Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-02-10 23:36:14 -05:00
Code Issues Activity
ghost/core/test/functional/routes/frontend_spec.js
Katharina Irrgang a68592a6b9 🔥 remove forceAdminSSL and urlSSL, add admin url (#7937) 
* 🔥  kill apiUrl helper, use urlFor helper instead

More consistency of creating urls.
Creates an easier ability to add config changes.

Attention: urlFor function is getting a little nesty, BUT that is for now wanted to make easier and centralised changes to the configs.
The url util need's refactoring anyway.

* 🔥  urlSSL

Remove all urlSSL usages.
Add TODO's for the next commit to re-add logic for deleted logic.

e.g.

- cors helper generated an array of url's to allow requests from the defined config url's -> will be replaced by the admin url if available
- theme handler prefered the urlSSL in case it was defined -> will be replaced by using the urlFor helper to get the blog url (based on the request secure flag)

The changes in this commit doesn't have to be right, but it helped going step by step.
The next commit is the more interesting one.

* 🔥    remove forceAdminSSL, add new admin url and adapt logic

I wanted to remove the forceAdminSSL as separate commit, but was hard to realise.
That's why both changes are in one commit:

1. remove forceAdminSSL
2. add admin.url option

- fix TODO's from last commits
- rewrite the ssl middleware!
- create some private helper functions in the url helper to realise the changes
- rename some wordings and functions e.g. base === blog (we have so much different wordings)
- i would like to do more, but this would end in a non readable PR
- this commit contains the most important changes to offer admin.url option

* 🤖  adapt tests

IMPORTANT
- all changes in the routing tests were needed, because each routing test did not start the ghost server
- they just required the ghost application, which resulted in a random server port
- having a random server port results in a redirect, caused by the ssl/redirect middleware

* 😎  rename check-ssl middleware

* 🎨  fix theme-handler because of master rebase
2017-02-03 18:13:22 +00:00

780 lines
31 KiB
JavaScript
Raw Blame History

// # Frontend Route tests
// As it stands, these tests depend on the database, and as such are integration tests.
// Mocking out the models to not touch the DB would turn these into unit tests, and should probably be done in future,
// But then again testing real code, rather than mock code, might be more useful...
var request = require('supertest'),
should = require('should'),
moment = require('moment'),
sinon = require('sinon'),
cheerio = require('cheerio'),
testUtils = require('../../utils'),
config = require('../../../server/config'),
settingsCache = require('../../../server/api/settings').cache,
sandbox = sinon.sandbox.create(),
ghost = testUtils.startGhost;
describe('Frontend Routing', function () {
var ghostServer;
function doEnd(done) {
return function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
should.not.exist(res.headers['X-CSRF-Token']);
should.not.exist(res.headers['set-cookie']);
should.exist(res.headers.date);
done();
};
}
function addPosts(done) {
testUtils.initData().then(function () {
return testUtils.fixtures.insertPostsAndTags();
}).then(function () {
done();
});
}
afterEach(function () {
sandbox.restore();
});
describe('NO FORK', function () {
before(function (done) {
ghost().then(function (_ghostServer) {
ghostServer = _ghostServer;
return ghostServer.start();
}).then(function () {
request = request(config.get('url'));
done();
}).catch(function (e) {
console.log('Ghost Error: ', e);
console.log(e.stack);
done(e);
});
});
after(function () {
return ghostServer.stop();
});
describe('Date permalinks', function () {
before(function (done) {
// Only way to swap permalinks setting is to login and visit the URL because
// poking the database doesn't work as settings are cached
testUtils.togglePermalinks(request, 'date')
.then(function () {
done();
})
.catch(done);
});
after(function (done) {
testUtils.togglePermalinks(request)
.then(function () {
done();
})
.catch(done);
});
it('should load a post with date permalink', function (done) {
var date = moment().format('YYYY/MM/DD');
request.get('/' + date + '/welcome-to-ghost/')
.expect(200)
.expect('Content-Type', /html/)
.end(doEnd(done));
});
it('expect redirect because of wrong/old permalink prefix', function (done) {
var date = moment().format('YYYY/MM/DD');
request.get('/2016/04/01/welcome-to-ghost/')
.expect('Content-Type', /html/)
.end(function (err, res) {
res.status.should.eql(301);
request.get('/' + date + '/welcome-to-ghost/')
.expect(200)
.expect('Content-Type', /html/)
.end(doEnd(done));
});
});
it('should serve RSS with date permalink', function (done) {
request.get('/rss/')
.expect('Content-Type', 'text/xml; charset=utf-8')
.expect('Cache-Control', testUtils.cacheRules.public)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
should.not.exist(res.headers['x-cache-invalidate']);
should.not.exist(res.headers['X-CSRF-Token']);
should.not.exist(res.headers['set-cookie']);
should.exist(res.headers.date);
var content = res.text,
todayMoment = moment(),
dd = todayMoment.format('DD'),
mm = todayMoment.format('MM'),
yyyy = todayMoment.format('YYYY'),
postLink = '/' + yyyy + '/' + mm + '/' + dd + '/welcome-to-ghost/';
content.indexOf(postLink).should.be.above(0);
done();
});
});
});
describe('Test with Initial Fixtures', function () {
after(testUtils.teardown);
describe('Error', function () {
it('should 404 for unknown post', function (done) {
request.get('/spectacular/')
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
it('should 404 for unknown post with invalid characters', function (done) {
request.get('/$pec+acular~/')
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
it('should 404 for unknown frontend route', function (done) {
request.get('/spectacular/marvellous/')
.set('Accept', 'application/json')
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
it('should 404 for encoded char not 301 from uncapitalise', function (done) {
request.get('/|/')
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
it('should 404 for unknown file', function (done) {
request.get('/content/images/some/file/that/doesnt-exist.jpg')
.expect('Cache-Control', testUtils.cacheRules['private'])
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
});
describe('Single post', function () {
it('should redirect without slash', function (done) {
request.get('/welcome-to-ghost')
.expect('Location', '/welcome-to-ghost/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEnd(done));
});
it('should redirect uppercase', function (done) {
request.get('/Welcome-To-Ghost/')
.expect('Location', '/welcome-to-ghost/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEnd(done));
});
it('should sanitize double slashes when redirecting uppercase', function (done) {
request.get('///Google.com/')
.expect('Location', '/google.com/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEnd(done));
});
it('should respond with html for valid url', function (done) {
request.get('/welcome-to-ghost/')
.expect('Content-Type', /html/)
.expect('Cache-Control', testUtils.cacheRules.public)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
var $ = cheerio.load(res.text);
should.not.exist(res.headers['x-cache-invalidate']);
should.not.exist(res.headers['X-CSRF-Token']);
should.not.exist(res.headers['set-cookie']);
should.exist(res.headers.date);
$('title').text().should.equal('Welcome to Ghost');
$('.content .post').length.should.equal(1);
$('.poweredby').text().should.equal('Proudly published with Ghost');
$('body.post-template').length.should.equal(1);
$('body.tag-getting-started').length.should.equal(1);
$('article.post').length.should.equal(1);
$('article.tag-getting-started').length.should.equal(1);
done();
});
});
it('should not work with date permalinks', function (done) {
// get today's date
var date = moment().format('YYYY/MM/DD');
request.get('/' + date + '/welcome-to-ghost/')
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
});
describe('Post edit', function () {
it('should redirect without slash', function (done) {
request.get('/welcome-to-ghost/edit')
.expect('Location', '/welcome-to-ghost/edit/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEnd(done));
});
it('should redirect to editor', function (done) {
request.get('/welcome-to-ghost/edit/')
.expect('Location', /ghost\/editor\/\w+/)
.expect('Cache-Control', testUtils.cacheRules.public)
.expect(302)
.end(doEnd(done));
});
it('should 404 for non-edit parameter', function (done) {
request.get('/welcome-to-ghost/notedit/')
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
});
describe('AMP post', function () {
it('should redirect without slash', function (done) {
request.get('/welcome-to-ghost/amp')
.expect('Location', '/welcome-to-ghost/amp/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEnd(done));
});
it('should redirect uppercase', function (done) {
request.get('/Welcome-To-Ghost/AMP/')
.expect('Location', '/welcome-to-ghost/amp/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEnd(done));
});
it('should respond with html for valid url', function (done) {
request.get('/welcome-to-ghost/amp/')
.expect('Content-Type', /html/)
.expect('Cache-Control', testUtils.cacheRules.public)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
var $ = cheerio.load(res.text);
should.not.exist(res.headers['x-cache-invalidate']);
should.not.exist(res.headers['X-CSRF-Token']);
should.not.exist(res.headers['set-cookie']);
should.exist(res.headers.date);
$('title').text().should.equal('Welcome to Ghost');
$('.content .post').length.should.equal(1);
$('.poweredby').text().should.equal('Proudly published with Ghost');
$('body.amp-template').length.should.equal(1);
$('article.post').length.should.equal(1);
done();
});
});
it('should not work with date permalinks', function (done) {
// get today's date
var date = moment().format('YYYY/MM/DD');
request.get('/' + date + '/welcome-to-ghost/amp/')
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
it('should not render AMP, when AMP is disabled', function (done) {
var originalFn = settingsCache.get;
sandbox.stub(settingsCache, 'get', function (key) {
if (key !== 'amp') {
return originalFn(key);
}
return false;
});
request.get('/welcome-to-ghost/amp/')
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
});
describe('Static assets', function () {
it('should retrieve theme assets', function (done) {
request.get('/assets/css/screen.css')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(200)
.end(doEnd(done));
});
it('should retrieve default robots.txt', function (done) {
request.get('/robots.txt')
.expect('Cache-Control', testUtils.cacheRules.hour)
.expect('ETag', /[0-9a-f]{32}/i)
.expect(200)
.end(doEnd(done));
});
it('should retrieve default favicon.ico', function (done) {
request.get('/favicon.ico')
.expect('Cache-Control', testUtils.cacheRules.day)
.expect('ETag', /[0-9a-f]{32}/i)
.expect(200)
.end(doEnd(done));
});
// at the moment there is no image fixture to test
// it('should retrieve image assets', function (done) {
// request.get('/content/images/some.jpg')
// .expect('Cache-Control', testUtils.cacheRules.year)
// .end(doEnd(done));
// });
});
});
describe('Static page', function () {
before(addPosts);
after(testUtils.teardown);
it('should redirect without slash', function (done) {
request.get('/static-page-test')
.expect('Location', '/static-page-test/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEnd(done));
});
it('should respond with xml', function (done) {
request.get('/static-page-test/')
.expect('Content-Type', /html/)
.expect('Cache-Control', testUtils.cacheRules.public)
.expect(200)
.end(doEnd(done));
});
describe('edit', function () {
it('should redirect without slash', function (done) {
request.get('/static-page-test/edit')
.expect('Location', '/static-page-test/edit/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEnd(done));
});
it('should redirect to editor', function (done) {
request.get('/static-page-test/edit/')
.expect('Location', /ghost\/editor\/\w+/)
.expect('Cache-Control', testUtils.cacheRules.public)
.expect(302)
.end(doEnd(done));
});
it('should 404 for non-edit parameter', function (done) {
request.get('/static-page-test/notedit/')
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
});
describe('amp', function () {
it('should 404 for amp parameter', function (done) {
request.get('/static-page-test/amp/')
.expect('Cache-Control', testUtils.cacheRules.private)
.expect(404)
.expect(/Page not found/)
.end(doEnd(done));
});
});
});
describe('Post preview', function () {
before(addPosts);
after(testUtils.teardown);
it('should display draft posts accessed via uuid', function (done) {
request.get('/p/d52c42ae-2755-455c-80ec-70b2ec55c903/')
.expect('Content-Type', /html/)
.expect(200)
.end(function (err, res) {
if (err) {
return done(err);
}
var $ = cheerio.load(res.text);
should.not.exist(res.headers['x-cache-invalidate']);
should.not.exist(res.headers['X-CSRF-Token']);
should.not.exist(res.headers['set-cookie']);
should.exist(res.headers.date);
$('title').text().should.equal('Not finished yet');
$('.content .post').length.should.equal(1);
$('.poweredby').text().should.equal('Proudly published with Ghost');
$('body.post-template').length.should.equal(1);
$('article.post').length.should.equal(1);
done();
});
});
it('should redirect published posts to their live url', function (done) {
request.get('/p/2ac6b4f6-e1f3-406c-9247-c94a0496d39d/')
.expect(301)
.expect('Location', '/short-and-sweet/')
.expect('Cache-Control', testUtils.cacheRules.public)
.end(doEnd(done));
});
it('404s unknown uuids', function (done) {
request.get('/p/aac6b4f6-e1f3-406c-9247-c94a0496d39f/')
.expect(404)
.end(doEnd(done));
});
});
describe('Post with Ghost in the url', function () {
before(addPosts);
after(testUtils.teardown);
// All of Ghost's admin depends on the /ghost/ in the url to work properly
// Badly formed regexs can cause breakage if a post slug starts with the 5 letters ghost
it('should retrieve a blog post with ghost at the start of the url', function (done) {
request.get('/ghostly-kitchen-sink/')
.expect('Cache-Control', testUtils.cacheRules.public)
.expect(200)
.end(doEnd(done));
});
});
describe('Site Map', function () {
before(testUtils.teardown);
before(function (done) {
testUtils.initData().then(function () {
return testUtils.fixtures.insertPostsAndTags();
}).then(function () {
done();
}).catch(done);
});
it('should serve sitemap.xml', function (done) {
request.get('/sitemap.xml')
.expect(200)
.expect('Cache-Control', testUtils.cacheRules.hour)
.expect('Content-Type', 'text/xml; charset=utf-8')
.end(function (err, res) {
res.text.should.match(/sitemapindex/);
doEnd(done)(err, res);
});
});
it('should serve sitemap-posts.xml', function (done) {
request.get('/sitemap-posts.xml')
.expect(200)
.expect('Cache-Control', testUtils.cacheRules.hour)
.expect('Content-Type', 'text/xml; charset=utf-8')
.end(function (err, res) {
res.text.should.match(/urlset/);
doEnd(done)(err, res);
});
});
it('should serve sitemap-pages.xml', function (done) {
request.get('/sitemap-posts.xml')
.expect(200)
.expect('Cache-Control', testUtils.cacheRules.hour)
.expect('Content-Type', 'text/xml; charset=utf-8')
.end(function (err, res) {
res.text.should.match(/urlset/);
doEnd(done)(err, res);
});
});
// TODO: Other pages and verify content
});
});
describe('FORK', function () {
describe('Subdirectory (no slash)', function () {
var forkedGhost, request;
before(function (done) {
testUtils.fork.ghost({
url: 'http://localhost/blog'
}, 'testsubdir')
.then(function (child) {
forkedGhost = child;
request = require('supertest');
request = request('http://localhost:' + child.port);
}).then(done).catch(done);
});
after(function (done) {
if (forkedGhost) {
forkedGhost.kill(done);
} else {
done(new Error('No forked ghost process exists, test setup must have failed.'));
}
});
it('http://localhost should 404', function (done) {
request.get('/')
.expect(404)
.end(doEnd(done));
});
it('http://localhost/ should 404', function (done) {
request.get('/')
.expect(404)
.end(doEnd(done));
});
it('http://localhost/blog should 301 to http://localhost/blog/', function (done) {
request.get('/blog')
.expect(301)
.expect('Location', '/blog/')
.end(doEnd(done));
});
it('http://localhost/blog/ should 200', function (done) {
request.get('/blog/')
.expect(200)
.end(doEnd(done));
});
it('http://localhost/blog/welcome-to-ghost should 301 to http://localhost/blog/welcome-to-ghost/', function (done) {
request.get('/blog/welcome-to-ghost')
.expect(301)
.expect('Location', '/blog/welcome-to-ghost/')
.expect('Cache-Control', testUtils.cacheRules.year)
.end(doEnd(done));
});
it('http://localhost/blog/welcome-to-ghost/ should 200', function (done) {
request.get('/blog/welcome-to-ghost/')
.expect(200)
.end(doEnd(done));
});
it('/blog/tag/getting-started should 301 to /blog/tag/getting-started/', function (done) {
request.get('/blog/tag/getting-started')
.expect(301)
.expect('Location', '/blog/tag/getting-started/')
.expect('Cache-Control', testUtils.cacheRules.year)
.end(doEnd(done));
});
it('/blog/tag/getting-started/ should 200', function (done) {
request.get('/blog/tag/getting-started/')
.expect(200)
.end(doEnd(done));
});
it('/blog/welcome-to-ghost/amp/ should 200', function (done) {
var originalFn = settingsCache.get;
sandbox.stub(settingsCache, 'get', function (key) {
if (key !== 'amp') {
return originalFn(key);
}
return true;
});
request.get('/blog/welcome-to-ghost/amp/')
.expect(200)
.end(doEnd(done));
});
});
describe('Subdirectory (with slash)', function () {
var forkedGhost, request;
before(function (done) {
testUtils.fork.ghost({
url: 'http://localhost/blog/'
}, 'testsubdir')
.then(function (child) {
forkedGhost = child;
request = require('supertest');
request = request('http://localhost:' + child.port);
}).then(done).catch(done);
});
after(function (done) {
if (forkedGhost) {
forkedGhost.kill(done);
} else {
done(new Error('No forked ghost process exists, test setup must have failed.'));
}
});
it('http://localhost should 404', function (done) {
request.get('/')
.expect(404)
.end(doEnd(done));
});
it('http://localhost/ should 404', function (done) {
request.get('/')
.expect(404)
.end(doEnd(done));
});
it('/blog should 301 to /blog/', function (done) {
request.get('/blog')
.expect(301)
.expect('Location', '/blog/')
.end(doEnd(done));
});
it('/blog/ should 200', function (done) {
request.get('/blog/')
.expect(200)
.end(doEnd(done));
});
it('/blog/welcome-to-ghost should 301 to /blog/welcome-to-ghost/', function (done) {
request.get('/blog/welcome-to-ghost')
.expect(301)
.expect('Location', '/blog/welcome-to-ghost/')
.expect('Cache-Control', testUtils.cacheRules.year)
.end(doEnd(done));
});
it('/blog/welcome-to-ghost/ should 200', function (done) {
request.get('/blog/welcome-to-ghost/')
.expect(200)
.end(doEnd(done));
});
it('/blog/tag/getting-started should 301 to /blog/tag/getting-started/', function (done) {
request.get('/blog/tag/getting-started')
.expect(301)
.expect('Location', '/blog/tag/getting-started/')
.expect('Cache-Control', testUtils.cacheRules.year)
.end(doEnd(done));
});
it('/blog/tag/getting-started/ should 200', function (done) {
request.get('/blog/tag/getting-started/')
.expect(200)
.end(doEnd(done));
});
it('/blog/welcome-to-ghost/amp/ should 200', function (done) {
var originalFn = settingsCache.get;
sandbox.stub(settingsCache, 'get', function (key) {
if (key !== 'amp') {
return originalFn(key);
}
return true;
});
request.get('/blog/welcome-to-ghost/amp/')
.expect(200)
.end(doEnd(done));
});
it('should uncapitalise correctly with 301 to subdir', function (done) {
request.get('/blog/AAA/')
.expect('Location', '/blog/aaa/')
.expect('Cache-Control', testUtils.cacheRules.year)
.expect(301)
.end(doEnd(done));
});
});
// we'll use X-Forwarded-Proto: https to simulate an 'https://' request behind a proxy
describe('HTTPS', function () {
var forkedGhost, request;
before(function (done) {
testUtils.fork.ghost({
url: 'http://localhost:2370/',
server: {
port: 2370
}
}, 'testhttps')
.then(function (child) {
forkedGhost = child;
request = require('supertest');
request = request('http://localhost:2370');
}).then(done).catch(done);
});
after(function (done) {
if (forkedGhost) {
forkedGhost.kill(done);
} else {
done(new Error('No forked ghost process exists, test setup must have failed.'));
}
});
it('should set links to url over non-HTTPS', function (done) {
request.get('/')
.expect(200)
.expect(/<link rel="canonical" href="http:\/\/localhost:2370\/" \/\>/)
.expect(/<a href="http:\/\/localhost:2370\/">Ghost<\/a\>/)
.end(doEnd(done));
});
it('should set links over HTTPS besides canonical', function (done) {
request.get('/')
.set('X-Forwarded-Proto', 'https')
.expect(200)
.expect(/<link rel="canonical" href="http:\/\/localhost:2370\/" \/\>/)
.expect(/<a href="https:\/\/localhost:2370\/">Ghost<\/a\>/)
.end(doEnd(done));
});
});
});
});
Reference in a new issue View git blame Copy permalink