aiden
/
memos
mirror of https://github.com/usememos/memos
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
release-please--branches--main--components--memos
main
v0.0.1
v0.1.0
v0.1.1
v0.1.2
v0.1.3
v0.10.0
v0.10.1
v0.10.2
v0.10.3
v0.11.0
v0.11.1
v0.11.2
v0.12.0
v0.12.1
v0.12.2
v0.13.0
v0.13.1
v0.13.2
v0.14.0
v0.14.1
v0.14.2
v0.14.3
v0.14.4
v0.15.0
v0.15.1
v0.15.2
v0.16.0
v0.16.1
v0.17.0
v0.17.1
v0.18.0
v0.18.1
v0.18.2
v0.19.0
v0.19.1
v0.2.0
v0.2.1
v0.2.2
v0.20.0
v0.20.1
v0.21.0
v0.22.0
v0.22.1
v0.22.2
v0.22.3
v0.22.4
v0.22.5
v0.23.0
v0.23.0-rc.0
v0.23.0-rc.1
v0.23.0-rc.2
v0.23.0-rc.3
v0.23.1
v0.24.0
v0.24.1
v0.24.2
v0.24.3
v0.24.4
v0.25.0
v0.25.1
v0.25.2
v0.25.3
v0.26.0
v0.26.1
v0.26.2
v0.27.0
v0.27.0-rc.1
v0.27.0-rc.2
v0.27.1
v0.28.0
v0.29.0
v0.3.0
v0.3.1
v0.4.0
v0.4.1
v0.4.2
v0.4.3
v0.4.4
v0.4.5
v0.5.0
v0.6.0
v0.6.1
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.9.0
v0.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0fb83a745d'
${ noResults }
memos/server/router/api/v1/connect_interceptors_test.go

66 lines
2.1 KiB
Go
Raw Blame History

package v1
import (
"context"
"net/http"
"net/http/httptest"
"testing"
"connectrpc.com/connect"
"github.com/labstack/echo/v5"
"google.golang.org/grpc/metadata"
"google.golang.org/protobuf/types/known/emptypb"
"github.com/usememos/memos/internal/profile"
)
func TestMetadataInterceptorForwardsSecurityHeaders(t *testing.T) {
interceptor := NewMetadataInterceptor()
req := connect.NewRequest(&emptypb.Empty{})
req.Header().Set("Origin", "https://memos.example")
req.Header().Set("X-Forwarded-Proto", "https")
req.Header().Set("Forwarded", "for=203.0.113.1;proto=https")
handler := interceptor.WrapUnary(func(ctx context.Context, _ connect.AnyRequest) (connect.AnyResponse, error) {
md, ok := metadata.FromIncomingContext(ctx)
if !ok {
t.Fatal("expected metadata in context")
}
if got := md.Get("origin"); len(got) != 1 || got[0] != "https://memos.example" {
t.Fatalf("unexpected origin metadata: %v", got)
}
if got := md.Get("x-forwarded-proto"); len(got) != 1 || got[0] != "https" {
t.Fatalf("unexpected x-forwarded-proto metadata: %v", got)
}
if got := md.Get("forwarded"); len(got) != 1 || got[0] != "for=203.0.113.1;proto=https" {
t.Fatalf("unexpected forwarded metadata: %v", got)
}
return connect.NewResponse(&emptypb.Empty{}), nil
})
if _, err := handler(context.Background(), req); err != nil {
t.Fatalf("metadata interceptor returned error: %v", err)
}
}
func TestAllowedConnectOrigin(t *testing.T) {
service := &APIV1Service{
Profile: &profile.Profile{InstanceURL: "https://memos.example"},
}
e := echo.New()
req := httptest.NewRequest(http.MethodOptions, "http://localhost/memos.api.v1.AuthService/SignIn", nil)
req.Host = "localhost"
rec := httptest.NewRecorder()
ctx := e.NewContext(req, rec)
if !service.isAllowedConnectOrigin(ctx, "http://localhost") {
t.Fatal("expected same host origin to be allowed")
}
if !service.isAllowedConnectOrigin(ctx, "https://memos.example") {
t.Fatal("expected instance URL origin to be allowed")
}
if service.isAllowedConnectOrigin(ctx, "https://evil.example") {
t.Fatal("expected unknown origin to be denied")
}
}
Reference in New Issue View Git Blame Copy Permalink