2019-03-14 19:02:48 +00:00
|
|
|
# Pleroma: A lightweight social networking server
|
2023-01-02 20:38:50 +00:00
|
|
|
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
|
2019-03-14 19:02:48 +00:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2020-06-23 15:16:47 +00:00
|
|
|
defmodule Pleroma.Web.Plugs.UploadedMediaPlugTest do
|
2020-12-21 11:21:40 +00:00
|
|
|
use Pleroma.Web.ConnCase, async: true
|
2019-03-14 19:02:48 +00:00
|
|
|
alias Pleroma.Upload
|
|
|
|
|
2019-03-14 19:26:54 +00:00
|
|
|
defp upload_file(context) do
|
|
|
|
Pleroma.DataCase.ensure_local_uploader(context)
|
2019-03-14 19:02:48 +00:00
|
|
|
File.cp!("test/fixtures/image.jpg", "test/fixtures/image_tmp.jpg")
|
|
|
|
|
|
|
|
file = %Plug.Upload{
|
2020-10-13 15:37:24 +00:00
|
|
|
content_type: "image/jpeg",
|
2019-03-14 19:02:48 +00:00
|
|
|
path: Path.absname("test/fixtures/image_tmp.jpg"),
|
|
|
|
filename: "nice_tf.jpg"
|
|
|
|
}
|
|
|
|
|
|
|
|
{:ok, data} = Upload.store(file)
|
|
|
|
[%{"href" => attachment_url} | _] = data["url"]
|
|
|
|
[attachment_url: attachment_url]
|
|
|
|
end
|
|
|
|
|
2019-03-14 19:26:54 +00:00
|
|
|
setup_all :upload_file
|
|
|
|
|
2019-03-14 19:02:48 +00:00
|
|
|
test "does not send Content-Disposition header when name param is not set", %{
|
|
|
|
attachment_url: attachment_url
|
|
|
|
} do
|
|
|
|
conn = get(build_conn(), attachment_url)
|
|
|
|
refute Enum.any?(conn.resp_headers, &(elem(&1, 0) == "content-disposition"))
|
|
|
|
end
|
|
|
|
|
|
|
|
test "sends Content-Disposition header when name param is set", %{
|
|
|
|
attachment_url: attachment_url
|
|
|
|
} do
|
2023-04-17 22:07:39 +00:00
|
|
|
conn = get(build_conn(), attachment_url <> ~s[?name="cofe".gif])
|
2019-03-14 19:02:48 +00:00
|
|
|
|
|
|
|
assert Enum.any?(
|
|
|
|
conn.resp_headers,
|
2023-04-17 22:07:39 +00:00
|
|
|
&(&1 == {"content-disposition", ~s[inline; filename="\\"cofe\\".gif"]})
|
2019-03-14 19:02:48 +00:00
|
|
|
)
|
|
|
|
end
|
2023-05-29 18:16:03 +00:00
|
|
|
|
|
|
|
test "denies access to media if wrong Host", %{
|
|
|
|
attachment_url: attachment_url
|
|
|
|
} do
|
|
|
|
conn = get(build_conn(), attachment_url)
|
|
|
|
|
|
|
|
assert conn.status == 200
|
|
|
|
|
2023-05-30 20:56:09 +00:00
|
|
|
new_media_base = "http://media.localhost:8080"
|
|
|
|
|
|
|
|
%{scheme: new_media_scheme, host: new_media_host, port: new_media_port} =
|
|
|
|
URI.parse(new_media_base)
|
|
|
|
|
|
|
|
clear_config([Pleroma.Upload, :base_url], new_media_base)
|
2023-05-29 18:16:03 +00:00
|
|
|
|
|
|
|
conn = get(build_conn(), attachment_url)
|
|
|
|
|
2023-05-30 20:56:09 +00:00
|
|
|
expected_url =
|
|
|
|
URI.parse(attachment_url)
|
|
|
|
|> Map.put(:host, new_media_host)
|
|
|
|
|> Map.put(:port, new_media_port)
|
|
|
|
|> Map.put(:scheme, new_media_scheme)
|
|
|
|
|> URI.to_string()
|
|
|
|
|
|
|
|
assert conn.status == 302
|
|
|
|
|
|
|
|
assert Enum.any?(
|
|
|
|
conn.resp_headers,
|
|
|
|
&(&1 == {"location", expected_url})
|
|
|
|
)
|
2023-05-29 18:16:03 +00:00
|
|
|
end
|
2019-03-14 19:02:48 +00:00
|
|
|
end
|