Known Tests (request variations)
======================================================================

These are the Requests that are currently used for probing for
characteristics from a target server.  All of them claim to be HTTP/1.0
compliant unless otherwise indicated.

BASIC_GET

   A simple GET method

BASIC_OPTIONS

   A simple OPTIONS method

UNKNOWN_METHOD

   Try QWERTY as if it was a legal method

UNAUTHORIZED_ACTIVITY

   Try every known semantically legal method, many (most) of which won't be
   allowed by most servers in the most common configurations.

   ('OPTIONS', 'TRACE', 'GET', 'HEAD', 'DELETE', 'PUT', 'POST', 'COPY',
    'MOVE', 'MKCOL', 'PROPFIND', 'PROPPATCH', 'LOCK', 'UNLOCK', 'SEARCH')

NONEXISTANT_OBJECT

   request a URL that won't be found.

MALFORMED_METHOD_LINE

   A legal request method line has the following syntax:

   (nothing)METHOD(space)RELATIVE-URI(space)VERSION(line-sep)

   There are many ways to create malformed variations of the method line:

      - put something where nothing is expected
      - put nothing where something is expected
      - numbers where letters are expected or vice versa
      - really LONG things
      - invalid characters
      - different file system conventions
         - e.g. "/" vs. "\"
      - illegal paths htm"../../../"
      - url encoding (hex, unicode, invalid forms of each)
      - uppercase/lowercase
      - etc.

   Examples from code:

      'GET',
      'GET /',
      'GET / HTTP/999.99',
      'GET / HHTP/1.0',
      'GET / HTP/1.0',
      'GET / HHTP/999.99',
      'GET / hhtp/999.99',
      'GET / http/999.99',
      'GET / HTTP/Q.9',
      'GET / HTTP/9.Q',
      'GET / HTTP/Q.Q',
      'GET / HTTP/1.X',
      'GET / HTTP/1.10',
      'GET / HTTP/1.1.0',
      'GET / HTTP/1.2',
      'GET / HTTP/2.1',
      'GET / HTTP/1,0',
      'GET / HTTP/1.0X',
      'GET / HTTP/',
      'GET/HTTP/1.0' ,
      'GET/ HTTP/1.0' ,
      'GET /HTTP/1.0' ,
      'GET/HTTP /1.0' ,
      'GET/HTTP/1 .0' ,
      'GET/HTTP/1. 0' ,
      'GET/HTTP/1.0 ' ,
      'GET / HTTP /1.0',
      'HEAD /.\\ HTTP/1.0',
      'HEAD /asdfasdfasdfasdfasdf/../ HTTP/1.0',
      'HEAD /asdfasdfasdfasdfasdf/.. HTTP/1.0',
      'HEAD /./././././././././././././././ HTTP/1.0',
      'HEAD /././././././qwerty/.././././././././ HTTP/1.0',
      'HEAD /.. HTTP/1.0',
      'HEAD /../ HTTP/1.0',
      'HEAD /../../../../../ HTTP/1.0',
      'HEAD .. HTTP/1.0',
      'HEAD\t/\tHTTP/1.0',
      'HEAD ///////////// HTTP/1.0',
      'Head / HTTP/1.0',
      '\nHEAD / HTTP/1.0',
      ' \nHEAD / HTTP/1.0',
      ' HEAD / HTTP/1.0',
      'HEAD / HQWERTY/1.0', 
      'HEAD %s HTTP/1.0' % url,
      'HEAD %s' % url,
      'HEAD http:// HTTP/1.0',
      'HEAD http:/ HTTP/1.0',
      'HEAD http: HTTP/1.0',
      'HEAD http HTTP/1.0',
      'HEAD h HTTP/1.0',
      'HEAD HTTP://qwerty.asdfg.com/ HTTP/1.0',
      'GET GET GET',
      'HELLO',
      'GET \0 / HTTP/1.0',
      'GET / \0 HTTP/1.0',
      'GET / HTTP/1.0\0',
      'GET / H',
      ' GET / HTTP/1.0',
      ' '*1000 + 'GET / HTTP/1.0',
      'GET'+' '*1000+'/ HTTP/1.0',
      'GET '+'/'*1000+' HTTP/1.0',
      'GET /'+' '*1000+'HTTP/1.0',
      'GET / '+'H'*1000+'TTP/1.0',
      'GET / '+'HTTP'+'/'*1000+'1.0',
      'GET / '+'HTTP/'+'1'*1000+'.0',
      'GET / '+'HTTP/1'+'.'*1000+'0',
      'GET / '+'HTTP/1.'+'0'*1000,
      'GET / HTTP/1.0' + ' ' * 1000,
      '12345 GET / HTTP/1.0',
      '12345 / HTTP/1.0',
      '\0',#70
      '\0'*1000,
      '\0'+'GET / HTTP/1.0',
      '\0'*1000+'GET / HTTP/1.0',
      '\r\n'*1000+'GET / HTTP/1.0',
      'Get / HTTP/1.0',
      'GET\0/\0HTTP/1.0', 
      'GET . HTTP/1.0',
      'GET index.html HTTP/1.0',
      'GET / HTTP/1.',
      '',
      ' ',
      ' '*1000,
      '/',
      '/' * 1000,
      'GET FTP://asdfasdf HTTP/1.0',
      'GET / HTTP/1.0 X', 
      '%47ET / HTTP/1.0',
      '%47%45%54 / HTTP/1.0',
      'GET %2f HTTP/1.0',
      'GET %2F HTTP/1.0',
      'GET%20/ HTTP/1.0',
      'GET / FTP/1.0',
      'GET \ HTTP/1.0',
      'GET C:\ HTTP/1.0',
      'HTTP/1.0 / GET',
      'ALL YOUR BASE ARE BELONG TO US', 
      'GET "/" HTTP/1.0',
      "GET '/' HTTP/1.0",
      'GET `/` HTTP/1.0', 
      '"GET / HTTP/1.0"',
      '"GET / HTTP/1.0',
      '"GET" / HTTP/1.0',
      '""GET / HTTP/1.0',
      'GEX\bT / HTTP/1.0',

LONG_URL_RANGES
LONG_DEFAULT_RANGES
MANY_HEADER_RANGES
LARGE_HEADER_RANGES

   each of the previous tests vary the length of some feature and find the
   ranges over which certain characteristics are found.

   e.g.

      - the number of "a"s given in a URL
      - number of "/"s used for the root
      - number of headers added to a request
      - the absolute size of data added to a header

UNAVAILABLE_ACCEPT

   Use an invalid value ('qwer/asdf') in an Accept header.

FAKE_CONTENT_LENGTH

   Use the wrong value for "Content-Length" when sending a body to a
   server.
