Merge remote-tracking branch 'remotes/origin/develop' into media-preview-proxy-nostream

[akkoma] / test / web / media_proxy / media_proxy_test.exs

diff --git a/test/web/media_proxy/media_proxy_test.exs b/test/web/media_proxy/media_proxy_test.exs
index cad0acd306196d079585f674b3de85731987340b..0e6df826c3b612fd874df34b8938b6967d90771e 100644 (file)
--- a/test/web/media_proxy/media_proxy_test.exs
+++ b/test/web/media_proxy/media_proxy_test.exs
@@ -71,12 +71,9 @@ defmodule Pleroma.Web.MediaProxyTest do
     end
 
     test "validates signature" do
-      secret_key_base = Config.get([Endpoint, :secret_key_base])
-      clear_config([Endpoint, :secret_key_base], secret_key_base)
-
       encoded = MediaProxy.url("https://pleroma.social")
 
-      Config.put(
+      clear_config(
         [Endpoint, :secret_key_base],
         "00000000000000000000000000000000000000000000000"
       )
@@ -85,50 +82,72 @@ defmodule Pleroma.Web.MediaProxyTest do
       assert MediaProxy.decode_url(sig, base64) == {:error, :invalid_signature}
     end
 
-    test "`filename_matches/_` preserves the encoded or decoded path" do
-      assert MediaProxy.filename_matches(
-               %{"filename" => "/Hello world.jpg"},
-               "/Hello world.jpg",
-               "http://pleroma.social/Hello world.jpg"
-             ) == :ok
+    def test_verify_request_path_and_url(request_path, url, expected_result) do
+      assert MediaProxy.verify_request_path_and_url(request_path, url) == expected_result
 
-      assert MediaProxy.filename_matches(
-               %{"filename" => "/Hello%20world.jpg"},
-               "/Hello%20world.jpg",
-               "http://pleroma.social/Hello%20world.jpg"
-             ) == :ok
+      assert MediaProxy.verify_request_path_and_url(
+               %Plug.Conn{
+                 params: %{"filename" => Path.basename(request_path)},
+                 request_path: request_path
+               },
+               url
+             ) == expected_result
+    end
 
-      assert MediaProxy.filename_matches(
-               %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"},
-               "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
-               "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
+    test "if first arg of `verify_request_path_and_url/2` is a Plug.Conn without \"filename\" " <>
+           "parameter, `verify_request_path_and_url/2` returns :ok " do
+      assert MediaProxy.verify_request_path_and_url(
+               %Plug.Conn{params: %{}, request_path: "/some/path"},
+               "https://instance.com/file.jpg"
              ) == :ok
 
-      assert MediaProxy.filename_matches(
-               %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jp"},
-               "/my%2Flong%2Furl%2F2019%2F07%2FS.jp",
-               "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
-             ) == {:wrong_filename, "my%2Flong%2Furl%2F2019%2F07%2FS.jpg"}
+      assert MediaProxy.verify_request_path_and_url(
+               %Plug.Conn{params: %{}, request_path: "/path/to/file.jpg"},
+               "https://instance.com/file.jpg"
+             ) == :ok
     end
 
-    test "encoded url are tried to match for proxy as `conn.request_path` encodes the url" do
-      # conn.request_path will return encoded url
-      request_path = "/ANALYSE-DAI-_-LE-STABLECOIN-100-D%C3%89CENTRALIS%C3%89-BQ.jpg"
+    test "`verify_request_path_and_url/2` preserves the encoded or decoded path" do
+      test_verify_request_path_and_url(
+        "/Hello world.jpg",
+        "http://pleroma.social/Hello world.jpg",
+        :ok
+      )
 
-      assert MediaProxy.filename_matches(
-               true,
-               request_path,
-               "https://mydomain.com/uploads/2019/07/ANALYSE-DAI-_-LE-STABLECOIN-100-DÉCENTRALISÉ-BQ.jpg"
-             ) == :ok
+      test_verify_request_path_and_url(
+        "/Hello%20world.jpg",
+        "http://pleroma.social/Hello%20world.jpg",
+        :ok
+      )
+
+      test_verify_request_path_and_url(
+        "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
+        "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
+        :ok
+      )
+
+      test_verify_request_path_and_url(
+        # Note: `conn.request_path` returns encoded url
+        "/ANALYSE-DAI-_-LE-STABLECOIN-100-D%C3%89CENTRALIS%C3%89-BQ.jpg",
+        "https://mydomain.com/uploads/2019/07/ANALYSE-DAI-_-LE-STABLECOIN-100-DÉCENTRALISÉ-BQ.jpg",
+        :ok
+      )
+
+      test_verify_request_path_and_url(
+        "/my%2Flong%2Furl%2F2019%2F07%2FS",
+        "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
+        {:wrong_filename, "my%2Flong%2Furl%2F2019%2F07%2FS.jpg"}
+      )
     end
 
     test "uses the configured base_url" do
-      clear_config([:media_proxy, :base_url], "https://cache.pleroma.social")
+      base_url = "https://cache.pleroma.social"
+      clear_config([:media_proxy, :base_url], base_url)
 
       url = "https://pleroma.soykaf.com/static/logo.png"
       encoded = MediaProxy.url(url)
 
-      assert String.starts_with?(encoded, Config.get([:media_proxy, :base_url]))
+      assert String.starts_with?(encoded, base_url)
     end
 
     # Some sites expect ASCII encoded characters in the URL to be preserved even if
@@ -174,6 +193,15 @@ defmodule Pleroma.Web.MediaProxyTest do
     setup do: clear_config([:media_proxy, :enabled], true)
 
     test "mediaproxy whitelist" do
+      clear_config([:media_proxy, :whitelist], ["https://google.com", "https://feld.me"])
+      url = "https://feld.me/foo.png"
+
+      unencoded = MediaProxy.url(url)
+      assert unencoded == url
+    end
+
+    # TODO: delete after removing support bare domains for media proxy whitelist
+    test "mediaproxy whitelist bare domains whitelist (deprecated)" do
       clear_config([:media_proxy, :whitelist], ["google.com", "feld.me"])
       url = "https://feld.me/foo.png"