/
http-agent.js
124 lines (107 loc) · 3.3 KB
/
http-agent.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
/* global test:false, expect:false, describe:false, */
const request = require('request')
const http = require('node:http')
const https = require('node:https')
const { getProtectedHttpAgent, getRedirectEvaluator, FORBIDDEN_IP_ADDRESS } = require('../../src/server/helpers/request')
describe('test getRedirectEvaluator', () => {
const httpURL = 'http://uppy.io'
const httpsURL = 'https://uppy.io'
const httpRedirectResp = {
headers: {
location: 'http://transloadit.com',
},
}
const httpsRedirectResp = {
headers: {
location: 'https://transloadit.com',
},
}
test('when original URL has "https:" as protocol', (done) => {
const shouldRedirectHttps = getRedirectEvaluator(httpsURL, true)
expect(shouldRedirectHttps(httpsRedirectResp)).toEqual(true)
expect(shouldRedirectHttps(httpRedirectResp)).toEqual(false)
done()
})
test('when original URL has "http:" as protocol', (done) => {
const shouldRedirectHttp = getRedirectEvaluator(httpURL, true)
expect(shouldRedirectHttp(httpRedirectResp)).toEqual(true)
expect(shouldRedirectHttp(httpsRedirectResp)).toEqual(false)
done()
})
})
describe('test getProtectedHttpAgent', () => {
test('setting "https:" as protocol', (done) => {
const Agent = getProtectedHttpAgent('https:')
expect(Agent).toEqual(https.Agent)
done()
})
test('setting "https" as protocol', (done) => {
const Agent = getProtectedHttpAgent('https')
expect(Agent).toEqual(https.Agent)
done()
})
test('setting "http:" as protocol', (done) => {
const Agent = getProtectedHttpAgent('http:')
expect(Agent).toEqual(http.Agent)
done()
})
test('setting "http" as protocol', (done) => {
const Agent = getProtectedHttpAgent('http')
expect(Agent).toEqual(http.Agent)
done()
})
})
describe('test protected request Agent', () => {
test('allows URLs without IP addresses', (done) => {
const options = {
uri: 'https://transloadit.com',
method: 'GET',
agentClass: getProtectedHttpAgent('https', true),
}
request(options, (err) => {
if (err) {
expect(err.message).not.toEqual(FORBIDDEN_IP_ADDRESS)
expect(err.message.startsWith(FORBIDDEN_IP_ADDRESS)).toEqual(false)
done()
} else {
done()
}
})
})
test('blocks private http IP address', (done) => {
const options = {
uri: 'http://172.20.10.4:8090',
method: 'GET',
agentClass: getProtectedHttpAgent('http', true),
}
request(options, (err) => {
expect(err).toBeInstanceOf(Error)
expect(err.message).toEqual(FORBIDDEN_IP_ADDRESS)
done()
})
})
test('blocks private https IP address', (done) => {
const options = {
uri: 'https://172.20.10.4:8090',
method: 'GET',
agentClass: getProtectedHttpAgent('https', true),
}
request(options, (err) => {
expect(err).toBeInstanceOf(Error)
expect(err.message).toEqual(FORBIDDEN_IP_ADDRESS)
done()
})
})
test('blocks localhost IP address', (done) => {
const options = {
uri: 'http://127.0.0.1:8090',
method: 'GET',
agentClass: getProtectedHttpAgent('http', true),
}
request(options, (err) => {
expect(err).toBeInstanceOf(Error)
expect(err.message).toEqual(FORBIDDEN_IP_ADDRESS)
done()
})
})
})