diff options
| author | rinpatch <rinpatch@sdf.org> | 2020-11-12 12:34:48 +0000 |
|---|---|---|
| committer | rinpatch <rinpatch@sdf.org> | 2020-11-12 12:34:48 +0000 |
| commit | 1172844ed18d94d84724dc6f11c6e9f72e0ba6ec (patch) | |
| tree | 7d48a259e08856ab6db0eba255f20c0c19410463 /test/web/media_proxy | |
| parent | a0f5e8b27edbe2224d9c2c3997ad5b8ea484244b (diff) | |
| parent | b4c6b262d6dc12362f0014a864e8aed6c727c39c (diff) | |
| download | pleroma-2.2.0.tar.gz | |
Merge branch 'release/2.2.0' into 'stable'v2.2.0
Release/2.2.0
See merge request pleroma/secteam/pleroma!19
Diffstat (limited to 'test/web/media_proxy')
| -rw-r--r-- | test/web/media_proxy/invalidation_test.exs | 64 | ||||
| -rw-r--r-- | test/web/media_proxy/invalidations/http_test.exs | 39 | ||||
| -rw-r--r-- | test/web/media_proxy/invalidations/script_test.exs | 26 | ||||
| -rw-r--r-- | test/web/media_proxy/media_proxy_controller_test.exs | 121 | ||||
| -rw-r--r-- | test/web/media_proxy/media_proxy_test.exs | 175 |
5 files changed, 0 insertions, 425 deletions
diff --git a/test/web/media_proxy/invalidation_test.exs b/test/web/media_proxy/invalidation_test.exs deleted file mode 100644 index 926ae74ca..000000000 --- a/test/web/media_proxy/invalidation_test.exs +++ /dev/null @@ -1,64 +0,0 @@ -defmodule Pleroma.Web.MediaProxy.InvalidationTest do - use ExUnit.Case - use Pleroma.Tests.Helpers - - alias Pleroma.Config - alias Pleroma.Web.MediaProxy.Invalidation - - import ExUnit.CaptureLog - import Mock - import Tesla.Mock - - setup do: clear_config([:media_proxy]) - - setup do - on_exit(fn -> Cachex.clear(:banned_urls_cache) end) - end - - describe "Invalidation.Http" do - test "perform request to clear cache" do - Config.put([:media_proxy, :enabled], false) - Config.put([:media_proxy, :invalidation, :enabled], true) - Config.put([:media_proxy, :invalidation, :provider], Invalidation.Http) - - Config.put([Invalidation.Http], method: :purge, headers: [{"x-refresh", 1}]) - image_url = "http://example.com/media/example.jpg" - Pleroma.Web.MediaProxy.put_in_banned_urls(image_url) - - mock(fn - %{ - method: :purge, - url: "http://example.com/media/example.jpg", - headers: [{"x-refresh", 1}] - } -> - %Tesla.Env{status: 200} - end) - - assert capture_log(fn -> - assert Pleroma.Web.MediaProxy.in_banned_urls(image_url) - assert Invalidation.purge([image_url]) == {:ok, [image_url]} - assert Pleroma.Web.MediaProxy.in_banned_urls(image_url) - end) =~ "Running cache purge: [\"#{image_url}\"]" - end - end - - describe "Invalidation.Script" do - test "run script to clear cache" do - Config.put([:media_proxy, :enabled], false) - Config.put([:media_proxy, :invalidation, :enabled], true) - Config.put([:media_proxy, :invalidation, :provider], Invalidation.Script) - Config.put([Invalidation.Script], script_path: "purge-nginx") - - image_url = "http://example.com/media/example.jpg" - Pleroma.Web.MediaProxy.put_in_banned_urls(image_url) - - with_mocks [{System, [], [cmd: fn _, _ -> {"ok", 0} end]}] do - assert capture_log(fn -> - assert Pleroma.Web.MediaProxy.in_banned_urls(image_url) - assert Invalidation.purge([image_url]) == {:ok, [image_url]} - assert Pleroma.Web.MediaProxy.in_banned_urls(image_url) - end) =~ "Running cache purge: [\"#{image_url}\"]" - end - end - end -end diff --git a/test/web/media_proxy/invalidations/http_test.exs b/test/web/media_proxy/invalidations/http_test.exs deleted file mode 100644 index a1bef5237..000000000 --- a/test/web/media_proxy/invalidations/http_test.exs +++ /dev/null @@ -1,39 +0,0 @@ -defmodule Pleroma.Web.MediaProxy.Invalidation.HttpTest do - use ExUnit.Case - alias Pleroma.Web.MediaProxy.Invalidation - - import ExUnit.CaptureLog - import Tesla.Mock - - setup do - on_exit(fn -> Cachex.clear(:banned_urls_cache) end) - end - - test "logs hasn't error message when request is valid" do - mock(fn - %{method: :purge, url: "http://example.com/media/example.jpg"} -> - %Tesla.Env{status: 200} - end) - - refute capture_log(fn -> - assert Invalidation.Http.purge( - ["http://example.com/media/example.jpg"], - [] - ) == {:ok, ["http://example.com/media/example.jpg"]} - end) =~ "Error while cache purge" - end - - test "it write error message in logs when request invalid" do - mock(fn - %{method: :purge, url: "http://example.com/media/example1.jpg"} -> - %Tesla.Env{status: 404} - end) - - assert capture_log(fn -> - assert Invalidation.Http.purge( - ["http://example.com/media/example1.jpg"], - [] - ) == {:ok, ["http://example.com/media/example1.jpg"]} - end) =~ "Error while cache purge: url - http://example.com/media/example1.jpg" - end -end diff --git a/test/web/media_proxy/invalidations/script_test.exs b/test/web/media_proxy/invalidations/script_test.exs deleted file mode 100644 index 51833ab18..000000000 --- a/test/web/media_proxy/invalidations/script_test.exs +++ /dev/null @@ -1,26 +0,0 @@ -defmodule Pleroma.Web.MediaProxy.Invalidation.ScriptTest do - use ExUnit.Case - alias Pleroma.Web.MediaProxy.Invalidation - - import ExUnit.CaptureLog - - setup do - on_exit(fn -> Cachex.clear(:banned_urls_cache) end) - end - - test "it logger error when script not found" do - assert capture_log(fn -> - assert Invalidation.Script.purge( - ["http://example.com/media/example.jpg"], - script_path: "./example" - ) == {:error, "%ErlangError{original: :enoent}"} - end) =~ "Error while cache purge: %ErlangError{original: :enoent}" - - capture_log(fn -> - assert Invalidation.Script.purge( - ["http://example.com/media/example.jpg"], - [] - ) == {:error, "\"not found script path\""} - end) - end -end diff --git a/test/web/media_proxy/media_proxy_controller_test.exs b/test/web/media_proxy/media_proxy_controller_test.exs deleted file mode 100644 index d4db44c63..000000000 --- a/test/web/media_proxy/media_proxy_controller_test.exs +++ /dev/null @@ -1,121 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do - use Pleroma.Web.ConnCase - - import Mock - - alias Pleroma.Web.MediaProxy - alias Pleroma.Web.MediaProxy.MediaProxyController - alias Plug.Conn - - setup do - on_exit(fn -> Cachex.clear(:banned_urls_cache) end) - end - - test "it returns 404 when MediaProxy disabled", %{conn: conn} do - clear_config([:media_proxy, :enabled], false) - - assert %Conn{ - status: 404, - resp_body: "Not Found" - } = get(conn, "/proxy/hhgfh/eeeee") - - assert %Conn{ - status: 404, - resp_body: "Not Found" - } = get(conn, "/proxy/hhgfh/eeee/fff") - end - - describe "" do - setup do - clear_config([:media_proxy, :enabled], true) - clear_config([Pleroma.Web.Endpoint, :secret_key_base], "00000000000") - [url: MediaProxy.encode_url("https://google.fn/test.png")] - end - - test "it returns 403 for invalid signature", %{conn: conn, url: url} do - Pleroma.Config.put([Pleroma.Web.Endpoint, :secret_key_base], "000") - %{path: path} = URI.parse(url) - - assert %Conn{ - status: 403, - resp_body: "Forbidden" - } = get(conn, path) - - assert %Conn{ - status: 403, - resp_body: "Forbidden" - } = get(conn, "/proxy/hhgfh/eeee") - - assert %Conn{ - status: 403, - resp_body: "Forbidden" - } = get(conn, "/proxy/hhgfh/eeee/fff") - end - - test "redirects on valid url when filename is invalidated", %{conn: conn, url: url} do - invalid_url = String.replace(url, "test.png", "test-file.png") - response = get(conn, invalid_url) - assert response.status == 302 - assert redirected_to(response) == url - end - - test "it performs ReverseProxy.call with valid signature", %{conn: conn, url: url} do - with_mock Pleroma.ReverseProxy, - call: fn _conn, _url, _opts -> %Conn{status: :success} end do - assert %Conn{status: :success} = get(conn, url) - end - end - - test "it returns 404 when url is in banned_urls cache", %{conn: conn, url: url} do - MediaProxy.put_in_banned_urls("https://google.fn/test.png") - - with_mock Pleroma.ReverseProxy, - call: fn _conn, _url, _opts -> %Conn{status: :success} end do - assert %Conn{status: 404, resp_body: "Not Found"} = get(conn, url) - end - end - end - - describe "filename_matches/3" do - test "preserves the encoded or decoded path" do - assert MediaProxyController.filename_matches( - %{"filename" => "/Hello world.jpg"}, - "/Hello world.jpg", - "http://pleroma.social/Hello world.jpg" - ) == :ok - - assert MediaProxyController.filename_matches( - %{"filename" => "/Hello%20world.jpg"}, - "/Hello%20world.jpg", - "http://pleroma.social/Hello%20world.jpg" - ) == :ok - - assert MediaProxyController.filename_matches( - %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"}, - "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg", - "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg" - ) == :ok - - assert MediaProxyController.filename_matches( - %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jp"}, - "/my%2Flong%2Furl%2F2019%2F07%2FS.jp", - "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg" - ) == {:wrong_filename, "my%2Flong%2Furl%2F2019%2F07%2FS.jpg"} - end - - test "encoded url are tried to match for proxy as `conn.request_path` encodes the url" do - # conn.request_path will return encoded url - request_path = "/ANALYSE-DAI-_-LE-STABLECOIN-100-D%C3%89CENTRALIS%C3%89-BQ.jpg" - - assert MediaProxyController.filename_matches( - true, - request_path, - "https://mydomain.com/uploads/2019/07/ANALYSE-DAI-_-LE-STABLECOIN-100-DÉCENTRALISÉ-BQ.jpg" - ) == :ok - end - end -end diff --git a/test/web/media_proxy/media_proxy_test.exs b/test/web/media_proxy/media_proxy_test.exs deleted file mode 100644 index 72885cfdd..000000000 --- a/test/web/media_proxy/media_proxy_test.exs +++ /dev/null @@ -1,175 +0,0 @@ -# Pleroma: A lightweight social networking server -# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/> -# SPDX-License-Identifier: AGPL-3.0-only - -defmodule Pleroma.Web.MediaProxyTest do - use ExUnit.Case - use Pleroma.Tests.Helpers - - alias Pleroma.Web.Endpoint - alias Pleroma.Web.MediaProxy - - describe "when enabled" do - setup do: clear_config([:media_proxy, :enabled], true) - - test "ignores invalid url" do - assert MediaProxy.url(nil) == nil - assert MediaProxy.url("") == nil - end - - test "ignores relative url" do - assert MediaProxy.url("/local") == "/local" - assert MediaProxy.url("/") == "/" - end - - test "ignores local url" do - local_url = Endpoint.url() <> "/hello" - local_root = Endpoint.url() - assert MediaProxy.url(local_url) == local_url - assert MediaProxy.url(local_root) == local_root - end - - test "encodes and decodes URL" do - url = "https://pleroma.soykaf.com/static/logo.png" - encoded = MediaProxy.url(url) - - assert String.starts_with?( - encoded, - Pleroma.Config.get([:media_proxy, :base_url], Pleroma.Web.base_url()) - ) - - assert String.ends_with?(encoded, "/logo.png") - - assert decode_result(encoded) == url - end - - test "encodes and decodes URL without a path" do - url = "https://pleroma.soykaf.com" - encoded = MediaProxy.url(url) - assert decode_result(encoded) == url - end - - test "encodes and decodes URL without an extension" do - url = "https://pleroma.soykaf.com/path/" - encoded = MediaProxy.url(url) - assert String.ends_with?(encoded, "/path") - assert decode_result(encoded) == url - end - - test "encodes and decodes URL and ignores query params for the path" do - url = "https://pleroma.soykaf.com/static/logo.png?93939393939&bunny=true" - encoded = MediaProxy.url(url) - assert String.ends_with?(encoded, "/logo.png") - assert decode_result(encoded) == url - end - - test "validates signature" do - encoded = MediaProxy.url("https://pleroma.social") - - clear_config( - [Endpoint, :secret_key_base], - "00000000000000000000000000000000000000000000000" - ) - - [_, "proxy", sig, base64 | _] = URI.parse(encoded).path |> String.split("/") - assert MediaProxy.decode_url(sig, base64) == {:error, :invalid_signature} - end - - test "uses the configured base_url" do - base_url = "https://cache.pleroma.social" - clear_config([:media_proxy, :base_url], base_url) - - url = "https://pleroma.soykaf.com/static/logo.png" - encoded = MediaProxy.url(url) - - assert String.starts_with?(encoded, base_url) - end - - # Some sites expect ASCII encoded characters in the URL to be preserved even if - # unnecessary. - # Issues: https://git.pleroma.social/pleroma/pleroma/issues/580 - # https://git.pleroma.social/pleroma/pleroma/issues/1055 - test "preserve ASCII encoding" do - url = - "https://pleroma.com/%20/%21/%22/%23/%24/%25/%26/%27/%28/%29/%2A/%2B/%2C/%2D/%2E/%2F/%30/%31/%32/%33/%34/%35/%36/%37/%38/%39/%3A/%3B/%3C/%3D/%3E/%3F/%40/%41/%42/%43/%44/%45/%46/%47/%48/%49/%4A/%4B/%4C/%4D/%4E/%4F/%50/%51/%52/%53/%54/%55/%56/%57/%58/%59/%5A/%5B/%5C/%5D/%5E/%5F/%60/%61/%62/%63/%64/%65/%66/%67/%68/%69/%6A/%6B/%6C/%6D/%6E/%6F/%70/%71/%72/%73/%74/%75/%76/%77/%78/%79/%7A/%7B/%7C/%7D/%7E/%7F/%80/%81/%82/%83/%84/%85/%86/%87/%88/%89/%8A/%8B/%8C/%8D/%8E/%8F/%90/%91/%92/%93/%94/%95/%96/%97/%98/%99/%9A/%9B/%9C/%9D/%9E/%9F/%C2%A0/%A1/%A2/%A3/%A4/%A5/%A6/%A7/%A8/%A9/%AA/%AB/%AC/%C2%AD/%AE/%AF/%B0/%B1/%B2/%B3/%B4/%B5/%B6/%B7/%B8/%B9/%BA/%BB/%BC/%BD/%BE/%BF/%C0/%C1/%C2/%C3/%C4/%C5/%C6/%C7/%C8/%C9/%CA/%CB/%CC/%CD/%CE/%CF/%D0/%D1/%D2/%D3/%D4/%D5/%D6/%D7/%D8/%D9/%DA/%DB/%DC/%DD/%DE/%DF/%E0/%E1/%E2/%E3/%E4/%E5/%E6/%E7/%E8/%E9/%EA/%EB/%EC/%ED/%EE/%EF/%F0/%F1/%F2/%F3/%F4/%F5/%F6/%F7/%F8/%F9/%FA/%FB/%FC/%FD/%FE/%FF" - - encoded = MediaProxy.url(url) - assert decode_result(encoded) == url - end - - # This includes unsafe/reserved characters which are not interpreted as part of the URL - # and would otherwise have to be ASCII encoded. It is our role to ensure the proxied URL - # is unmodified, so we are testing these characters anyway. - test "preserve non-unicode characters per RFC3986" do - url = - "https://pleroma.com/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890-._~:/?#[]@!$&'()*+,;=|^`{}" - - encoded = MediaProxy.url(url) - assert decode_result(encoded) == url - end - - test "preserve unicode characters" do - url = "https://ko.wikipedia.org/wiki/위키백과:대문" - - encoded = MediaProxy.url(url) - assert decode_result(encoded) == url - end - end - - describe "when disabled" do - setup do: clear_config([:media_proxy, :enabled], false) - - test "does not encode remote urls" do - assert MediaProxy.url("https://google.fr") == "https://google.fr" - end - end - - defp decode_result(encoded) do - [_, "proxy", sig, base64 | _] = URI.parse(encoded).path |> String.split("/") - {:ok, decoded} = MediaProxy.decode_url(sig, base64) - decoded - end - - describe "whitelist" do - setup do: clear_config([:media_proxy, :enabled], true) - - test "mediaproxy whitelist" do - clear_config([:media_proxy, :whitelist], ["https://google.com", "https://feld.me"]) - url = "https://feld.me/foo.png" - - unencoded = MediaProxy.url(url) - assert unencoded == url - end - - # TODO: delete after removing support bare domains for media proxy whitelist - test "mediaproxy whitelist bare domains whitelist (deprecated)" do - clear_config([:media_proxy, :whitelist], ["google.com", "feld.me"]) - url = "https://feld.me/foo.png" - - unencoded = MediaProxy.url(url) - assert unencoded == url - end - - test "does not change whitelisted urls" do - clear_config([:media_proxy, :whitelist], ["mycdn.akamai.com"]) - clear_config([:media_proxy, :base_url], "https://cache.pleroma.social") - - media_url = "https://mycdn.akamai.com" - - url = "#{media_url}/static/logo.png" - encoded = MediaProxy.url(url) - - assert String.starts_with?(encoded, media_url) - end - - test "ensure Pleroma.Upload base_url is always whitelisted" do - media_url = "https://media.pleroma.social" - clear_config([Pleroma.Upload, :base_url], media_url) - - url = "#{media_url}/static/logo.png" - encoded = MediaProxy.url(url) - - assert String.starts_with?(encoded, media_url) - end - end -end |