mirror of
https://github.com/lensapp/lens.git
synced 2025-05-20 05:10:56 +00:00
4856fdda2f
* fix path traversal bug in router Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com> * add tests Signed-off-by: Jari Kolehmainen <jari.kolehmainen@gmail.com>
41 lines
864 B
TypeScript
41 lines
864 B
TypeScript
import { Router } from "../router";
|
|
|
|
const staticRoot = __dirname;
|
|
|
|
class TestRouter extends Router {
|
|
protected resolveStaticRootPath() {
|
|
return staticRoot;
|
|
}
|
|
}
|
|
|
|
describe("Router", () => {
|
|
it("blocks path traversal attacks", async () => {
|
|
const router = new TestRouter();
|
|
const res = {
|
|
statusCode: 200,
|
|
end: jest.fn()
|
|
};
|
|
|
|
await router.handleStaticFile("../index.ts", res as any, {} as any, 0);
|
|
|
|
expect(res.statusCode).toEqual(404);
|
|
});
|
|
|
|
it("serves files under static root", async () => {
|
|
const router = new TestRouter();
|
|
const res = {
|
|
statusCode: 200,
|
|
write: jest.fn(),
|
|
setHeader: jest.fn(),
|
|
end: jest.fn()
|
|
};
|
|
const req = {
|
|
url: ""
|
|
};
|
|
|
|
await router.handleStaticFile("router.test.ts", res as any, req as any, 0);
|
|
|
|
expect(res.statusCode).toEqual(200);
|
|
});
|
|
});
|