git.squeep.com Git - akkoma/blob - test/pleroma/reverse_proxy_test.exs

   1 # Pleroma: A lightweight social networking server
   2 # Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
   3 # SPDX-License-Identifier: AGPL-3.0-only
   4
   5 defmodule Pleroma.ReverseProxyTest do
   6   use Pleroma.Web.ConnCase, async: true
   7
   8   import ExUnit.CaptureLog
   9   import Mox
  10
  11   alias Pleroma.ReverseProxy
  12   alias Pleroma.ReverseProxy.ClientMock
  13   alias Plug.Conn
  14
  15   setup_all do
  16     {:ok, _} = Registry.start_link(keys: :unique, name: ClientMock)
  17     :ok
  18   end
  19
  20   setup :verify_on_exit!
  21
  22   defp user_agent_mock(user_agent, invokes) do
  23     json = Jason.encode!(%{"user-agent": user_agent})
  24
  25     ClientMock
  26     |> expect(:request, fn :get, url, _, _, _ ->
  27       Registry.register(ClientMock, url, 0)
  28
  29       {:ok, 200,
  30        [
  31          {"content-type", "application/json"},
  32          {"content-length", byte_size(json) |> to_string()}
  33        ], %{url: url}}
  34     end)
  35     |> expect(:stream_body, invokes, fn %{url: url} = client ->
  36       case Registry.lookup(ClientMock, url) do
  37         [{_, 0}] ->
  38           Registry.update_value(ClientMock, url, &(&1 + 1))
  39           {:ok, json, client}
  40
  41         [{_, 1}] ->
  42           Registry.unregister(ClientMock, url)
  43           :done
  44       end
  45     end)
  46   end
  47
  48   describe "reverse proxy" do
  49     test "do not track successful request", %{conn: conn} do
  50       user_agent_mock("hackney/1.15.1", 2)
  51       url = "/success"
  52
  53       conn = ReverseProxy.call(conn, url)
  54
  55       assert conn.status == 200
  56       assert Cachex.get(:failed_proxy_url_cache, url) == {:ok, nil}
  57     end
  58   end
  59
  60   describe "user-agent" do
  61     test "don't keep", %{conn: conn} do
  62       user_agent_mock("hackney/1.15.1", 2)
  63       conn = ReverseProxy.call(conn, "/user-agent")
  64       assert json_response(conn, 200) == %{"user-agent" => "hackney/1.15.1"}
  65     end
  66
  67     test "keep", %{conn: conn} do
  68       user_agent_mock(Pleroma.Application.user_agent(), 2)
  69       conn = ReverseProxy.call(conn, "/user-agent-keep", keep_user_agent: true)
  70       assert json_response(conn, 200) == %{"user-agent" => Pleroma.Application.user_agent()}
  71     end
  72   end
  73
  74   test "closed connection", %{conn: conn} do
  75     ClientMock
  76     |> expect(:request, fn :get, "/closed", _, _, _ -> {:ok, 200, [], %{}} end)
  77     |> expect(:stream_body, fn _ -> {:error, :closed} end)
  78     |> expect(:close, fn _ -> :ok end)
  79
  80     conn = ReverseProxy.call(conn, "/closed")
  81     assert conn.halted
  82   end
  83
  84   defp stream_mock(invokes, with_close? \\ false) do
  85     ClientMock
  86     |> expect(:request, fn :get, "/stream-bytes/" <> length, _, _, _ ->
  87       Registry.register(ClientMock, "/stream-bytes/" <> length, 0)
  88
  89       {:ok, 200, [{"content-type", "application/octet-stream"}],
  90        %{url: "/stream-bytes/" <> length}}
  91     end)
  92     |> expect(:stream_body, invokes, fn %{url: "/stream-bytes/" <> length} = client ->
  93       max = String.to_integer(length)
  94
  95       case Registry.lookup(ClientMock, "/stream-bytes/" <> length) do
  96         [{_, current}] when current < max ->
  97           Registry.update_value(
  98             ClientMock,
  99             "/stream-bytes/" <> length,
 100             &(&1 + 10)
 101           )
 102
 103           {:ok, "0123456789", client}
 104
 105         [{_, ^max}] ->
 106           Registry.unregister(ClientMock, "/stream-bytes/" <> length)
 107           :done
 108       end
 109     end)
 110
 111     if with_close? do
 112       expect(ClientMock, :close, fn _ -> :ok end)
 113     end
 114   end
 115
 116   describe "max_body" do
 117     test "length returns error if content-length more than option", %{conn: conn} do
 118       user_agent_mock("hackney/1.15.1", 0)
 119
 120       assert capture_log(fn ->
 121                ReverseProxy.call(conn, "/huge-file", max_body_length: 4)
 122              end) =~
 123                "[error] Elixir.Pleroma.ReverseProxy: request to \"/huge-file\" failed: :body_too_large"
 124
 125       assert {:ok, true} == Cachex.get(:failed_proxy_url_cache, "/huge-file")
 126
 127       assert capture_log(fn ->
 128                ReverseProxy.call(conn, "/huge-file", max_body_length: 4)
 129              end) == ""
 130     end
 131
 132     test "max_body_length returns error if streaming body more than that option", %{conn: conn} do
 133       stream_mock(3, true)
 134
 135       assert capture_log(fn ->
 136                ReverseProxy.call(conn, "/stream-bytes/50", max_body_length: 30)
 137              end) =~
 138                "[warn] Elixir.Pleroma.ReverseProxy request to /stream-bytes/50 failed while reading/chunking: :body_too_large"
 139     end
 140   end
 141
 142   describe "HEAD requests" do
 143     test "common", %{conn: conn} do
 144       ClientMock
 145       |> expect(:request, fn :head, "/head", _, _, _ ->
 146         {:ok, 200, [{"content-type", "text/html; charset=utf-8"}]}
 147       end)
 148
 149       conn = ReverseProxy.call(Map.put(conn, :method, "HEAD"), "/head")
 150       assert html_response(conn, 200) == ""
 151     end
 152   end
 153
 154   defp error_mock(status) when is_integer(status) do
 155     ClientMock
 156     |> expect(:request, fn :get, "/status/" <> _, _, _, _ ->
 157       {:error, status}
 158     end)
 159   end
 160
 161   describe "returns error on" do
 162     test "500", %{conn: conn} do
 163       error_mock(500)
 164       url = "/status/500"
 165
 166       capture_log(fn -> ReverseProxy.call(conn, url) end) =~
 167         "[error] Elixir.Pleroma.ReverseProxy: request to /status/500 failed with HTTP status 500"
 168
 169       assert Cachex.get(:failed_proxy_url_cache, url) == {:ok, true}
 170
 171       {:ok, ttl} = Cachex.ttl(:failed_proxy_url_cache, url)
 172       assert ttl <= 60_000
 173     end
 174
 175     test "400", %{conn: conn} do
 176       error_mock(400)
 177       url = "/status/400"
 178
 179       capture_log(fn -> ReverseProxy.call(conn, url) end) =~
 180         "[error] Elixir.Pleroma.ReverseProxy: request to /status/400 failed with HTTP status 400"
 181
 182       assert Cachex.get(:failed_proxy_url_cache, url) == {:ok, true}
 183       assert Cachex.ttl(:failed_proxy_url_cache, url) == {:ok, nil}
 184     end
 185
 186     test "403", %{conn: conn} do
 187       error_mock(403)
 188       url = "/status/403"
 189
 190       capture_log(fn ->
 191         ReverseProxy.call(conn, url, failed_request_ttl: :timer.seconds(120))
 192       end) =~
 193         "[error] Elixir.Pleroma.ReverseProxy: request to /status/403 failed with HTTP status 403"
 194
 195       {:ok, ttl} = Cachex.ttl(:failed_proxy_url_cache, url)
 196       assert ttl > 100_000
 197     end
 198
 199     test "204", %{conn: conn} do
 200       url = "/status/204"
 201       expect(ClientMock, :request, fn :get, _url, _, _, _ -> {:ok, 204, [], %{}} end)
 202
 203       capture_log(fn ->
 204         conn = ReverseProxy.call(conn, url)
 205         assert conn.resp_body == "Request failed: No Content"
 206         assert conn.halted
 207       end) =~
 208         "[error] Elixir.Pleroma.ReverseProxy: request to \"/status/204\" failed with HTTP status 204"
 209
 210       assert Cachex.get(:failed_proxy_url_cache, url) == {:ok, true}
 211       assert Cachex.ttl(:failed_proxy_url_cache, url) == {:ok, nil}
 212     end
 213   end
 214
 215   test "streaming", %{conn: conn} do
 216     stream_mock(21)
 217     conn = ReverseProxy.call(conn, "/stream-bytes/200")
 218     assert conn.state == :chunked
 219     assert byte_size(conn.resp_body) == 200
 220     assert Conn.get_resp_header(conn, "content-type") == ["application/octet-stream"]
 221   end
 222
 223   defp headers_mock(_) do
 224     ClientMock
 225     |> expect(:request, fn :get, "/headers", headers, _, _ ->
 226       Registry.register(ClientMock, "/headers", 0)
 227       {:ok, 200, [{"content-type", "application/json"}], %{url: "/headers", headers: headers}}
 228     end)
 229     |> expect(:stream_body, 2, fn %{url: url, headers: headers} = client ->
 230       case Registry.lookup(ClientMock, url) do
 231         [{_, 0}] ->
 232           Registry.update_value(ClientMock, url, &(&1 + 1))
 233           headers = for {k, v} <- headers, into: %{}, do: {String.capitalize(k), v}
 234           {:ok, Jason.encode!(%{headers: headers}), client}
 235
 236         [{_, 1}] ->
 237           Registry.unregister(ClientMock, url)
 238           :done
 239       end
 240     end)
 241
 242     :ok
 243   end
 244
 245   describe "keep request headers" do
 246     setup [:headers_mock]
 247
 248     test "header passes", %{conn: conn} do
 249       conn =
 250         Conn.put_req_header(
 251           conn,
 252           "accept",
 253           "text/html"
 254         )
 255         |> ReverseProxy.call("/headers")
 256
 257       %{"headers" => headers} = json_response(conn, 200)
 258       assert headers["Accept"] == "text/html"
 259     end
 260
 261     test "header is filtered", %{conn: conn} do
 262       conn =
 263         Conn.put_req_header(
 264           conn,
 265           "accept-language",
 266           "en-US"
 267         )
 268         |> ReverseProxy.call("/headers")
 269
 270       %{"headers" => headers} = json_response(conn, 200)
 271       refute headers["Accept-Language"]
 272     end
 273   end
 274
 275   test "returns 400 on non GET, HEAD requests", %{conn: conn} do
 276     conn = ReverseProxy.call(Map.put(conn, :method, "POST"), "/ip")
 277     assert conn.status == 400
 278   end
 279
 280   describe "cache resp headers" do
 281     test "add cache-control", %{conn: conn} do
 282       ClientMock
 283       |> expect(:request, fn :get, "/cache", _, _, _ ->
 284         {:ok, 200, [{"ETag", "some ETag"}], %{}}
 285       end)
 286       |> expect(:stream_body, fn _ -> :done end)
 287
 288       conn = ReverseProxy.call(conn, "/cache")
 289       assert {"cache-control", "public, max-age=1209600"} in conn.resp_headers
 290     end
 291   end
 292
 293   defp disposition_headers_mock(headers) do
 294     ClientMock
 295     |> expect(:request, fn :get, "/disposition", _, _, _ ->
 296       Registry.register(ClientMock, "/disposition", 0)
 297
 298       {:ok, 200, headers, %{url: "/disposition"}}
 299     end)
 300     |> expect(:stream_body, 2, fn %{url: "/disposition"} = client ->
 301       case Registry.lookup(ClientMock, "/disposition") do
 302         [{_, 0}] ->
 303           Registry.update_value(ClientMock, "/disposition", &(&1 + 1))
 304           {:ok, "", client}
 305
 306         [{_, 1}] ->
 307           Registry.unregister(ClientMock, "/disposition")
 308           :done
 309       end
 310     end)
 311   end
 312
 313   describe "response content disposition header" do
 314     test "not atachment", %{conn: conn} do
 315       disposition_headers_mock([
 316         {"content-type", "image/gif"},
 317         {"content-length", "0"}
 318       ])
 319
 320       conn = ReverseProxy.call(conn, "/disposition")
 321
 322       assert {"content-type", "image/gif"} in conn.resp_headers
 323     end
 324
 325     test "with content-disposition header", %{conn: conn} do
 326       disposition_headers_mock([
 327         {"content-disposition", "attachment; filename=\"filename.jpg\""},
 328         {"content-length", "0"}
 329       ])
 330
 331       conn = ReverseProxy.call(conn, "/disposition")
 332
 333       assert {"content-disposition", "attachment; filename=\"filename.jpg\""} in conn.resp_headers
 334     end
 335   end
 336 end