diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/support/http_request_mock.ex | 16 | ||||
| -rw-r--r-- | test/web/mastodon_api/mastodon_api_controller_test.exs | 9 | ||||
| -rw-r--r-- | test/web/rich_media/helpers_test.exs | 47 | 
3 files changed, 52 insertions, 20 deletions
| diff --git a/test/support/http_request_mock.ex b/test/support/http_request_mock.ex index f7f55a11a..30169edb0 100644 --- a/test/support/http_request_mock.ex +++ b/test/support/http_request_mock.ex @@ -757,6 +757,14 @@ defmodule HttpRequestMock do      {:ok, %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/ogp.html")}}    end +  def get("https://example.com/ogp", _, _, _) do +    {:ok, %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/ogp.html")}} +  end + +  def get("https://pleroma.local/notice/9kCP7V", _, _, _) do +    {:ok, %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/ogp.html")}} +  end +    def get("http://example.com/ogp-missing-data", _, _, _) do      {:ok,       %Tesla.Env{ @@ -765,6 +773,14 @@ defmodule HttpRequestMock do       }}    end +  def get("https://example.com/ogp-missing-data", _, _, _) do +    {:ok, +     %Tesla.Env{ +       status: 200, +       body: File.read!("test/fixtures/rich_media/ogp-missing-data.html") +     }} +  end +    def get("http://example.com/malformed", _, _, _) do      {:ok,       %Tesla.Env{status: 200, body: File.read!("test/fixtures/rich_media/malformed-data.html")}} diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 707723421..17e723528 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -312,7 +312,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        conn        |> assign(:user, user)        |> post("/api/v1/statuses", %{ -        "status" => "http://example.com/ogp" +        "status" => "https://example.com/ogp"        })      assert %{"id" => id, "card" => %{"title" => "The Rock"}} = json_response(conn, 200) @@ -2557,7 +2557,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do      end      test "returns rich-media card", %{conn: conn, user: user} do -      {:ok, activity} = CommonAPI.post(user, %{"status" => "http://example.com/ogp"}) +      {:ok, activity} = CommonAPI.post(user, %{"status" => "https://example.com/ogp"})        card_data = %{          "image" => "http://ia.media-imdb.com/images/rock.jpg", @@ -2589,7 +2589,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do        # works with private posts        {:ok, activity} = -        CommonAPI.post(user, %{"status" => "http://example.com/ogp", "visibility" => "direct"}) +        CommonAPI.post(user, %{"status" => "https://example.com/ogp", "visibility" => "direct"})        response_two =          conn @@ -2601,7 +2601,8 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do      end      test "replaces missing description with an empty string", %{conn: conn, user: user} do -      {:ok, activity} = CommonAPI.post(user, %{"status" => "http://example.com/ogp-missing-data"}) +      {:ok, activity} = +        CommonAPI.post(user, %{"status" => "https://example.com/ogp-missing-data"})        response =          conn diff --git a/test/web/rich_media/helpers_test.exs b/test/web/rich_media/helpers_test.exs index 53b0596f5..c8f442b05 100644 --- a/test/web/rich_media/helpers_test.exs +++ b/test/web/rich_media/helpers_test.exs @@ -1,14 +1,19 @@  defmodule Pleroma.Web.RichMedia.HelpersTest do    use Pleroma.DataCase +  alias Pleroma.Config    alias Pleroma.Object    alias Pleroma.Web.CommonAPI +  alias Pleroma.Web.RichMedia.Helpers    import Pleroma.Factory    import Tesla.Mock    setup do      mock(fn env -> apply(HttpRequestMock, :request, [env]) end) +    rich_media = Config.get([:rich_media, :enabled]) +    on_exit(fn -> Config.put([:rich_media, :enabled], rich_media) end) +      :ok    end @@ -21,11 +26,9 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do          "content_type" => "text/markdown"        }) -    Pleroma.Config.put([:rich_media, :enabled], true) +    Config.put([:rich_media, :enabled], true)      assert %{} == Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) - -    Pleroma.Config.put([:rich_media, :enabled], false)    end    test "refuses to crawl malformed URLs" do @@ -37,11 +40,9 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do          "content_type" => "text/markdown"        }) -    Pleroma.Config.put([:rich_media, :enabled], true) +    Config.put([:rich_media, :enabled], true)      assert %{} == Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) - -    Pleroma.Config.put([:rich_media, :enabled], false)    end    test "crawls valid, complete URLs" do @@ -49,16 +50,14 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do      {:ok, activity} =        CommonAPI.post(user, %{ -        "status" => "[test](http://example.com/ogp)", +        "status" => "[test](https://example.com/ogp)",          "content_type" => "text/markdown"        }) -    Pleroma.Config.put([:rich_media, :enabled], true) +    Config.put([:rich_media, :enabled], true) -    assert %{page_url: "http://example.com/ogp", rich_media: _} = +    assert %{page_url: "https://example.com/ogp", rich_media: _} =               Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) - -    Pleroma.Config.put([:rich_media, :enabled], false)    end    test "refuses to crawl URLs from posts marked sensitive" do @@ -74,11 +73,9 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do      assert object.data["sensitive"] -    Pleroma.Config.put([:rich_media, :enabled], true) +    Config.put([:rich_media, :enabled], true)      assert %{} = Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) - -    Pleroma.Config.put([:rich_media, :enabled], false)    end    test "refuses to crawl URLs from posts tagged NSFW" do @@ -93,10 +90,28 @@ defmodule Pleroma.Web.RichMedia.HelpersTest do      assert object.data["sensitive"] -    Pleroma.Config.put([:rich_media, :enabled], true) +    Config.put([:rich_media, :enabled], true)      assert %{} = Pleroma.Web.RichMedia.Helpers.fetch_data_for_activity(activity) +  end + +  test "refuses to crawl URLs of private network from posts" do +    user = insert(:user) + +    {:ok, activity} = +      CommonAPI.post(user, %{"status" => "http://127.0.0.1:4000/notice/9kCP7VNyPJXFOXDrgO"}) + +    {:ok, activity2} = CommonAPI.post(user, %{"status" => "https://10.111.10.1/notice/9kCP7V"}) +    {:ok, activity3} = CommonAPI.post(user, %{"status" => "https://172.16.32.40/notice/9kCP7V"}) +    {:ok, activity4} = CommonAPI.post(user, %{"status" => "https://192.168.10.40/notice/9kCP7V"}) +    {:ok, activity5} = CommonAPI.post(user, %{"status" => "https://pleroma.local/notice/9kCP7V"}) + +    Config.put([:rich_media, :enabled], true) -    Pleroma.Config.put([:rich_media, :enabled], false) +    assert %{} = Helpers.fetch_data_for_activity(activity) +    assert %{} = Helpers.fetch_data_for_activity(activity2) +    assert %{} = Helpers.fetch_data_for_activity(activity3) +    assert %{} = Helpers.fetch_data_for_activity(activity4) +    assert %{} = Helpers.fetch_data_for_activity(activity5)    end  end | 
