server/tests/api.test.ts

import { afterAll, describe, expect, test } from "bun:test";
import { fakeRequest, getTestUsers } from "./utils.ts";

const { tokens, deleteUsers } = await getTestUsers(1);

describe("API Tests", () => {
    afterAll(async () => {
        await deleteUsers();
    });

    test("Try sending FormData without a boundary", async () => {
        const formData = new FormData();
        formData.append("test", "test");

        const response = await fakeRequest("/api/v1/statuses", {
            method: "POST",
            headers: {
                Authorization: `Bearer ${tokens[0].data.accessToken}`,
                "Content-Type": "multipart/form-data",
            },
            body: formData,
        });

        expect(response.status).toBe(400);
        const data = await response.json();

        expect(data.error).toBeString();
        expect(data.error).toContain("https://stackoverflow.com");
    });

    // Now automatically mitigated by the server
    /* test("try sending a request with a different origin", async () => {
        if (new URL(config.http.base_url).protocol === "http:") {
            return;
        }

        const response = await fakeRequest(
            
                    "/api/v1/instance",
                    base_url.replace("https://", "http://"),
                ),
                {
                    method: "GET",
                    headers: {
                        Authorization: `Bearer ${tokens[0].data.accessToken}`,
                    },
                },
            ),
        );

        expect(response.status).toBe(400);
        const data = await response.json();
        expect(data.error).toContain("does not match base URL");
    }); */
});
feat(api): :sparkles: Add user emoji upload capabilities 2024-05-13 04:09:57 +02:00			`import { afterAll, describe, expect, test } from "bun:test";`
refactor: :truck: Explicitely add extensions to all imports 2024-10-04 15:22:48 +02:00			`import { fakeRequest, getTestUsers } from "./utils.ts";`
Add more API endpoints, better tests 2023-09-22 00:42:59 +02:00
Remove Prisma once and for all 2024-04-14 02:46:33 +02:00			`const { tokens, deleteUsers } = await getTestUsers(1);`
Add more API endpoints, better tests 2023-09-22 00:42:59 +02:00
Add more cases for media backend 2023-10-18 02:57:47 +02:00			`describe("API Tests", () => {`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`afterAll(async () => {`
Remove Prisma once and for all 2024-04-14 02:46:33 +02:00			`await deleteUsers();`
Replace eslint and prettier with Biome 2024-04-07 07:30:49 +02:00			`});`

feat(api): :sparkles: Add safeguard when using formdata without a boundary 2024-05-13 01:21:06 +02:00			`test("Try sending FormData without a boundary", async () => {`
			`const formData = new FormData();`
			`formData.append("test", "test");`

refactor: :recycle: Refactor tests to use a simpler syntax 2024-08-27 21:25:26 +02:00			`const response = await fakeRequest("/api/v1/statuses", {`
			`method: "POST",`
			`headers: {`
refactor(database): :recycle: Move Token to its own ORM abstraction, optimize familiar_followers route 2024-11-03 17:45:21 +01:00			Authorization: `Bearer ${tokens[0].data.accessToken}`,
refactor: :recycle: Refactor tests to use a simpler syntax 2024-08-27 21:25:26 +02:00			`"Content-Type": "multipart/form-data",`
			`},`
			`body: formData,`
			`});`
feat(api): :sparkles: Add safeguard when using formdata without a boundary 2024-05-13 01:21:06 +02:00
			`expect(response.status).toBe(400);`
			`const data = await response.json();`

			`expect(data.error).toBeString();`
			`expect(data.error).toContain("https://stackoverflow.com");`
			`});`
feat(api): :sparkles: Add safeguard for incorrectly configured proxies 2024-05-17 21:38:38 +02:00
feat(federation): :sparkles: Add bridge tokens, federation request debugging 2024-05-22 02:59:03 +02:00			`// Now automatically mitigated by the server`
			`/* test("try sending a request with a different origin", async () => {`
feat(api): :sparkles: Add safeguard for incorrectly configured proxies 2024-05-17 21:38:38 +02:00			`if (new URL(config.http.base_url).protocol === "http:") {`
			`return;`
			`}`

refactor: :recycle: Refactor tests to use a simpler syntax 2024-08-27 21:25:26 +02:00			`const response = await fakeRequest(`

feat(api): :sparkles: Add safeguard for incorrectly configured proxies 2024-05-17 21:38:38 +02:00			`"/api/v1/instance",`
			`base_url.replace("https://", "http://"),`
			`),`
			`{`
			`method: "GET",`
			`headers: {`
refactor(database): :recycle: Move Token to its own ORM abstraction, optimize familiar_followers route 2024-11-03 17:45:21 +01:00			Authorization: `Bearer ${tokens[0].data.accessToken}`,
feat(api): :sparkles: Add safeguard for incorrectly configured proxies 2024-05-17 21:38:38 +02:00			`},`
			`},`
			`),`
			`);`

			`expect(response.status).toBe(400);`
			`const data = await response.json();`
			`expect(data.error).toContain("does not match base URL");`
feat(federation): :sparkles: Add bridge tokens, federation request debugging 2024-05-22 02:59:03 +02:00			`}); */`
Add more API endpoints, better tests 2023-09-22 00:42:59 +02:00			`});`