2019-07-09 23:13:23 -06:00
|
|
|
# Pleroma: A lightweight social networking server
|
2021-01-12 23:49:20 -07:00
|
|
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
2019-07-09 23:13:23 -06:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2019-07-09 10:54:13 -06:00
|
|
|
defmodule Pleroma.ReverseProxyTest do
|
2020-12-18 11:49:01 -07:00
|
|
|
use Pleroma.Web.ConnCase
|
2019-07-09 10:54:13 -06:00
|
|
|
import ExUnit.CaptureLog
|
|
|
|
import Mox
|
2020-03-07 01:01:37 -07:00
|
|
|
|
2019-07-09 10:54:13 -06:00
|
|
|
alias Pleroma.ReverseProxy
|
|
|
|
alias Pleroma.ReverseProxy.ClientMock
|
2020-03-07 01:01:37 -07:00
|
|
|
alias Plug.Conn
|
2019-07-09 10:54:13 -06:00
|
|
|
|
|
|
|
setup_all do
|
2020-03-07 01:01:37 -07:00
|
|
|
{:ok, _} = Registry.start_link(keys: :unique, name: ClientMock)
|
2019-07-09 10:54:13 -06:00
|
|
|
:ok
|
|
|
|
end
|
|
|
|
|
|
|
|
setup :verify_on_exit!
|
|
|
|
|
2021-02-24 20:37:30 -07:00
|
|
|
defp request_mock(invokes) do
|
2019-07-09 10:54:13 -06:00
|
|
|
ClientMock
|
2021-02-22 13:46:59 -07:00
|
|
|
|> expect(:request, fn :get, url, headers, _body, _opts ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.register(ClientMock, url, 0)
|
2021-02-22 13:46:59 -07:00
|
|
|
body = headers |> Enum.into(%{}) |> Jason.encode!()
|
2019-07-09 10:54:13 -06:00
|
|
|
|
|
|
|
{:ok, 200,
|
|
|
|
[
|
|
|
|
{"content-type", "application/json"},
|
2021-02-22 13:46:59 -07:00
|
|
|
{"content-length", byte_size(body) |> to_string()}
|
|
|
|
], %{url: url, body: body}}
|
2019-07-09 10:54:13 -06:00
|
|
|
end)
|
2021-02-22 13:46:59 -07:00
|
|
|
|> expect(:stream_body, invokes, fn %{url: url, body: body} = client ->
|
2020-03-07 01:01:37 -07:00
|
|
|
case Registry.lookup(ClientMock, url) do
|
2019-07-09 10:54:13 -06:00
|
|
|
[{_, 0}] ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.update_value(ClientMock, url, &(&1 + 1))
|
2021-02-22 13:46:59 -07:00
|
|
|
{:ok, body, client}
|
2019-07-09 10:54:13 -06:00
|
|
|
|
|
|
|
[{_, 1}] ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.unregister(ClientMock, url)
|
2019-07-09 10:54:13 -06:00
|
|
|
:done
|
|
|
|
end
|
|
|
|
end)
|
|
|
|
end
|
|
|
|
|
2019-10-01 14:00:27 -06:00
|
|
|
describe "reverse proxy" do
|
|
|
|
test "do not track successful request", %{conn: conn} do
|
2021-02-24 20:37:30 -07:00
|
|
|
request_mock(2)
|
2019-10-01 14:00:27 -06:00
|
|
|
url = "/success"
|
|
|
|
|
|
|
|
conn = ReverseProxy.call(conn, url)
|
|
|
|
|
|
|
|
assert conn.status == 200
|
|
|
|
assert Cachex.get(:failed_proxy_url_cache, url) == {:ok, nil}
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-02-22 13:46:59 -07:00
|
|
|
test "use Pleroma's user agent in the request; don't pass the client's", %{conn: conn} do
|
2021-02-24 20:37:30 -07:00
|
|
|
request_mock(2)
|
2019-07-09 10:54:13 -06:00
|
|
|
|
2021-02-22 13:46:59 -07:00
|
|
|
conn =
|
|
|
|
conn
|
|
|
|
|> Plug.Conn.put_req_header("user-agent", "fake/1.0")
|
|
|
|
|> ReverseProxy.call("/user-agent")
|
|
|
|
|
|
|
|
assert json_response(conn, 200) == %{"user-agent" => Pleroma.Application.user_agent()}
|
2019-07-09 10:54:13 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
test "closed connection", %{conn: conn} do
|
|
|
|
ClientMock
|
|
|
|
|> expect(:request, fn :get, "/closed", _, _, _ -> {:ok, 200, [], %{}} end)
|
|
|
|
|> expect(:stream_body, fn _ -> {:error, :closed} end)
|
|
|
|
|> expect(:close, fn _ -> :ok end)
|
|
|
|
|
|
|
|
conn = ReverseProxy.call(conn, "/closed")
|
|
|
|
assert conn.halted
|
|
|
|
end
|
|
|
|
|
2020-02-11 00:12:57 -07:00
|
|
|
defp stream_mock(invokes, with_close? \\ false) do
|
|
|
|
ClientMock
|
|
|
|
|> expect(:request, fn :get, "/stream-bytes/" <> length, _, _, _ ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.register(ClientMock, "/stream-bytes/" <> length, 0)
|
2020-02-11 00:12:57 -07:00
|
|
|
|
|
|
|
{:ok, 200, [{"content-type", "application/octet-stream"}],
|
|
|
|
%{url: "/stream-bytes/" <> length}}
|
|
|
|
end)
|
|
|
|
|> expect(:stream_body, invokes, fn %{url: "/stream-bytes/" <> length} = client ->
|
|
|
|
max = String.to_integer(length)
|
|
|
|
|
2020-03-07 01:01:37 -07:00
|
|
|
case Registry.lookup(ClientMock, "/stream-bytes/" <> length) do
|
2020-02-11 00:12:57 -07:00
|
|
|
[{_, current}] when current < max ->
|
|
|
|
Registry.update_value(
|
2020-03-07 01:01:37 -07:00
|
|
|
ClientMock,
|
2020-02-11 00:12:57 -07:00
|
|
|
"/stream-bytes/" <> length,
|
|
|
|
&(&1 + 10)
|
|
|
|
)
|
|
|
|
|
|
|
|
{:ok, "0123456789", client}
|
|
|
|
|
|
|
|
[{_, ^max}] ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.unregister(ClientMock, "/stream-bytes/" <> length)
|
2020-02-11 00:12:57 -07:00
|
|
|
:done
|
|
|
|
end
|
|
|
|
end)
|
|
|
|
|
|
|
|
if with_close? do
|
|
|
|
expect(ClientMock, :close, fn _ -> :ok end)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "max_body" do
|
2019-07-09 10:54:13 -06:00
|
|
|
test "length returns error if content-length more than option", %{conn: conn} do
|
2021-02-24 20:37:30 -07:00
|
|
|
request_mock(0)
|
2019-07-09 10:54:13 -06:00
|
|
|
|
|
|
|
assert capture_log(fn ->
|
2019-10-01 14:00:27 -06:00
|
|
|
ReverseProxy.call(conn, "/huge-file", max_body_length: 4)
|
2019-07-09 10:54:13 -06:00
|
|
|
end) =~
|
2019-10-01 14:00:27 -06:00
|
|
|
"[error] Elixir.Pleroma.ReverseProxy: request to \"/huge-file\" failed: :body_too_large"
|
|
|
|
|
|
|
|
assert {:ok, true} == Cachex.get(:failed_proxy_url_cache, "/huge-file")
|
|
|
|
|
|
|
|
assert capture_log(fn ->
|
|
|
|
ReverseProxy.call(conn, "/huge-file", max_body_length: 4)
|
|
|
|
end) == ""
|
2019-07-09 10:54:13 -06:00
|
|
|
end
|
|
|
|
|
2019-08-15 14:34:41 -06:00
|
|
|
test "max_body_length returns error if streaming body more than that option", %{conn: conn} do
|
2019-07-09 10:54:13 -06:00
|
|
|
stream_mock(3, true)
|
|
|
|
|
|
|
|
assert capture_log(fn ->
|
2019-08-15 14:34:41 -06:00
|
|
|
ReverseProxy.call(conn, "/stream-bytes/50", max_body_length: 30)
|
2019-07-09 10:54:13 -06:00
|
|
|
end) =~
|
2022-01-24 11:03:10 -07:00
|
|
|
"Elixir.Pleroma.ReverseProxy request to /stream-bytes/50 failed while reading/chunking: :body_too_large"
|
2019-07-09 10:54:13 -06:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "HEAD requests" do
|
|
|
|
test "common", %{conn: conn} do
|
|
|
|
ClientMock
|
|
|
|
|> expect(:request, fn :head, "/head", _, _, _ ->
|
|
|
|
{:ok, 200, [{"content-type", "text/html; charset=utf-8"}]}
|
|
|
|
end)
|
|
|
|
|
|
|
|
conn = ReverseProxy.call(Map.put(conn, :method, "HEAD"), "/head")
|
|
|
|
assert html_response(conn, 200) == ""
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
defp error_mock(status) when is_integer(status) do
|
|
|
|
ClientMock
|
|
|
|
|> expect(:request, fn :get, "/status/" <> _, _, _, _ ->
|
|
|
|
{:error, status}
|
|
|
|
end)
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "returns error on" do
|
|
|
|
test "500", %{conn: conn} do
|
|
|
|
error_mock(500)
|
2019-10-01 14:00:27 -06:00
|
|
|
url = "/status/500"
|
2019-07-09 10:54:13 -06:00
|
|
|
|
2019-10-01 14:00:27 -06:00
|
|
|
capture_log(fn -> ReverseProxy.call(conn, url) end) =~
|
2019-07-09 10:54:13 -06:00
|
|
|
"[error] Elixir.Pleroma.ReverseProxy: request to /status/500 failed with HTTP status 500"
|
2019-10-01 14:00:27 -06:00
|
|
|
|
|
|
|
assert Cachex.get(:failed_proxy_url_cache, url) == {:ok, true}
|
|
|
|
|
|
|
|
{:ok, ttl} = Cachex.ttl(:failed_proxy_url_cache, url)
|
|
|
|
assert ttl <= 60_000
|
2019-07-09 10:54:13 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
test "400", %{conn: conn} do
|
|
|
|
error_mock(400)
|
2019-10-01 14:00:27 -06:00
|
|
|
url = "/status/400"
|
2019-07-09 10:54:13 -06:00
|
|
|
|
2019-10-01 14:00:27 -06:00
|
|
|
capture_log(fn -> ReverseProxy.call(conn, url) end) =~
|
2019-07-09 10:54:13 -06:00
|
|
|
"[error] Elixir.Pleroma.ReverseProxy: request to /status/400 failed with HTTP status 400"
|
2019-10-01 14:00:27 -06:00
|
|
|
|
|
|
|
assert Cachex.get(:failed_proxy_url_cache, url) == {:ok, true}
|
|
|
|
assert Cachex.ttl(:failed_proxy_url_cache, url) == {:ok, nil}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "403", %{conn: conn} do
|
|
|
|
error_mock(403)
|
|
|
|
url = "/status/403"
|
|
|
|
|
|
|
|
capture_log(fn ->
|
|
|
|
ReverseProxy.call(conn, url, failed_request_ttl: :timer.seconds(120))
|
|
|
|
end) =~
|
|
|
|
"[error] Elixir.Pleroma.ReverseProxy: request to /status/403 failed with HTTP status 403"
|
|
|
|
|
|
|
|
{:ok, ttl} = Cachex.ttl(:failed_proxy_url_cache, url)
|
|
|
|
assert ttl > 100_000
|
2019-07-09 10:54:13 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
test "204", %{conn: conn} do
|
2019-10-01 14:00:27 -06:00
|
|
|
url = "/status/204"
|
|
|
|
expect(ClientMock, :request, fn :get, _url, _, _, _ -> {:ok, 204, [], %{}} end)
|
2019-07-09 10:54:13 -06:00
|
|
|
|
|
|
|
capture_log(fn ->
|
2019-10-01 14:00:27 -06:00
|
|
|
conn = ReverseProxy.call(conn, url)
|
2019-07-09 10:54:13 -06:00
|
|
|
assert conn.resp_body == "Request failed: No Content"
|
|
|
|
assert conn.halted
|
|
|
|
end) =~
|
|
|
|
"[error] Elixir.Pleroma.ReverseProxy: request to \"/status/204\" failed with HTTP status 204"
|
2019-10-01 14:00:27 -06:00
|
|
|
|
|
|
|
assert Cachex.get(:failed_proxy_url_cache, url) == {:ok, true}
|
|
|
|
assert Cachex.ttl(:failed_proxy_url_cache, url) == {:ok, nil}
|
2019-07-09 10:54:13 -06:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
test "streaming", %{conn: conn} do
|
|
|
|
stream_mock(21)
|
|
|
|
conn = ReverseProxy.call(conn, "/stream-bytes/200")
|
|
|
|
assert conn.state == :chunked
|
|
|
|
assert byte_size(conn.resp_body) == 200
|
2020-03-07 01:01:37 -07:00
|
|
|
assert Conn.get_resp_header(conn, "content-type") == ["application/octet-stream"]
|
2019-07-09 10:54:13 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
defp headers_mock(_) do
|
|
|
|
ClientMock
|
|
|
|
|> expect(:request, fn :get, "/headers", headers, _, _ ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.register(ClientMock, "/headers", 0)
|
2019-07-09 10:54:13 -06:00
|
|
|
{:ok, 200, [{"content-type", "application/json"}], %{url: "/headers", headers: headers}}
|
|
|
|
end)
|
2020-02-11 00:12:57 -07:00
|
|
|
|> expect(:stream_body, 2, fn %{url: url, headers: headers} = client ->
|
2020-03-07 01:01:37 -07:00
|
|
|
case Registry.lookup(ClientMock, url) do
|
2019-07-09 10:54:13 -06:00
|
|
|
[{_, 0}] ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.update_value(ClientMock, url, &(&1 + 1))
|
2019-07-09 10:54:13 -06:00
|
|
|
headers = for {k, v} <- headers, into: %{}, do: {String.capitalize(k), v}
|
2020-02-11 00:12:57 -07:00
|
|
|
{:ok, Jason.encode!(%{headers: headers}), client}
|
2019-07-09 10:54:13 -06:00
|
|
|
|
|
|
|
[{_, 1}] ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.unregister(ClientMock, url)
|
2019-07-09 10:54:13 -06:00
|
|
|
:done
|
|
|
|
end
|
|
|
|
end)
|
|
|
|
|
|
|
|
:ok
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "keep request headers" do
|
|
|
|
setup [:headers_mock]
|
|
|
|
|
|
|
|
test "header passes", %{conn: conn} do
|
|
|
|
conn =
|
2020-03-07 01:01:37 -07:00
|
|
|
Conn.put_req_header(
|
2019-07-09 10:54:13 -06:00
|
|
|
conn,
|
|
|
|
"accept",
|
|
|
|
"text/html"
|
|
|
|
)
|
|
|
|
|> ReverseProxy.call("/headers")
|
|
|
|
|
|
|
|
%{"headers" => headers} = json_response(conn, 200)
|
|
|
|
assert headers["Accept"] == "text/html"
|
|
|
|
end
|
|
|
|
|
|
|
|
test "header is filtered", %{conn: conn} do
|
|
|
|
conn =
|
2020-03-07 01:01:37 -07:00
|
|
|
Conn.put_req_header(
|
2019-07-09 10:54:13 -06:00
|
|
|
conn,
|
|
|
|
"accept-language",
|
|
|
|
"en-US"
|
|
|
|
)
|
|
|
|
|> ReverseProxy.call("/headers")
|
|
|
|
|
|
|
|
%{"headers" => headers} = json_response(conn, 200)
|
|
|
|
refute headers["Accept-Language"]
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
test "returns 400 on non GET, HEAD requests", %{conn: conn} do
|
|
|
|
conn = ReverseProxy.call(Map.put(conn, :method, "POST"), "/ip")
|
|
|
|
assert conn.status == 400
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "cache resp headers" do
|
|
|
|
test "add cache-control", %{conn: conn} do
|
|
|
|
ClientMock
|
|
|
|
|> expect(:request, fn :get, "/cache", _, _, _ ->
|
|
|
|
{:ok, 200, [{"ETag", "some ETag"}], %{}}
|
|
|
|
end)
|
|
|
|
|> expect(:stream_body, fn _ -> :done end)
|
|
|
|
|
|
|
|
conn = ReverseProxy.call(conn, "/cache")
|
2020-03-13 11:20:33 -06:00
|
|
|
assert {"cache-control", "public, max-age=1209600"} in conn.resp_headers
|
2019-07-09 10:54:13 -06:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
defp disposition_headers_mock(headers) do
|
|
|
|
ClientMock
|
|
|
|
|> expect(:request, fn :get, "/disposition", _, _, _ ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.register(ClientMock, "/disposition", 0)
|
2019-07-09 10:54:13 -06:00
|
|
|
|
|
|
|
{:ok, 200, headers, %{url: "/disposition"}}
|
|
|
|
end)
|
2020-02-11 00:12:57 -07:00
|
|
|
|> expect(:stream_body, 2, fn %{url: "/disposition"} = client ->
|
2020-03-07 01:01:37 -07:00
|
|
|
case Registry.lookup(ClientMock, "/disposition") do
|
2019-07-09 10:54:13 -06:00
|
|
|
[{_, 0}] ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.update_value(ClientMock, "/disposition", &(&1 + 1))
|
2020-02-11 00:12:57 -07:00
|
|
|
{:ok, "", client}
|
2019-07-09 10:54:13 -06:00
|
|
|
|
|
|
|
[{_, 1}] ->
|
2020-03-07 01:01:37 -07:00
|
|
|
Registry.unregister(ClientMock, "/disposition")
|
2019-07-09 10:54:13 -06:00
|
|
|
:done
|
|
|
|
end
|
|
|
|
end)
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "response content disposition header" do
|
|
|
|
test "not atachment", %{conn: conn} do
|
|
|
|
disposition_headers_mock([
|
|
|
|
{"content-type", "image/gif"},
|
2020-07-10 09:10:48 -06:00
|
|
|
{"content-length", "0"}
|
2019-07-09 10:54:13 -06:00
|
|
|
])
|
|
|
|
|
|
|
|
conn = ReverseProxy.call(conn, "/disposition")
|
|
|
|
|
|
|
|
assert {"content-type", "image/gif"} in conn.resp_headers
|
|
|
|
end
|
|
|
|
|
|
|
|
test "with content-disposition header", %{conn: conn} do
|
|
|
|
disposition_headers_mock([
|
|
|
|
{"content-disposition", "attachment; filename=\"filename.jpg\""},
|
2020-07-10 09:10:48 -06:00
|
|
|
{"content-length", "0"}
|
2019-07-09 10:54:13 -06:00
|
|
|
])
|
|
|
|
|
|
|
|
conn = ReverseProxy.call(conn, "/disposition")
|
|
|
|
|
|
|
|
assert {"content-disposition", "attachment; filename=\"filename.jpg\""} in conn.resp_headers
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|