endery/voxblog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
669fff9843
voxblog/apps/api/test/req.hostname.js

189 lines
4.3 KiB
JavaScript
Raw Blame History

'use strict'
var express = require('../')
, request = require('supertest')
describe('req', function(){
describe('.hostname', function(){
it('should return the Host when present', function(done){
var app = express();
app.use(function(req, res){
res.end(req.hostname);
});
request(app)
.post('/')
.set('Host', 'example.com')
.expect('example.com', done);
})
it('should strip port number', function(done){
var app = express();
app.use(function(req, res){
res.end(req.hostname);
});
request(app)
.post('/')
.set('Host', 'example.com:3000')
.expect('example.com', done);
})
it('should return undefined otherwise', function(done){
var app = express();
app.use(function(req, res){
req.headers.host = null;
res.end(String(req.hostname));
});
request(app)
.post('/')
.expect('undefined', done);
})
it('should work with IPv6 Host', function(done){
var app = express();
app.use(function(req, res){
res.end(req.hostname);
});
request(app)
.post('/')
.set('Host', '[::1]')
.expect('[::1]', done);
})
it('should work with IPv6 Host and port', function(done){
var app = express();
app.use(function(req, res){
res.end(req.hostname);
});
request(app)
.post('/')
.set('Host', '[::1]:3000')
.expect('[::1]', done);
})
describe('when "trust proxy" is enabled', function(){
it('should respect X-Forwarded-Host', function(done){
var app = express();
app.enable('trust proxy');
app.use(function(req, res){
res.end(req.hostname);
});
request(app)
.get('/')
.set('Host', 'localhost')
.set('X-Forwarded-Host', 'example.com:3000')
.expect('example.com', done);
})
it('should ignore X-Forwarded-Host if socket addr not trusted', function(done){
var app = express();
app.set('trust proxy', '10.0.0.1');
app.use(function(req, res){
res.end(req.hostname);
});
request(app)
.get('/')
.set('Host', 'localhost')
.set('X-Forwarded-Host', 'example.com')
.expect('localhost', done);
})
it('should default to Host', function(done){
var app = express();
app.enable('trust proxy');
app.use(function(req, res){
res.end(req.hostname);
});
request(app)
.get('/')
.set('Host', 'example.com')
.expect('example.com', done);
})
describe('when multiple X-Forwarded-Host', function () {
it('should use the first value', function (done) {
var app = express()
app.enable('trust proxy')
app.use(function (req, res) {
res.send(req.hostname)
})
request(app)
.get('/')
.set('Host', 'localhost')
.set('X-Forwarded-Host', 'example.com, foobar.com')
.expect(200, 'example.com', done)
})
it('should remove OWS around comma', function (done) {
var app = express()
app.enable('trust proxy')
app.use(function (req, res) {
res.send(req.hostname)
})
request(app)
.get('/')
.set('Host', 'localhost')
.set('X-Forwarded-Host', 'example.com , foobar.com')
.expect(200, 'example.com', done)
})
it('should strip port number', function (done) {
var app = express()
app.enable('trust proxy')
app.use(function (req, res) {
res.send(req.hostname)
})
request(app)
.get('/')
.set('Host', 'localhost')
.set('X-Forwarded-Host', 'example.com:8080 , foobar.com:8888')
.expect(200, 'example.com', done)
})
})
})
describe('when "trust proxy" is disabled', function(){
it('should ignore X-Forwarded-Host', function(done){
var app = express();
app.use(function(req, res){
res.end(req.hostname);
});
request(app)
.get('/')
.set('Host', 'localhost')
.set('X-Forwarded-Host', 'evil')
.expect('localhost', done);
})
})
})
})
Reference in New Issue View Git Blame Copy Permalink