial" "could" "transition" "DISCLAIMS" "times" "filter" "HTML\"," "length" "HEAD." "HEAD," "S.," "first" "origin" "\"E\"" "already" "UPALPHA" "3DIGIT" "Cache" "Please" "token." "one" "CHAR" "ISI" "another" "FITNESS" "message" "CSS1," "open" "size" "doesn't" "\"" "script" "unknown" "top" "header)" "system" "construct" "image/gif" "2" "ignored." "listed" "Date" "LOALPHA" "scheme" "store" "too" "M." "Success" "that" "completed" "OPTIONAL;" "R" "pragma" "(IANA" "WAIS" "F.," "than" "K." "target" "Content-Type:" "require" "Only" "HTTP/2.13," "headers" "See" "GMT." "HTTP/2.0," "were" "1)" "IS\"" "1*8ALPHA" "are" "and" "IRC/6.9," "false" "turned" "ANSI" "B" "(IANA)" "tables" "have" "MIME," "need" "HTTP/1.1.)" "null" "any" "contents" "data)" "(LZ77)" "(MIME" "mechanism" "internal" "(C)" "take" "which" "With" "UCI" "HTTP/0.9," "content-" "200" "begin" "multiple" "TCP/IP" "Content-Disposition" "206" "buffer" "object" "\"MUST\"," "regular" "entry" "The" "]" "model" "D." "US-ASCII" "L.," "(URL)" "If" "+" "\"MIME" "Note:" "particularly" "WA" "text" "supported" "\"C\"" "Unrecognized" "CRLF." "CRLF," "SP" "find" "MUST" "true," "cache." "upgrade" "cache)" "implementation" "(" "[RFC" "cache" "outside" "should" "failed" "only" "URL)." "LDAP)" "USA" "WARRANTIES" "(UA)" "get" "there" "HEREIN" "\"HTTP\"." "cannot" "shared" "THE" "BNF" "DIGIT," "closure" "PUT" "reading" "resource" "A.," "W." "16" "ISO-8859." "calling" "J." "INCLUDING" "common" "INTERNET" "release" "ISI/RR-98-463," "\"CONNECT\"" "where" "set" "IANA" "For" "\"F\"" "configured" "C" "this," "multipart" "close" "E.," "end." "detect" "GET" "WWW\"," "1*DIGIT" "BUT" "MIT" "3" "unable" "between" "probably" "boundary" "0)" "\"SHALL" "\"RECOMMENDED\"," "available" "we" "FOR" "missing" "importance" "fetchpriority" "screen" "connection." "PARTICULAR" "UNIX" "STD" "ISO-8859-1" "key" "(MIME)" "P." "\"HTTP/1.1\"." "HTTP/1.0)," "AND" "received" "WWW" "TRACE" "\"MAY\"," "many" "*TEXT" "Unsupported" "using:" "connection" "Unicode" "*OCTET" "exceeds" "(URN)" "safely" "ANY" "can't" "WARRANTY" "ISO-8859-8," "Content-Length" "consume" "simple" "header" "DNS)" "colon" "\"GET\"" "spans" "1*HEX" "table" "allocated" "BCP" "application/pdf" "LWS:" "save" "\"REQUIRED\"," "Wed," "C." "C," "encryption" "create" "(MHTML)\"," "been" "." "HTTP/12.3." "\"PUT\"" "context." "LWS," "basic" "expected" "prototype" "GMT," "empty" "define" "PNG,\"" "\"D\"" "with" "CA" "HEX" "N" "0*3DIGIT" "\"W/\"" "CR" "\"DELETE\"" "unnecessarily" "case" "exception" "(A" "(HTTP)" "value" "INFRINGE" "while" "\"GZIP" "\"SHALL\"," "error" "\"GMT\"" "(LWS)." "resident" "is" "thus" "it" "encountered" "parse" "MIME" "in" "SIGCOMM" "You" "if" "result" "binary" "different" "\"A" ")" "CREATE" "expired" "1DIGIT" "same" "OPTIONS" "transfer-encoding" "BNF," "unrecognized" "units" "UST" "status" "\"%" "used" "http" "context" "I" "IP" "(O)." "allocation" "running" "*LWS" "user" "SMTP" "\"SHOULD\"," "stack" "task" "CR." "failing" "IETF" "M.," "Names" "In" "position" "the" "audio" "left" "US-ASCII." "MAY" "THAT" "being" "(OK)." "actions" "invalid" "HTTP/1.0)" "CRC." "previous" "adding" "TO" "" "INFORMATION" "X3.4-1986," "by" "ALPHA," "Location" "on" "DIGIT" "actual" "extension" "tracing" "R.," "\"UTF-8," "*" "called" "delete" "DELETE," "storing" "USE" "image/jpeg" "defined" "LWS" "URL." "unsafe" "an" "To" "as" "warning" "exist" "at" "file" "NOT\"" "NOT," "W3C/MIT" "ISO-8859-1:1987." "SHTTP/1.3," "no" "when" "A," "virtual" "A." "details." "application" "valid" "OPTIONAL" "\"TRACE\"" "test" "MD5" "you" "TE" "ISO-8859-3," "requested" "elements" "C)" "symbol" "T." "code)" "variable" "SOCIETY" "\"MUST" "TCP" "ISO-10646\"," "NOT\"," "R." "audio/basic" "IANA." "\"WAIS" "persistent" "Its" "As" "time" "failures" "\"ISO-8859-1\"" "once"