| 
									
										
										
										
											2017-07-14 13:41:49 -05:00
										 |  |  | # frozen_string_literal: true | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | require 'rails_helper' | 
					
						
							| 
									
										
										
										
											2018-03-26 07:02:10 -05:00
										 |  |  | require 'securerandom' | 
					
						
							| 
									
										
										
										
											2017-07-14 13:41:49 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  | describe Request do | 
					
						
							|  |  |  |   subject { Request.new(:get, 'http://example.com') } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   describe '#headers' do | 
					
						
							|  |  |  |     it 'returns user agent' do | 
					
						
							|  |  |  |       expect(subject.headers['User-Agent']).to be_present | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     it 'returns the date header' do | 
					
						
							|  |  |  |       expect(subject.headers['Date']).to be_present | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     it 'returns the host header' do | 
					
						
							|  |  |  |       expect(subject.headers['Host']).to be_present | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     it 'does not return virtual request-target header' do | 
					
						
							|  |  |  |       expect(subject.headers['(request-target)']).to be_nil | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  |   end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   describe '#on_behalf_of' do | 
					
						
							|  |  |  |     it 'when used, adds signature header' do | 
					
						
							|  |  |  |       subject.on_behalf_of(Fabricate(:account)) | 
					
						
							|  |  |  |       expect(subject.headers['Signature']).to be_present | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  |   end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   describe '#add_headers' do | 
					
						
							|  |  |  |     it 'adds headers to the request' do | 
					
						
							|  |  |  |       subject.add_headers('Test' => 'Foo') | 
					
						
							|  |  |  |       expect(subject.headers['Test']).to eq 'Foo' | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  |   end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   describe '#perform' do | 
					
						
							| 
									
										
										
										
											2018-02-24 12:16:11 -06:00
										 |  |  |     context 'with valid host' do | 
					
						
							| 
									
										
										
										
											2018-03-24 06:49:54 -05:00
										 |  |  |       before { stub_request(:get, 'http://example.com') } | 
					
						
							| 
									
										
										
										
											2018-02-24 12:16:11 -06:00
										 |  |  | 
 | 
					
						
							|  |  |  |       it 'executes a HTTP request' do | 
					
						
							| 
									
										
										
										
											2018-03-24 06:49:54 -05:00
										 |  |  |         expect { |block| subject.perform &block }.to yield_control | 
					
						
							| 
									
										
										
										
											2018-02-24 12:16:11 -06:00
										 |  |  |         expect(a_request(:get, 'http://example.com')).to have_been_made.once | 
					
						
							|  |  |  |       end | 
					
						
							| 
									
										
										
										
											2017-07-14 13:41:49 -05:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-20 03:06:08 -05:00
										 |  |  |       it 'executes a HTTP request when the first address is private' do | 
					
						
							| 
									
										
										
										
											2018-11-22 13:12:04 -06:00
										 |  |  |         resolver = double | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         allow(resolver).to receive(:getaddresses).with('example.com').and_return(%w(0.0.0.0 2001:4860:4860::8844)) | 
					
						
							|  |  |  |         allow(resolver).to receive(:timeouts=).and_return(nil) | 
					
						
							|  |  |  |         allow(Resolv::DNS).to receive(:open).and_yield(resolver) | 
					
						
							| 
									
										
										
										
											2018-03-24 06:49:54 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  |         expect { |block| subject.perform &block }.to yield_control | 
					
						
							| 
									
										
										
										
											2018-03-20 03:06:08 -05:00
										 |  |  |         expect(a_request(:get, 'http://example.com')).to have_been_made.once | 
					
						
							|  |  |  |       end | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-24 12:16:11 -06:00
										 |  |  |       it 'sets headers' do | 
					
						
							| 
									
										
										
										
											2018-03-24 06:49:54 -05:00
										 |  |  |         expect { |block| subject.perform &block }.to yield_control | 
					
						
							| 
									
										
										
										
											2018-02-24 12:16:11 -06:00
										 |  |  |         expect(a_request(:get, 'http://example.com').with(headers: subject.headers)).to have_been_made | 
					
						
							|  |  |  |       end | 
					
						
							| 
									
										
										
										
											2018-03-24 06:49:54 -05:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-08-28 10:44:34 -05:00
										 |  |  |       it 'closes underlying connection' do | 
					
						
							| 
									
										
										
										
											2018-03-24 06:49:54 -05:00
										 |  |  |         expect_any_instance_of(HTTP::Client).to receive(:close) | 
					
						
							|  |  |  |         expect { |block| subject.perform &block }.to yield_control | 
					
						
							|  |  |  |       end | 
					
						
							| 
									
										
										
										
											2018-03-26 07:02:10 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  |       it 'returns response which implements body_with_limit' do | 
					
						
							|  |  |  |         subject.perform do |response| | 
					
						
							|  |  |  |           expect(response).to respond_to :body_with_limit | 
					
						
							|  |  |  |         end | 
					
						
							|  |  |  |       end | 
					
						
							| 
									
										
										
										
											2017-07-14 13:41:49 -05:00
										 |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-02-24 12:16:11 -06:00
										 |  |  |     context 'with private host' do | 
					
						
							|  |  |  |       around do |example| | 
					
						
							|  |  |  |         WebMock.disable! | 
					
						
							|  |  |  |         example.run | 
					
						
							|  |  |  |         WebMock.enable! | 
					
						
							|  |  |  |       end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       it 'raises Mastodon::ValidationError' do | 
					
						
							| 
									
										
										
										
											2018-11-22 13:12:04 -06:00
										 |  |  |         resolver = double | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         allow(resolver).to receive(:getaddresses).with('example.com').and_return(%w(0.0.0.0 2001:db8::face)) | 
					
						
							|  |  |  |         allow(resolver).to receive(:timeouts=).and_return(nil) | 
					
						
							|  |  |  |         allow(Resolv::DNS).to receive(:open).and_yield(resolver) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-10-04 05:36:53 -05:00
										 |  |  |         expect { subject.perform }.to raise_error Mastodon::ValidationError | 
					
						
							| 
									
										
										
										
											2018-02-24 12:16:11 -06:00
										 |  |  |       end | 
					
						
							| 
									
										
										
										
											2017-07-14 13:41:49 -05:00
										 |  |  |     end | 
					
						
							|  |  |  |   end | 
					
						
							| 
									
										
										
										
											2018-03-26 07:02:10 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  |   describe "response's body_with_limit method" do | 
					
						
							|  |  |  |     it 'rejects body more than 1 megabyte by default' do | 
					
						
							|  |  |  |       stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.megabytes)) | 
					
						
							|  |  |  |       expect { subject.perform { |response| response.body_with_limit } }.to raise_error Mastodon::LengthValidationError | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     it 'accepts body less than 1 megabyte by default' do | 
					
						
							|  |  |  |       stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.kilobytes)) | 
					
						
							|  |  |  |       expect { subject.perform { |response| response.body_with_limit } }.not_to raise_error | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     it 'rejects body by given size' do | 
					
						
							|  |  |  |       stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.kilobytes)) | 
					
						
							|  |  |  |       expect { subject.perform { |response| response.body_with_limit(1.kilobyte) } }.to raise_error Mastodon::LengthValidationError | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     it 'rejects too large chunked body' do | 
					
						
							|  |  |  |       stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.megabytes), headers: { 'Transfer-Encoding' => 'chunked' }) | 
					
						
							|  |  |  |       expect { subject.perform { |response| response.body_with_limit } }.to raise_error Mastodon::LengthValidationError | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     it 'rejects too large monolithic body' do | 
					
						
							|  |  |  |       stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.megabytes), headers: { 'Content-Length' => 2.megabytes }) | 
					
						
							|  |  |  |       expect { subject.perform { |response| response.body_with_limit } }.to raise_error Mastodon::LengthValidationError | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-11 14:59:13 -06:00
										 |  |  |     it 'truncates large monolithic body' do | 
					
						
							|  |  |  |       stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.megabytes), headers: { 'Content-Length' => 2.megabytes }) | 
					
						
							|  |  |  |       expect(subject.perform { |response| response.truncated_body.bytesize }).to be < 2.megabytes | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2018-03-26 07:02:10 -05:00
										 |  |  |     it 'uses binary encoding if Content-Type does not tell encoding' do | 
					
						
							|  |  |  |       stub_request(:any, 'http://example.com').to_return(body: '', headers: { 'Content-Type' => 'text/html' }) | 
					
						
							|  |  |  |       expect(subject.perform { |response| response.body_with_limit.encoding }).to eq Encoding::BINARY | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     it 'uses binary encoding if Content-Type tells unknown encoding' do | 
					
						
							|  |  |  |       stub_request(:any, 'http://example.com').to_return(body: '', headers: { 'Content-Type' => 'text/html; charset=unknown' }) | 
					
						
							|  |  |  |       expect(subject.perform { |response| response.body_with_limit.encoding }).to eq Encoding::BINARY | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     it 'uses encoding specified by Content-Type' do | 
					
						
							|  |  |  |       stub_request(:any, 'http://example.com').to_return(body: '', headers: { 'Content-Type' => 'text/html; charset=UTF-8' }) | 
					
						
							|  |  |  |       expect(subject.perform { |response| response.body_with_limit.encoding }).to eq Encoding::UTF_8 | 
					
						
							|  |  |  |     end | 
					
						
							|  |  |  |   end | 
					
						
							| 
									
										
										
										
											2017-07-14 13:41:49 -05:00
										 |  |  | end |