github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-26 05:23:40 +08:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
1a48ea767e
discourse/spec/lib/onebox/status_check_spec.rb
David Taylor 68b4fe4cf8
SECURITY: Expand and improve SSRF Protections (#18815) 
See https://github.com/discourse/discourse/security/advisories/GHSA-rcc5-28r3-23rr

Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2022-11-01 16:33:17 +00:00

75 lines
3.2 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
RSpec.describe Onebox::StatusCheck do
before do
stub_request(:get, "http://www.amazon.com/200-url").to_return(status: 200)
stub_request(:get, "http://www.amazon.com/201-url").to_return(status: 201)
stub_request(:get, "http://www.amazon.com/401-url").to_return(status: 401)
stub_request(:get, "http://www.amazon.com/403-url").to_return(status: 403)
stub_request(:get, "http://www.amazon.com/404-url").to_return(status: 404)
stub_request(:get, "http://www.amazon.com/500-url").to_return(status: 500)
stub_request(:get, "http://www.amazon.com/503-url").to_return(status: 503)
stub_request(:get, "http://www.amazon.com/timeout-url").to_raise(Timeout::Error)
stub_request(:get, "http://www.amazon.com/http-error").to_raise(Net::HTTPError.new("error", nil))
stub_request(:get, "http://www.amazon.com/error-connecting").to_raise(Errno::ECONNREFUSED)
end
describe '#human_status' do
it 'returns :success on HTTP status code 200' do
expect(described_class.new("http://www.amazon.com/200-url").human_status).to eq(:success)
end
it 'returns :success on HTTP status code 201' do
expect(described_class.new("http://www.amazon.com/201-url").human_status).to eq(:success)
end
it 'returns :client_error on HTTP status code 401' do
expect(described_class.new("http://www.amazon.com/401-url").human_status).to eq(:client_error)
end
it 'returns :client_error on HTTP status code 403' do
expect(described_class.new("http://www.amazon.com/403-url").human_status).to eq(:client_error)
end
it 'returns :client_error on HTTP status code 404' do
expect(described_class.new("http://www.amazon.com/404-url").human_status).to eq(:client_error)
end
it 'returns :server_error on HTTP status code 500' do
expect(described_class.new("http://www.amazon.com/500-url").human_status).to eq(:server_error)
end
it 'returns :server_error on HTTP status code 503' do
expect(described_class.new("http://www.amazon.com/503-url").human_status).to eq(:server_error)
end
it 'returns :connection_error if there is a connection refused error' do
expect(described_class.new("http://www.amazon.com/error-connecting").human_status).to eq(:connection_error)
end
it 'returns :connection_error if there is a timeout error' do
expect(described_class.new("http://www.amazon.com/timeout-url").human_status).to eq(:connection_error)
end
it 'returns :connection_error if there is a general HTTP error' do
expect(described_class.new("http://www.amazon.com/http-error").human_status).to eq(:connection_error)
end
it 'returns :connection_error for private ips' do
FinalDestination::TestHelper.stub_to_fail do
expect(described_class.new("http://www.amazon.com/http-error").human_status).to eq(:connection_error)
end
end
end
describe '#ok?' do
it 'returns true for HTTP status codes 200-299' do
expect(described_class.new("http://www.amazon.com/200-url").ok?).to be true
end
it 'returns false for any status codes other than 200-299' do
expect(described_class.new("http://www.amazon.com/404-url").ok?).to be false
end
end
end
Reference in New Issue View Git Blame Copy Permalink