Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-30 22:34:10 -05:00
Code Issues Activity

test: add unit test for the HTTP protocol check

Browse source
This commit is contained in:
Liming Jin 2019-04-27 00:35:39 +08:00
parent 4af7b88919
commit 8e5203be9e
No known key found for this signature in database
GPG key ID: E5DC6B415BEAB6A9
3 changed files with 50 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
src/api/web/index.js
View file

@ -8,7 +8,7 @@ import fs from 'fs';
import path from 'path'; import path from 'path';
import express from 'express'; import express from 'express';
import { combineBaseUrl, getWebProtocol } from '../../lib/utils'; import { combineBaseUrl, getWebProtocol, isHTTPProtocol } from '../../lib/utils';
import Search from '../../lib/search'; import Search from '../../lib/search';
import { HEADERS, HTTP_STATUS, WEB_TITLE } from '../../lib/constants'; import { HEADERS, HTTP_STATUS, WEB_TITLE } from '../../lib/constants';
import loadPlugin from '../../lib/plugin-loader'; import loadPlugin from '../../lib/plugin-loader';
@ -32,6 +32,17 @@ export function loadTheme(config) {
} }
} }
const sendFileCallback = next => err => {
if (!err) {
return;
}
if (err.status === HTTP_STATUS.NOT_FOUND) {
next();
} else {
next(err);
}
};
module.exports = function(config, auth, storage) { module.exports = function(config, auth, storage) {
Search.configureStorage(storage); Search.configureStorage(storage);
/* eslint new-cap:off */ /* eslint new-cap:off */
@ -45,38 +56,22 @@ module.exports = function(config, auth, storage) {
// Logo // Logo
let logoURI = _.get(config, 'web.logo') ? config.web.logo : ''; let logoURI = _.get(config, 'web.logo') ? config.web.logo : '';
if (logoURI && !/^(https?:)?\/\//.test(logoURI)) { if (logoURI && !isHTTPProtocol(logoURI)) {
// URI that not starts with "http://", "https://" or "//" // URI related to a local file
logoURI = path.join('/-/static/', path.basename(logoURI));
// Note: `path.join` will break on Windows, because it transforms `/` to `\`
// Use POSIX version `path.posix.join` instead.
logoURI = path.posix.join('/-/static/', path.basename(logoURI));
router.get(logoURI, function(req, res, next) { router.get(logoURI, function(req, res, next) {
res.sendFile(path.resolve(config.web.logo), function(err) { res.sendFile(path.resolve(config.web.logo), sendFileCallback(next));
if (!err) {
return;
}
if (err.status === HTTP_STATUS.NOT_FOUND) {
next();
} else {
next(err);
}
});
}); });
} }
// Static // Static
router.get('/-/static/*', function(req, res, next) { router.get('/-/static/*', function(req, res, next) {
const filename = req.params[0]; const filename = req.params[0];
const file = `${themePath}/${filename}`; const file = `${themePath}/${filename}`;
res.sendFile(file, function(err) { res.sendFile(file, sendFileCallback(next));
if (!err) {
return;
}
if (err.status === HTTP_STATUS.NOT_FOUND) {
next();
} else {
next(err);
}
});
}); });
function renderHTML(req, res) { function renderHTML(req, res) {

8
src/lib/utils.js
View file

@ -547,3 +547,11 @@ export function formatAuthor(author: any) {
return authorDetails; return authorDetails;
} }
/**
* Check if URI is starting with "http://", "https://" or "//"
* @param {string} uri
*/
export function isHTTPProtocol(uri: string): boolean {
return /^(https?:)?\/\//.test(uri);
}

23
test/unit/api/utils.spec.js
View file

@ -14,7 +14,8 @@ import {
getWebProtocol, getWebProtocol,
getVersionFromTarball, getVersionFromTarball,
sortByName, sortByName,
formatAuthor formatAuthor,
isHTTPProtocol,
} from '../../../src/lib/utils'; } from '../../../src/lib/utils';
import { DIST_TAGS, DEFAULT_USER } from '../../../src/lib/constants'; import { DIST_TAGS, DEFAULT_USER } from '../../../src/lib/constants';
import Logger, { setup } from '../../../src/lib/logger'; import Logger, { setup } from '../../../src/lib/logger';
@ -332,6 +333,26 @@ describe('Utilities', () => {
expect(url).toMatch('/-/static/logo.png'); expect(url).toMatch('/-/static/logo.png');
}); });
test('should check HTTP protocol correctly', () => {
expect(isHTTPProtocol('http://domain.com/-/static/logo.png')).toBeTruthy();
expect(isHTTPProtocol('https://www.domain.com/-/static/logo.png')).toBeTruthy();
expect(isHTTPProtocol('//domain.com/-/static/logo.png')).toBeTruthy();
expect(isHTTPProtocol('file:///home/user/logo.png')).toBeFalsy();
expect(isHTTPProtocol('file:///F:/home/user/logo.png')).toBeFalsy();
// Note that uses ftp protocol in src was deprecated in modern browsers
expect(isHTTPProtocol('ftp://1.2.3.4/home/user/logo.png')).toBeFalsy();
expect(isHTTPProtocol('./logo.png')).toBeFalsy();
expect(isHTTPProtocol('.\\logo.png')).toBeFalsy();
expect(isHTTPProtocol('../logo.png')).toBeFalsy();
expect(isHTTPProtocol('..\\logo.png')).toBeFalsy();
expect(isHTTPProtocol('../../static/logo.png')).toBeFalsy();
expect(isHTTPProtocol('..\\..\\static\\logo.png')).toBeFalsy();
expect(isHTTPProtocol('logo.png')).toBeFalsy();
expect(isHTTPProtocol('.logo.png')).toBeFalsy();
expect(isHTTPProtocol('/static/logo.png')).toBeFalsy();
expect(isHTTPProtocol('F:\\static\\logo.png')).toBeFalsy();
});
}); });
describe('User utilities', () => { describe('User utilities', () => {