request_spec.rb 5.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144
  1. # frozen_string_literal: true
  2. require 'rails_helper'
  3. require 'securerandom'
  4. describe Request do
  5. subject { Request.new(:get, 'http://example.com') }
  6. describe '#headers' do
  7. it 'returns user agent' do
  8. expect(subject.headers['User-Agent']).to be_present
  9. end
  10. it 'returns the date header' do
  11. expect(subject.headers['Date']).to be_present
  12. end
  13. it 'returns the host header' do
  14. expect(subject.headers['Host']).to be_present
  15. end
  16. it 'does not return virtual request-target header' do
  17. expect(subject.headers['(request-target)']).to be_nil
  18. end
  19. end
  20. describe '#on_behalf_of' do
  21. it 'when used, adds signature header' do
  22. subject.on_behalf_of(Fabricate(:account))
  23. expect(subject.headers['Signature']).to be_present
  24. end
  25. end
  26. describe '#add_headers' do
  27. it 'adds headers to the request' do
  28. subject.add_headers('Test' => 'Foo')
  29. expect(subject.headers['Test']).to eq 'Foo'
  30. end
  31. end
  32. describe '#perform' do
  33. context 'with valid host' do
  34. before { stub_request(:get, 'http://example.com') }
  35. it 'executes a HTTP request' do
  36. expect { |block| subject.perform &block }.to yield_control
  37. expect(a_request(:get, 'http://example.com')).to have_been_made.once
  38. end
  39. it 'executes a HTTP request when the first address is private' do
  40. resolver = double
  41. allow(resolver).to receive(:getaddresses).with('example.com').and_return(%w(0.0.0.0 2001:4860:4860::8844))
  42. allow(resolver).to receive(:timeouts=).and_return(nil)
  43. allow(Resolv::DNS).to receive(:open).and_yield(resolver)
  44. expect { |block| subject.perform &block }.to yield_control
  45. expect(a_request(:get, 'http://example.com')).to have_been_made.once
  46. end
  47. it 'sets headers' do
  48. expect { |block| subject.perform &block }.to yield_control
  49. expect(a_request(:get, 'http://example.com').with(headers: subject.headers)).to have_been_made
  50. end
  51. it 'closes underlying connection' do
  52. expect_any_instance_of(HTTP::Client).to receive(:close)
  53. expect { |block| subject.perform &block }.to yield_control
  54. end
  55. it 'returns response which implements body_with_limit' do
  56. subject.perform do |response|
  57. expect(response).to respond_to :body_with_limit
  58. end
  59. end
  60. end
  61. context 'with private host' do
  62. around do |example|
  63. WebMock.disable!
  64. example.run
  65. WebMock.enable!
  66. end
  67. it 'raises Mastodon::ValidationError' do
  68. resolver = double
  69. allow(resolver).to receive(:getaddresses).with('example.com').and_return(%w(0.0.0.0 2001:db8::face))
  70. allow(resolver).to receive(:timeouts=).and_return(nil)
  71. allow(Resolv::DNS).to receive(:open).and_yield(resolver)
  72. expect { subject.perform }.to raise_error Mastodon::ValidationError
  73. end
  74. end
  75. end
  76. describe "response's body_with_limit method" do
  77. it 'rejects body more than 1 megabyte by default' do
  78. stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.megabytes))
  79. expect { subject.perform { |response| response.body_with_limit } }.to raise_error Mastodon::LengthValidationError
  80. end
  81. it 'accepts body less than 1 megabyte by default' do
  82. stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.kilobytes))
  83. expect { subject.perform { |response| response.body_with_limit } }.not_to raise_error
  84. end
  85. it 'rejects body by given size' do
  86. stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.kilobytes))
  87. expect { subject.perform { |response| response.body_with_limit(1.kilobyte) } }.to raise_error Mastodon::LengthValidationError
  88. end
  89. it 'rejects too large chunked body' do
  90. stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.megabytes), headers: { 'Transfer-Encoding' => 'chunked' })
  91. expect { subject.perform { |response| response.body_with_limit } }.to raise_error Mastodon::LengthValidationError
  92. end
  93. it 'rejects too large monolithic body' do
  94. stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.megabytes), headers: { 'Content-Length' => 2.megabytes })
  95. expect { subject.perform { |response| response.body_with_limit } }.to raise_error Mastodon::LengthValidationError
  96. end
  97. it 'truncates large monolithic body' do
  98. stub_request(:any, 'http://example.com').to_return(body: SecureRandom.random_bytes(2.megabytes), headers: { 'Content-Length' => 2.megabytes })
  99. expect(subject.perform { |response| response.truncated_body.bytesize }).to be < 2.megabytes
  100. end
  101. it 'uses binary encoding if Content-Type does not tell encoding' do
  102. stub_request(:any, 'http://example.com').to_return(body: '', headers: { 'Content-Type' => 'text/html' })
  103. expect(subject.perform { |response| response.body_with_limit.encoding }).to eq Encoding::BINARY
  104. end
  105. it 'uses binary encoding if Content-Type tells unknown encoding' do
  106. stub_request(:any, 'http://example.com').to_return(body: '', headers: { 'Content-Type' => 'text/html; charset=unknown' })
  107. expect(subject.perform { |response| response.body_with_limit.encoding }).to eq Encoding::BINARY
  108. end
  109. it 'uses encoding specified by Content-Type' do
  110. stub_request(:any, 'http://example.com').to_return(body: '', headers: { 'Content-Type' => 'text/html; charset=UTF-8' })
  111. expect(subject.perform { |response| response.body_with_limit.encoding }).to eq Encoding::UTF_8
  112. end
  113. end
  114. end