forked from nodejs/undici
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(fetch#Request): Implements
determineRequestReferrer
(nodejs#1236)
* feat: poc of determineRequestReferrer * refactor: apply shortcut * feat(partial): apply switch referrer statement * refactor: add in-code documentation * feat: add check for window * docs: add comments * feat: add check for trustworthy/non-trustworthy urls * docs: add documentation about pottentially trustworthy * feat: expose pottentially trustworthy * test: URL potentially trustworthy * fix: check for possibly undefined * test: initial round * feat: smaller improvements * docs: update in-code docs * lint: ignore line * tests: add more test scenarios * refactor: small improvements * refactor: apply review * tests: adjust testing * refactor: apply PR review * refactor: smaller adjustements
- Loading branch information
1 parent
38d91d0
commit 2022187
Showing
2 changed files
with
266 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -113,3 +113,99 @@ test('sameOrigin', (t) => { | |
|
||
t.end() | ||
}) | ||
|
||
test('isURLPotentiallyTrustworthy', (t) => { | ||
const valid = ['http://127.0.0.1', 'http://localhost.localhost', | ||
'http://[::1]', 'http://adb.localhost', 'https://something.com', 'wss://hello.com', | ||
'file:///link/to/file.txt', 'data:text/plain;base64,randomstring', 'about:blank', 'about:srcdoc'] | ||
const invalid = ['http://121.3.4.5:55', 'null:8080', 'something:8080'] | ||
|
||
t.plan(valid.length + invalid.length + 1) | ||
t.notOk(util.isURLPotentiallyTrustworthy('string')) | ||
|
||
for (const url of valid) { | ||
const instance = new URL(url) | ||
t.ok(util.isURLPotentiallyTrustworthy(instance)) | ||
} | ||
|
||
for (const url of invalid) { | ||
const instance = new URL(url) | ||
t.notOk(util.isURLPotentiallyTrustworthy(instance)) | ||
} | ||
}) | ||
|
||
test('determineRequestsReferrer', (t) => { | ||
t.plan(7) | ||
|
||
t.test('Should handle empty referrerPolicy', (tt) => { | ||
tt.plan(2) | ||
tt.equal(util.determineRequestsReferrer({}), 'no-referrer') | ||
tt.equal(util.determineRequestsReferrer({ referrerPolicy: '' }), 'no-referrer') | ||
}) | ||
|
||
t.test('Should handle "no-referrer" referrerPolicy', (tt) => { | ||
tt.plan(1) | ||
tt.equal(util.determineRequestsReferrer({ referrerPolicy: 'no-referrer' }), 'no-referrer') | ||
}) | ||
|
||
t.test('Should return "no-referrer" if request referrer is absent', (tt) => { | ||
tt.plan(1) | ||
tt.equal(util.determineRequestsReferrer({ | ||
referrerPolicy: 'origin' | ||
}), 'no-referrer') | ||
}) | ||
|
||
t.test('Should return "no-referrer" if scheme is local scheme', (tt) => { | ||
tt.plan(3) | ||
const referrerSources = [ | ||
new URL('data:something'), | ||
new URL('about:blank'), | ||
new URL('blob:https://video_url')] | ||
|
||
for (const source of referrerSources) { | ||
tt.equal(util.determineRequestsReferrer({ | ||
referrerPolicy: 'origin', | ||
referrer: source | ||
}), 'no-referrer') | ||
} | ||
}) | ||
|
||
t.test('Should return "no-referrer" if the request referrer is neither client nor instance of URL', (tt) => { | ||
tt.plan(4) | ||
const requests = [ | ||
{ referrerPolicy: 'origin', referrer: 'string' }, | ||
{ referrerPolicy: 'origin', referrer: null }, | ||
{ referrerPolicy: 'origin', referrer: undefined }, | ||
{ referrerPolicy: 'origin', referrer: '' } | ||
] | ||
|
||
for (const request of requests) { | ||
tt.equal(util.determineRequestsReferrer(request), 'no-referrer') | ||
} | ||
}) | ||
|
||
t.test('Should return referrer origin on referrerPolicy origin', (tt) => { | ||
tt.plan(1) | ||
const expectedRequest = { | ||
referrerPolicy: 'origin', | ||
referrer: new URL('http://example:[email protected]') | ||
} | ||
|
||
tt.equal(util.determineRequestsReferrer(expectedRequest), expectedRequest.referrer.origin) | ||
}) | ||
|
||
t.test('Should return referrer url on referrerPolicy unsafe-url', (tt) => { | ||
tt.plan(1) | ||
const expectedRequest = { | ||
referrerPolicy: 'unsafe-url', | ||
referrer: new URL('http://example:[email protected]/hello/world') | ||
} | ||
|
||
const expectedReffererUrl = new URL(expectedRequest.referrer.href) | ||
|
||
expectedReffererUrl.username = '' | ||
expectedReffererUrl.password = '' | ||
|
||
tt.equal(util.determineRequestsReferrer(expectedRequest), expectedReffererUrl.href) | ||
}) | ||
}) |