253 lines
7.9 KiB
Ruby
253 lines
7.9 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'spec_helper'
|
|
|
|
RSpec.describe Gitlab::HTTPConnectionAdapter do
|
|
include StubRequests
|
|
|
|
let(:uri) { URI('https://example.org') }
|
|
let(:options) { {} }
|
|
|
|
subject(:connection) { described_class.new(uri, options).connection }
|
|
|
|
describe '#connection' do
|
|
before do
|
|
stub_all_dns('https://example.org', ip_address: '93.184.216.34')
|
|
end
|
|
|
|
context 'when local requests are allowed' do
|
|
let(:options) { { allow_local_requests: true } }
|
|
|
|
it 'sets up the connection' do
|
|
expect(connection).to be_a(Net::HTTP)
|
|
expect(connection.address).to eq('93.184.216.34')
|
|
expect(connection.hostname_override).to eq('example.org')
|
|
expect(connection.addr_port).to eq('example.org')
|
|
expect(connection.port).to eq(443)
|
|
end
|
|
end
|
|
|
|
context 'when local requests are not allowed' do
|
|
let(:options) { { allow_local_requests: false } }
|
|
|
|
it 'sets up the connection' do
|
|
expect(connection).to be_a(Net::HTTP)
|
|
expect(connection.address).to eq('93.184.216.34')
|
|
expect(connection.hostname_override).to eq('example.org')
|
|
expect(connection.addr_port).to eq('example.org')
|
|
expect(connection.port).to eq(443)
|
|
end
|
|
|
|
context 'when it is a request to local network' do
|
|
let(:uri) { URI('http://172.16.0.0/12') }
|
|
|
|
it 'raises error' do
|
|
expect { subject }.to raise_error(
|
|
Gitlab::HTTP::BlockedUrlError,
|
|
"URL 'http://172.16.0.0/12' is blocked: Requests to the local network are not allowed"
|
|
)
|
|
end
|
|
|
|
context 'when local request allowed' do
|
|
let(:options) { { allow_local_requests: true } }
|
|
|
|
it 'sets up the connection' do
|
|
expect(connection).to be_a(Net::HTTP)
|
|
expect(connection.address).to eq('172.16.0.0')
|
|
expect(connection.hostname_override).to be(nil)
|
|
expect(connection.addr_port).to eq('172.16.0.0')
|
|
expect(connection.port).to eq(80)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when it is a request to local address' do
|
|
let(:uri) { URI('http://127.0.0.1') }
|
|
|
|
it 'raises error' do
|
|
expect { subject }.to raise_error(
|
|
Gitlab::HTTP::BlockedUrlError,
|
|
"URL 'http://127.0.0.1' is blocked: Requests to localhost are not allowed"
|
|
)
|
|
end
|
|
|
|
context 'when local request allowed' do
|
|
let(:options) { { allow_local_requests: true } }
|
|
|
|
it 'sets up the connection' do
|
|
expect(connection).to be_a(Net::HTTP)
|
|
expect(connection.address).to eq('127.0.0.1')
|
|
expect(connection.hostname_override).to be(nil)
|
|
expect(connection.addr_port).to eq('127.0.0.1')
|
|
expect(connection.port).to eq(80)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when port different from URL scheme is used' do
|
|
let(:uri) { URI('https://example.org:8080') }
|
|
|
|
it 'sets up the addr_port accordingly' do
|
|
expect(connection).to be_a(Net::HTTP)
|
|
expect(connection.address).to eq('93.184.216.34')
|
|
expect(connection.hostname_override).to eq('example.org')
|
|
expect(connection.addr_port).to eq('example.org:8080')
|
|
expect(connection.port).to eq(8080)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when DNS rebinding protection is disabled' do
|
|
before do
|
|
stub_application_setting(dns_rebinding_protection_enabled: false)
|
|
end
|
|
|
|
it 'sets up the connection' do
|
|
expect(connection).to be_a(Net::HTTP)
|
|
expect(connection.address).to eq('example.org')
|
|
expect(connection.hostname_override).to eq(nil)
|
|
expect(connection.addr_port).to eq('example.org')
|
|
expect(connection.port).to eq(443)
|
|
end
|
|
end
|
|
|
|
context 'when http(s) environment variable is set' do
|
|
before do
|
|
stub_env('https_proxy' => 'https://my.proxy')
|
|
end
|
|
|
|
it 'sets up the connection' do
|
|
expect(connection).to be_a(Net::HTTP)
|
|
expect(connection.address).to eq('example.org')
|
|
expect(connection.hostname_override).to eq(nil)
|
|
expect(connection.addr_port).to eq('example.org')
|
|
expect(connection.port).to eq(443)
|
|
end
|
|
end
|
|
|
|
context 'when proxy settings are configured' do
|
|
let(:options) do
|
|
{
|
|
http_proxyaddr: 'https://proxy.org',
|
|
http_proxyport: 1557,
|
|
http_proxyuser: 'user',
|
|
http_proxypass: 'pass'
|
|
}
|
|
end
|
|
|
|
before do
|
|
stub_all_dns('https://proxy.org', ip_address: '166.84.12.54')
|
|
end
|
|
|
|
it 'sets up the proxy settings' do
|
|
expect(connection.proxy_address).to eq('https://166.84.12.54')
|
|
expect(connection.proxy_port).to eq(1557)
|
|
expect(connection.proxy_user).to eq('user')
|
|
expect(connection.proxy_pass).to eq('pass')
|
|
end
|
|
|
|
context 'when the address has path' do
|
|
before do
|
|
options[:http_proxyaddr] = 'https://proxy.org/path'
|
|
end
|
|
|
|
it 'sets up the proxy settings' do
|
|
expect(connection.proxy_address).to eq('https://166.84.12.54/path')
|
|
expect(connection.proxy_port).to eq(1557)
|
|
end
|
|
end
|
|
|
|
context 'when the port is in the address and port' do
|
|
before do
|
|
options[:http_proxyaddr] = 'https://proxy.org:1422'
|
|
end
|
|
|
|
it 'sets up the proxy settings' do
|
|
expect(connection.proxy_address).to eq('https://166.84.12.54')
|
|
expect(connection.proxy_port).to eq(1557)
|
|
end
|
|
|
|
context 'when the port is only in the address' do
|
|
before do
|
|
options[:http_proxyport] = nil
|
|
end
|
|
|
|
it 'sets up the proxy settings' do
|
|
expect(connection.proxy_address).to eq('https://166.84.12.54')
|
|
expect(connection.proxy_port).to eq(1422)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when it is a request to local network' do
|
|
before do
|
|
options[:http_proxyaddr] = 'http://172.16.0.0/12'
|
|
end
|
|
|
|
it 'raises error' do
|
|
expect { subject }.to raise_error(
|
|
Gitlab::HTTP::BlockedUrlError,
|
|
"URL 'http://172.16.0.0:1557/12' is blocked: Requests to the local network are not allowed"
|
|
)
|
|
end
|
|
|
|
context 'when local request allowed' do
|
|
before do
|
|
options[:allow_local_requests] = true
|
|
end
|
|
|
|
it 'sets up the connection' do
|
|
expect(connection.proxy_address).to eq('http://172.16.0.0/12')
|
|
expect(connection.proxy_port).to eq(1557)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when it is a request to local address' do
|
|
before do
|
|
options[:http_proxyaddr] = 'http://127.0.0.1'
|
|
end
|
|
|
|
it 'raises error' do
|
|
expect { subject }.to raise_error(
|
|
Gitlab::HTTP::BlockedUrlError,
|
|
"URL 'http://127.0.0.1:1557' is blocked: Requests to localhost are not allowed"
|
|
)
|
|
end
|
|
|
|
context 'when local request allowed' do
|
|
before do
|
|
options[:allow_local_requests] = true
|
|
end
|
|
|
|
it 'sets up the connection' do
|
|
expect(connection.proxy_address).to eq('http://127.0.0.1')
|
|
expect(connection.proxy_port).to eq(1557)
|
|
end
|
|
end
|
|
end
|
|
|
|
context 'when http(s) environment variable is set' do
|
|
before do
|
|
stub_env('https_proxy' => 'https://my.proxy')
|
|
end
|
|
|
|
it 'sets up the connection' do
|
|
expect(connection.proxy_address).to eq('https://proxy.org')
|
|
expect(connection.proxy_port).to eq(1557)
|
|
end
|
|
end
|
|
|
|
context 'when DNS rebinding protection is disabled' do
|
|
before do
|
|
stub_application_setting(dns_rebinding_protection_enabled: false)
|
|
end
|
|
|
|
it 'sets up the connection' do
|
|
expect(connection.proxy_address).to eq('https://proxy.org')
|
|
expect(connection.proxy_port).to eq(1557)
|
|
end
|
|
end
|
|
end
|
|
end
|
|
end
|