diff options
Diffstat (limited to 'test/web/rich_media')
-rw-r--r-- | test/web/rich_media/aws_signed_url_test.exs | 82 | ||||
-rw-r--r-- | test/web/rich_media/helpers_test.exs | 51 | ||||
-rw-r--r-- | test/web/rich_media/parser_test.exs | 45 | ||||
-rw-r--r-- | test/web/rich_media/parsers/twitter_card_test.exs | 69 |
4 files changed, 228 insertions, 19 deletions
diff --git a/test/web/rich_media/aws_signed_url_test.exs b/test/web/rich_media/aws_signed_url_test.exs new file mode 100644 index 000000000..a3a50cbb1 --- /dev/null +++ b/test/web/rich_media/aws_signed_url_test.exs @@ -0,0 +1,82 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.RichMedia.TTL.AwsSignedUrlTest do + use ExUnit.Case, async: true + + test "s3 signed url is parsed correct for expiration time" do + url = "https://pleroma.social/amz" + + {:ok, timestamp} = + Timex.now() + |> DateTime.truncate(:second) + |> Timex.format("{ISO:Basic:Z}") + + # in seconds + valid_till = 30 + + metadata = construct_metadata(timestamp, valid_till, url) + + expire_time = + Timex.parse!(timestamp, "{ISO:Basic:Z}") |> Timex.to_unix() |> Kernel.+(valid_till) + + assert expire_time == Pleroma.Web.RichMedia.Parser.TTL.AwsSignedUrl.ttl(metadata, url) + end + + test "s3 signed url is parsed and correct ttl is set for rich media" do + url = "https://pleroma.social/amz" + + {:ok, timestamp} = + Timex.now() + |> DateTime.truncate(:second) + |> Timex.format("{ISO:Basic:Z}") + + # in seconds + valid_till = 30 + + metadata = construct_metadata(timestamp, valid_till, url) + + body = """ + <meta name="twitter:card" content="Pleroma" /> + <meta name="twitter:site" content="Pleroma" /> + <meta name="twitter:title" content="Pleroma" /> + <meta name="twitter:description" content="Pleroma" /> + <meta name="twitter:image" content="#{Map.get(metadata, :image)}" /> + """ + + Tesla.Mock.mock(fn + %{ + method: :get, + url: "https://pleroma.social/amz" + } -> + %Tesla.Env{status: 200, body: body} + end) + + Cachex.put(:rich_media_cache, url, metadata) + + Pleroma.Web.RichMedia.Parser.set_ttl_based_on_image({:ok, metadata}, url) + + {:ok, cache_ttl} = Cachex.ttl(:rich_media_cache, url) + + # as there is delay in setting and pulling the data from cache we ignore 1 second + # make it 2 seconds for flakyness + assert_in_delta(valid_till * 1000, cache_ttl, 2000) + end + + defp construct_s3_url(timestamp, valid_till) do + "https://pleroma.s3.ap-southeast-1.amazonaws.com/sachin%20%281%29%20_a%20-%25%2Aasdasd%20BNN%20bnnn%20.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIBLWWK6RGDQXDLJQ%2F20190716%2Fap-southeast-1%2Fs3%2Faws4_request&X-Amz-Date=#{ + timestamp + }&X-Amz-Expires=#{valid_till}&X-Amz-Signature=04ffd6b98634f4b1bbabc62e0fac4879093cd54a6eed24fe8eb38e8369526bbf&X-Amz-SignedHeaders=host" + end + + defp construct_metadata(timestamp, valid_till, url) do + %{ + image: construct_s3_url(timestamp, valid_till), + site: "Pleroma", + title: "Pleroma", + description: "Pleroma", + url: url + } + end +end diff --git a/test/web/rich_media/helpers_test.exs b/test/web/rich_media/helpers_test.exs index 53b0596f5..48884319d 100644 --- a/test/web/rich_media/helpers_test.exs +++ b/test/web/rich_media/helpers_test.exs @@ -1,17 +1,26 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + defmodule Pleroma.Web.RichMedia.HelpersTest do use Pleroma.DataCase + alias Pleroma.Config alias Pleroma.Object alias Pleroma.Web.CommonAPI + alias Pleroma.Web.RichMedia.Helpers import Pleroma.Factory import Tesla.Mock setup do mock(fn env -> apply(HttpRequestMock, :request, [env]) end) + :ok end + clear_config([:rich_media, :enabled]) + test "refuses to crawl incomplete URLs" do user = insert(:user) @@ -21,11 +30,9 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do "content_type" => "text/markdown" }) - Pleroma.Config.put([:rich_media, :enabled], true) + Config.put([:rich_media, :enabled], true) assert %{} == Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) - - Pleroma.Config.put([:rich_media, :enabled], false) end test "refuses to crawl malformed URLs" do @@ -37,11 +44,9 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do "content_type" => "text/markdown" }) - Pleroma.Config.put([:rich_media, :enabled], true) + Config.put([:rich_media, :enabled], true) assert %{} == Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) - - Pleroma.Config.put([:rich_media, :enabled], false) end test "crawls valid, complete URLs" do @@ -49,16 +54,14 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do {:ok, activity} = CommonAPI.post(user, %{ - "status" => "[test](http://example.com/ogp)", + "status" => "[test](https://example.com/ogp)", "content_type" => "text/markdown" }) - Pleroma.Config.put([:rich_media, :enabled], true) + Config.put([:rich_media, :enabled], true) - assert %{page_url: "http://example.com/ogp", rich_media: _} = + assert %{page_url: "https://example.com/ogp", rich_media: _} = Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) - - Pleroma.Config.put([:rich_media, :enabled], false) end test "refuses to crawl URLs from posts marked sensitive" do @@ -74,11 +77,9 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do assert object.data["sensitive"] - Pleroma.Config.put([:rich_media, :enabled], true) + Config.put([:rich_media, :enabled], true) assert %{} = Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) - - Pleroma.Config.put([:rich_media, :enabled], false) end test "refuses to crawl URLs from posts tagged NSFW" do @@ -93,10 +94,28 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do assert object.data["sensitive"] - Pleroma.Config.put([:rich_media, :enabled], true) + Config.put([:rich_media, :enabled], true) assert %{} = Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) + end + + test "refuses to crawl URLs of private network from posts" do + user = insert(:user) + + {:ok, activity} = + CommonAPI.post(user, %{"status" => "http://127.0.0.1:4000/notice/9kCP7VNyPJXFOXDrgO"}) + + {:ok, activity2} = CommonAPI.post(user, %{"status" => "https://10.111.10.1/notice/9kCP7V"}) + {:ok, activity3} = CommonAPI.post(user, %{"status" => "https://172.16.32.40/notice/9kCP7V"}) + {:ok, activity4} = CommonAPI.post(user, %{"status" => "https://192.168.10.40/notice/9kCP7V"}) + {:ok, activity5} = CommonAPI.post(user, %{"status" => "https://pleroma.local/notice/9kCP7V"}) + + Config.put([:rich_media, :enabled], true) - Pleroma.Config.put([:rich_media, :enabled], false) + assert %{} = Helpers.fetch_data_for_activity(activity) + assert %{} = Helpers.fetch_data_for_activity(activity2) + assert %{} = Helpers.fetch_data_for_activity(activity3) + assert %{} = Helpers.fetch_data_for_activity(activity4) + assert %{} = Helpers.fetch_data_for_activity(activity5) end end diff --git a/test/web/rich_media/parser_test.exs b/test/web/rich_media/parser_test.exs index 3a9cc1854..b75bdf96f 100644 --- a/test/web/rich_media/parser_test.exs +++ b/test/web/rich_media/parser_test.exs @@ -1,3 +1,7 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + defmodule Pleroma.Web.RichMedia.ParserTest do use ExUnit.Case, async: true @@ -11,6 +15,21 @@ defmodule Pleroma.Web.RichMedia.ParserTest do %{ method: :get, + url: "http://example.com/non-ogp" + } -> + %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/non_ogp_embed.html")} + + %{ + method: :get, + url: "http://example.com/ogp-missing-title" + } -> + %Tesla.Env{ + status: 200, + body: File.read!("test/fixtures/rich_media/ogp-missing-title.html") + } + + %{ + method: :get, url: "http://example.com/twitter-card" } -> %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/twitter_card.html")} @@ -38,6 +57,12 @@ defmodule Pleroma.Web.RichMedia.ParserTest do assert {:error, _} = Pleroma.Web.RichMedia.Parser.parse("http://example.com/empty") end + test "doesn't just add a title" do + assert Pleroma.Web.RichMedia.Parser.parse("http://example.com/non-ogp") == + {:error, + "Found metadata was invalid or incomplete: %{url: \"http://example.com/non-ogp\"}"} + end + test "parses ogp" do assert Pleroma.Web.RichMedia.Parser.parse("http://example.com/ogp") == {:ok, @@ -47,7 +72,20 @@ defmodule Pleroma.Web.RichMedia.ParserTest do description: "Directed by Michael Bay. With Sean Connery, Nicolas Cage, Ed Harris, John Spencer.", type: "video.movie", - url: "http://www.imdb.com/title/tt0117500/" + url: "http://example.com/ogp" + }} + end + + test "falls back to <title> when ogp:title is missing" do + assert Pleroma.Web.RichMedia.Parser.parse("http://example.com/ogp-missing-title") == + {:ok, + %{ + image: "http://ia.media-imdb.com/images/rock.jpg", + title: "The Rock (1996)", + description: + "Directed by Michael Bay. With Sean Connery, Nicolas Cage, Ed Harris, John Spencer.", + type: "video.movie", + url: "http://example.com/ogp-missing-title" }} end @@ -59,7 +97,8 @@ defmodule Pleroma.Web.RichMedia.ParserTest do site: "@flickr", image: "https://farm6.staticflickr.com/5510/14338202952_93595258ff_z.jpg", title: "Small Island Developing States Photo Submission", - description: "View the album on Flickr." + description: "View the album on Flickr.", + url: "http://example.com/twitter-card" }} end @@ -83,7 +122,7 @@ defmodule Pleroma.Web.RichMedia.ParserTest do thumbnail_width: 150, title: "Bacon Lollys", type: "photo", - url: "https://farm4.staticflickr.com/3040/2362225867_4a87ab8baf_b.jpg", + url: "http://example.com/oembed", version: "1.0", web_page: "https://www.flickr.com/photos/bees/2362225867/", web_page_short_url: "https://flic.kr/p/4AK2sc", diff --git a/test/web/rich_media/parsers/twitter_card_test.exs b/test/web/rich_media/parsers/twitter_card_test.exs new file mode 100644 index 000000000..f8e1c9b40 --- /dev/null +++ b/test/web/rich_media/parsers/twitter_card_test.exs @@ -0,0 +1,69 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/> +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.RichMedia.Parsers.TwitterCardTest do + use ExUnit.Case, async: true + alias Pleroma.Web.RichMedia.Parsers.TwitterCard + + test "returns error when html not contains twitter card" do + assert TwitterCard.parse("", %{}) == {:error, "No twitter card metadata found"} + end + + test "parses twitter card with only name attributes" do + html = File.read!("test/fixtures/nypd-facial-recognition-children-teenagers3.html") + + assert TwitterCard.parse(html, %{}) == + {:ok, + %{ + "app:id:googleplay": "com.nytimes.android", + "app:name:googleplay": "NYTimes", + "app:url:googleplay": "nytimes://reader/id/100000006583622", + site: nil, + title: + "She Was Arrested at 14. Then Her Photo Went to a Facial Recognition Database. - The New York Times" + }} + end + + test "parses twitter card with only property attributes" do + html = File.read!("test/fixtures/nypd-facial-recognition-children-teenagers2.html") + + assert TwitterCard.parse(html, %{}) == + {:ok, + %{ + card: "summary_large_image", + description: + "With little oversight, the N.Y.P.D. has been using powerful surveillance technology on photos of children and teenagers.", + image: + "https://static01.nyt.com/images/2019/08/01/nyregion/01nypd-juveniles-promo/01nypd-juveniles-promo-videoSixteenByNineJumbo1600.jpg", + "image:alt": "", + title: + "She Was Arrested at 14. Then Her Photo Went to a Facial Recognition Database.", + url: + "https://www.nytimes.com/2019/08/01/nyregion/nypd-facial-recognition-children-teenagers.html" + }} + end + + test "parses twitter card with name & property attributes" do + html = File.read!("test/fixtures/nypd-facial-recognition-children-teenagers.html") + + assert TwitterCard.parse(html, %{}) == + {:ok, + %{ + "app:id:googleplay": "com.nytimes.android", + "app:name:googleplay": "NYTimes", + "app:url:googleplay": "nytimes://reader/id/100000006583622", + card: "summary_large_image", + description: + "With little oversight, the N.Y.P.D. has been using powerful surveillance technology on photos of children and teenagers.", + image: + "https://static01.nyt.com/images/2019/08/01/nyregion/01nypd-juveniles-promo/01nypd-juveniles-promo-videoSixteenByNineJumbo1600.jpg", + "image:alt": "", + site: nil, + title: + "She Was Arrested at 14. Then Her Photo Went to a Facial Recognition Database.", + url: + "https://www.nytimes.com/2019/08/01/nyregion/nypd-facial-recognition-children-teenagers.html" + }} + end +end |