mirror of
https://github.com/discourse/discourse.git
synced 2024-11-25 09:42:07 +08:00
Reland "DEV: Add checks that assets do not modify cookies to smoke-test.js" (#9774)
* Revert "Revert "DEV: Add checks that assets do not modify cookies to smoke-test.js (#9504)" (#9773)"
This reverts commit 732776e2ce
.
* FIX: Run cookie tests only after logging in
This commit is contained in:
parent
aee8e62e21
commit
186c471c44
|
@ -14,6 +14,15 @@ console.log(`Starting Discourse Smoke Test for ${url}`);
|
|||
const puppeteer = require("puppeteer");
|
||||
const path = require("path");
|
||||
|
||||
async function getCookie(name, page) {
|
||||
const cookies = await page.cookies();
|
||||
let found = null;
|
||||
cookies.forEach(c => {
|
||||
if (c.name === name) found = c;
|
||||
});
|
||||
return found;
|
||||
}
|
||||
|
||||
(async () => {
|
||||
const browser = await puppeteer.launch({
|
||||
// when debugging localy setting the SHOW_BROWSER env variable can be very helpful
|
||||
|
@ -70,7 +79,11 @@ const path = require("path");
|
|||
page.on("console", msg => console.log(`PAGE LOG: ${msg.text()}`));
|
||||
|
||||
page.on("response", resp => {
|
||||
if (resp.status() !== 200 && resp.status() !== 302) {
|
||||
if (
|
||||
resp.status() !== 200 &&
|
||||
resp.status() !== 302 &&
|
||||
resp.status() !== 304
|
||||
) {
|
||||
console.log(
|
||||
"FAILED HTTP REQUEST TO " + resp.url() + " Status is: " + resp.status()
|
||||
);
|
||||
|
@ -129,6 +142,49 @@ const path = require("path");
|
|||
return page.waitForSelector("header .login-button", { visible: true });
|
||||
});
|
||||
|
||||
// Prep for assets check
|
||||
const anyStylesheetEl = await page.$('link[href][rel="stylesheet"]');
|
||||
const anyAssetPath = await page.evaluate(
|
||||
el => el.getAttribute("href"),
|
||||
anyStylesheetEl
|
||||
);
|
||||
if (!anyAssetPath) {
|
||||
return console.log("FAILED - could not retrieve an asset path");
|
||||
}
|
||||
|
||||
function checkNoCookies(testPath) {
|
||||
return async function() {
|
||||
const priorCookie = await getCookie("_t", page);
|
||||
const testURL = new URL(testPath, url);
|
||||
|
||||
await page.setCookie({
|
||||
name: "_t",
|
||||
value: "invalid_auth_token",
|
||||
url: url,
|
||||
domain: priorCookie.domain,
|
||||
path: priorCookie.path,
|
||||
expires: priorCookie.expires,
|
||||
httpOnly: priorCookie.httpOnly,
|
||||
secure: priorCookie.secure,
|
||||
session: priorCookie.session,
|
||||
sameSite: priorCookie.sameSite
|
||||
});
|
||||
const badCookie = await getCookie("_t", page);
|
||||
if (badCookie.value !== "invalid_auth_token") {
|
||||
throw "FAILED - could not set cookie";
|
||||
}
|
||||
|
||||
await page.goto(testURL);
|
||||
|
||||
const newCookie = await getCookie("_t", page);
|
||||
if (newCookie === null || newCookie.value !== "invalid_auth_token") {
|
||||
throw "FAILED - Cookie was modified while fetching " + testPath;
|
||||
}
|
||||
|
||||
await page.setCookie(priorCookie);
|
||||
};
|
||||
}
|
||||
|
||||
if (process.env.LOGIN_AT_BEGINNING) {
|
||||
await login();
|
||||
}
|
||||
|
@ -182,6 +238,28 @@ const path = require("path");
|
|||
return promise;
|
||||
});
|
||||
|
||||
await exec(
|
||||
`assets do not set cookies (${anyAssetPath})`,
|
||||
checkNoCookies(anyAssetPath || "/assets/stylesheets/bogus.css")
|
||||
);
|
||||
await exec(
|
||||
"service-worker.js does not set cookies",
|
||||
checkNoCookies("/service-worker.js")
|
||||
);
|
||||
await exec("application paths do clear invalid cookies", async () => {
|
||||
const fn = checkNoCookies("/about");
|
||||
let failure = false;
|
||||
try {
|
||||
await fn();
|
||||
failure = true;
|
||||
} catch (e) {
|
||||
// Expecting cookies to be set, so a throw is correct
|
||||
}
|
||||
if (failure) {
|
||||
throw "FAILED - cookies not fixed on an application path";
|
||||
}
|
||||
});
|
||||
|
||||
await exec("it shows a topic list", () => {
|
||||
return page.waitForSelector(".topic-list", { visible: true });
|
||||
});
|
||||
|
|
Loading…
Reference in New Issue
Block a user