Test behavior when body is chunked (envoyproxy#7)

go.mod

@@ -6,7 +6,7 @@ require (
 	github.com/corazawaf/coraza/v3 v3.0.0-20220818013656-f749c07295aa
 	github.com/magefile/mage v1.13.0
 	github.com/stretchr/testify v1.7.1
-	github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220825081430-0fa40edeb849
+	github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220829035735-38b446650d06
 	github.com/tidwall/gjson v1.14.2
 )
 

go.sum

@@ -25,8 +25,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.7.1 h1:5TQK59W5E3v0r2duFAb7P95B6hEeOyEnHRa8MjYSMTY=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220825081430-0fa40edeb849 h1:DzsvWwG6QyWMUtWpMx4syg5bHypq8hhAUdxQAF04G68=
-github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220825081430-0fa40edeb849/go.mod h1:5t/pWFNJ9eMyu/K/Z+OeGhDJ9sN9eCo8fc2pyM/Qjg4=
+github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220829035735-38b446650d06 h1:3R/erLLx9N1RTGNdHxGAEDQWduxO5SgwRRjCBK0f1/A=
+github.com/tetratelabs/proxy-wasm-go-sdk v0.19.1-0.20220829035735-38b446650d06/go.mod h1:5t/pWFNJ9eMyu/K/Z+OeGhDJ9sN9eCo8fc2pyM/Qjg4=
 github.com/tetratelabs/wazero v0.0.0-20220819021810-7f8e629c653f h1:+InPNMTyR4bufxW+MzqigSOXpe9Ph++NOIz/N9wtEYs=
 github.com/tetratelabs/wazero v0.0.0-20220819021810-7f8e629c653f/go.mod h1:CD5smBN5rGZo7UNe8aUiWyYE3bDWED/CQSonog9NSEg=
 github.com/tidwall/gjson v1.14.2 h1:6BBkirS0rAHjumnjHF6qgy5d2YAJ1TLIaFE2lzfOLqo=

main_test.go

@@ -107,9 +107,16 @@ SecRuleEngine On\nSecRequestBodyAccess On\nSecRule REQUEST_BODY \"name=yogi\" \"
 			responded403: false,
 		},
 		{
-			name: "request body denied",
+			name: "request body denied, end of body",
 			rules: `
 SecRuleEngine On\nSecRequestBodyAccess On\nSecRule REQUEST_BODY \"name=pooh\" \"id:101,phase:2,t:lowercase,deny\"
+`,
+			responded403: true,
+		},
+		{
+			name: "request body denied, start of body",
+			rules: `
+SecRuleEngine On\nSecRequestBodyAccess On\nSecRule REQUEST_BODY \"animal=bear\" \"id:101,phase:2,t:lowercase,deny\"
 `,
 			responded403: true,
 		},
@@ -163,9 +170,16 @@ SecRuleEngine On\nSecResponseBodyAccess On\nSecRule RESPONSE_BODY \"@contains po
 			responded403: false,
 		},
 		{
-			name: "response body denied",
+			name: "response body denied, end of body",
 			rules: `
 SecRuleEngine On\nSecResponseBodyAccess On\nSecRule RESPONSE_BODY \"@contains yogi\" \"id:101,phase:4,t:lowercase,deny\"
+`,
+			responded403: true,
+		},
+		{
+			name: "response body denied, start of body",
+			rules: `
+SecRuleEngine On\nSecResponseBodyAccess On\nSecRule RESPONSE_BODY \"@contains hello\" \"id:101,phase:4,t:lowercase,deny\"
 `,
 			responded403: true,
 		},
@@ -195,14 +209,34 @@ SecRuleEngine On\nSecResponseBodyAccess On\nSecRule RESPONSE_BODY \"@contains yo
 				action := host.CallOnRequestHeaders(id, reqHdrs, false)
 				require.Equal(t, types.ActionContinue, action)
 
-				action = host.CallOnRequestBody(id, reqBody, true)
-				require.Equal(t, types.ActionContinue, action)
+				// Stream bodies in chunks of 5
+
+				for i := 0; i < len(reqBody); i += 5 {
+					eos := i+5 >= len(reqBody)
+					var body []byte
+					if eos {
+						body = reqBody[i:]
+					} else {
+						body = reqBody[i : i+5]
+					}
+					action = host.CallOnRequestBody(id, body, eos)
+					require.Equal(t, types.ActionContinue, action)
+				}
 
 				action = host.CallOnResponseHeaders(id, respHdrs, false)
 				require.Equal(t, types.ActionContinue, action)
 
-				action = host.CallOnResponseBody(id, respBody, true)
-				require.Equal(t, types.ActionContinue, action)
+				for i := 0; i < len(respBody); i += 5 {
+					eos := i+5 >= len(respBody)
+					var body []byte
+					if eos {
+						body = respBody[i:]
+					} else {
+						body = respBody[i : i+5]
+					}
+					action = host.CallOnResponseBody(id, body, eos)
+					require.Equal(t, types.ActionContinue, action)
+				}
 
 				// Call OnHttpStreamDone.
 				host.CompleteHttpContext(id)