versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2026-03-13 05:49:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(api): Add safeguard for incorrectly configured proxies

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-05-17 09:38:38 -10:00
parent 7a591a024e
commit c28628ebb3
No known key found for this signature in database
4 changed files with 58 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

25
tests/api.test.ts
View file

@ -35,4 +35,29 @@ describe("API Tests", () => {
expect(data.error).toBeString();
expect(data.error).toContain("https://stackoverflow.com");
});
test("try sending a request with a different origin", async () => {
if (new URL(config.http.base_url).protocol === "http:") {
return;
}
const response = await sendTestRequest(
new Request(
new URL(
"/api/v1/instance",
base_url.replace("https://", "http://"),
),
{
method: "GET",
headers: {
Authorization: `Bearer ${tokens[0].accessToken}`,
},
},
),
);
expect(response.status).toBe(400);
const data = await response.json();
expect(data.error).toContain("does not match base URL");
});
});