# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do
use Pleroma.Web.ConnCase
+
import Mock
- alias Pleroma.Config
+
+ alias Pleroma.Web.MediaProxy
+ alias Pleroma.Web.MediaProxy.MediaProxyController
+ alias Plug.Conn
setup do
- media_proxy_config = Config.get([:media_proxy]) || []
- on_exit(fn -> Config.put([:media_proxy], media_proxy_config) end)
- :ok
+ on_exit(fn -> Cachex.clear(:banned_urls_cache) end)
end
test "it returns 404 when MediaProxy disabled", %{conn: conn} do
- Config.put([:media_proxy, :enabled], false)
+ clear_config([:media_proxy, :enabled], false)
- assert %Plug.Conn{
+ assert %Conn{
status: 404,
resp_body: "Not Found"
} = get(conn, "/proxy/hhgfh/eeeee")
- assert %Plug.Conn{
+ assert %Conn{
status: 404,
resp_body: "Not Found"
} = get(conn, "/proxy/hhgfh/eeee/fff")
end
- test "it returns 403 when signature invalidated", %{conn: conn} do
- Config.put([:media_proxy, :enabled], true)
- Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
- path = URI.parse(Pleroma.Web.MediaProxy.encode_url("https://google.fn")).path
- Config.put([Pleroma.Web.Endpoint, :secret_key_base], "000")
-
- assert %Plug.Conn{
- status: 403,
- resp_body: "Forbidden"
- } = get(conn, path)
-
- assert %Plug.Conn{
- status: 403,
- resp_body: "Forbidden"
- } = get(conn, "/proxy/hhgfh/eeee")
-
- assert %Plug.Conn{
- status: 403,
- resp_body: "Forbidden"
- } = get(conn, "/proxy/hhgfh/eeee/fff")
- end
+ describe "" do
+ setup do
+ clear_config([:media_proxy, :enabled], true)
+ clear_config([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
+ [url: MediaProxy.encode_url("https://google.fn/test.png")]
+ end
+
+ test "it returns 403 for invalid signature", %{conn: conn, url: url} do
+ Pleroma.Config.put([Pleroma.Web.Endpoint, :secret_key_base], "000")
+ %{path: path} = URI.parse(url)
- test "redirects on valid url when filename invalidated", %{conn: conn} do
- Config.put([:media_proxy, :enabled], true)
- Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
- url = Pleroma.Web.MediaProxy.encode_url("https://google.fn/test.png")
- invalid_url = String.replace(url, "test.png", "test-file.png")
- response = get(conn, invalid_url)
- html = "<html><body>You are being <a href=\"#{url}\">redirected</a>.</body></html>"
- assert response.status == 302
- assert response.resp_body == html
+ assert %Conn{
+ status: 403,
+ resp_body: "Forbidden"
+ } = get(conn, path)
+
+ assert %Conn{
+ status: 403,
+ resp_body: "Forbidden"
+ } = get(conn, "/proxy/hhgfh/eeee")
+
+ assert %Conn{
+ status: 403,
+ resp_body: "Forbidden"
+ } = get(conn, "/proxy/hhgfh/eeee/fff")
+ end
+
+ test "redirects on valid url when filename is invalidated", %{conn: conn, url: url} do
+ invalid_url = String.replace(url, "test.png", "test-file.png")
+ response = get(conn, invalid_url)
+ assert response.status == 302
+ assert redirected_to(response) == url
+ end
+
+ test "it performs ReverseProxy.call with valid signature", %{conn: conn, url: url} do
+ with_mock Pleroma.ReverseProxy,
+ call: fn _conn, _url, _opts -> %Conn{status: :success} end do
+ assert %Conn{status: :success} = get(conn, url)
+ end
+ end
+
+ test "it returns 404 when url is in banned_urls cache", %{conn: conn, url: url} do
+ MediaProxy.put_in_banned_urls("https://google.fn/test.png")
+
+ with_mock Pleroma.ReverseProxy,
+ call: fn _conn, _url, _opts -> %Conn{status: :success} end do
+ assert %Conn{status: 404, resp_body: "Not Found"} = get(conn, url)
+ end
+ end
end
- test "it performs ReverseProxy.call when signature valid", %{conn: conn} do
- Config.put([:media_proxy, :enabled], true)
- Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
- url = Pleroma.Web.MediaProxy.encode_url("https://google.fn/test.png")
+ describe "filename_matches/3" do
+ test "preserves the encoded or decoded path" do
+ assert MediaProxyController.filename_matches(
+ %{"filename" => "/Hello world.jpg"},
+ "/Hello world.jpg",
+ "http://pleroma.social/Hello world.jpg"
+ ) == :ok
+
+ assert MediaProxyController.filename_matches(
+ %{"filename" => "/Hello%20world.jpg"},
+ "/Hello%20world.jpg",
+ "http://pleroma.social/Hello%20world.jpg"
+ ) == :ok
+
+ assert MediaProxyController.filename_matches(
+ %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"},
+ "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
+ "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
+ ) == :ok
+
+ assert MediaProxyController.filename_matches(
+ %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jp"},
+ "/my%2Flong%2Furl%2F2019%2F07%2FS.jp",
+ "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
+ ) == {:wrong_filename, "my%2Flong%2Furl%2F2019%2F07%2FS.jpg"}
+ end
+
+ test "encoded url are tried to match for proxy as `conn.request_path` encodes the url" do
+ # conn.request_path will return encoded url
+ request_path = "/ANALYSE-DAI-_-LE-STABLECOIN-100-D%C3%89CENTRALIS%C3%89-BQ.jpg"
- with_mock Pleroma.ReverseProxy,
- call: fn _conn, _url, _opts -> %Plug.Conn{status: :success} end do
- assert %Plug.Conn{status: :success} = get(conn, url)
+ assert MediaProxyController.filename_matches(
+ true,
+ request_path,
+ "https://mydomain.com/uploads/2019/07/ANALYSE-DAI-_-LE-STABLECOIN-100-DÉCENTRALISÉ-BQ.jpg"
+ ) == :ok
end
end
end
projects / akkoma / blobdiff