TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-18 16:01:40 +03:00
Code Issues Projects Releases Wiki Activity
892b9ab397
Ghost/ghost/core/test/e2e-server/1-options-requests.test.js

171 lines
5.8 KiB
JavaScript
Raw Normal View History

Updated to use assert/strict everywhere (#17047) refs: https://github.com/TryGhost/Toolbox/issues/595 We're rolling out new rules around the node assert library, the first of which is enforcing the use of assert/strict. This means we don't need to use the strict version of methods, as the standard version will work that way by default. This caught some gotchas in our existing usage of assert where the lack of strict mode had unexpected results: - Url matching needs to be done on `url.href` see https://github.com/TryGhost/Ghost/pull/17047/commits/aa58b354a40751326fe3c00902b202099b2223d2 - Null and undefined are not the same thing, there were a few cases of this being confused - Particularly questionable changes in [PostExporter tests](https://github.com/TryGhost/Ghost/pull/17047/commits/c1a468744beeca4c09ebfe4ac4f87fb3a685f25e) tracked [here](https://github.com/TryGhost/Team/issues/3505). - A typo see https://github.com/TryGhost/Ghost/pull/17047/commits/eaac9c293a87fe0c9646eb52f5f5ef3ecd6d56b0 Moving forward, using assert strict should help us to catch unexpected behaviour, particularly around nulls and undefineds during implementation.
2023-06-21 11:56:59 +03:00
const assert = require('assert/strict');
Added `Content-Version` header to all API requests refs https://github.com/TryGhost/Team/issues/2400 - we've deemed it useful to start to return `Content-Version` for all API requests, because it becomes useful to know which version of Ghost a response has come from in logs - this should also help us detect Admin<->Ghost API mismatches, which was the cause of a bug recently (ref'd issue)
2023-01-17 14:56:29 +03:00
const {agentProvider, matchers} = require('../utils/e2e-framework');
const {anyContentVersion} = matchers;
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
const config = require('../../core/shared/config');
describe('OPTIONS requests', function () {
let adminAgent;
let membersAgent;
let frontendAgent;
let contentAPIAgent;
let ghostServer;
before(async function () {
const agents = await agentProvider.getAgentsWithFrontend();
adminAgent = agents.adminAgent;
membersAgent = agents.membersAgent;
frontendAgent = agents.frontendAgent;
contentAPIAgent = agents.contentAPIAgent;
ghostServer = agents.ghostServer;
});
after(async function () {
await ghostServer.stop();
});
describe('CORS headers in Admin API', function () {
it('Handles same origin request', async function () {
await adminAgent
.options('site')
.expectStatus(204)
Added `Content-Version` header to all API requests refs https://github.com/TryGhost/Team/issues/2400 - we've deemed it useful to start to return `Content-Version` for all API requests, because it becomes useful to know which version of Ghost a response has come from in logs - this should also help us detect Admin<->Ghost API mismatches, which was the cause of a bug recently (ref'd issue)
2023-01-17 14:56:29 +03:00
.matchHeaderSnapshot({
'content-version': anyContentVersion
});
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
});
Renamed options test suite cases refs https://github.com/TryGhost/Toolbox/issues/461 - The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 10:05:37 +03:00
it('Handles no origin header request', async function () {
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
await adminAgent
.options('site', {
headers: {
origin: null
}
})
.expectStatus(200)
Added `Content-Version` header to all API requests refs https://github.com/TryGhost/Team/issues/2400 - we've deemed it useful to start to return `Content-Version` for all API requests, because it becomes useful to know which version of Ghost a response has come from in logs - this should also help us detect Admin<->Ghost API mismatches, which was the cause of a bug recently (ref'd issue)
2023-01-17 14:56:29 +03:00
.matchHeaderSnapshot({
'content-version': anyContentVersion
});
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
});
Renamed options test suite cases refs https://github.com/TryGhost/Toolbox/issues/461 - The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 10:05:37 +03:00
it('Handles cross-domain origin header request', async function () {
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
await adminAgent
.options('site', {
headers: {
origin: 'https://otherdomain.tld/'
}
})
.expectStatus(200)
Added `Content-Version` header to all API requests refs https://github.com/TryGhost/Team/issues/2400 - we've deemed it useful to start to return `Content-Version` for all API requests, because it becomes useful to know which version of Ghost a response has come from in logs - this should also help us detect Admin<->Ghost API mismatches, which was the cause of a bug recently (ref'd issue)
2023-01-17 14:56:29 +03:00
.matchHeaderSnapshot({
'content-version': anyContentVersion
});
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
});
});
describe('CORS headers in Members API', function () {
Renamed options test suite cases refs https://github.com/TryGhost/Toolbox/issues/461 - The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 10:05:37 +03:00
it('Handles same origin request', async function () {
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
await membersAgent
.options('member')
.expectStatus(204)
.matchHeaderSnapshot();
});
Renamed options test suite cases refs https://github.com/TryGhost/Toolbox/issues/461 - The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 10:05:37 +03:00
it('Handles no origin header request', async function () {
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
await membersAgent
.options('member', {
headers: {
origin: null
}
})
.expectStatus(204)
.matchHeaderSnapshot();
});
Renamed options test suite cases refs https://github.com/TryGhost/Toolbox/issues/461 - The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 10:05:37 +03:00
it('Handles cross-domain origin header request', async function () {
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
await membersAgent
.options('member', {
headers: {
origin: 'https://otherdomain.tld/'
}
})
.expectStatus(204)
.matchHeaderSnapshot();
});
});
describe('CORS headers in Frontend', function () {
it('Responds with no referer vary header value when same referer', async function () {
const res = await frontendAgent
.set('Origin', config.get('url'))
.options('/')
.expect(204);
assert.equal(res.headers['access-control-allow-origin'], 'http://127.0.0.1:2369');
assert.equal(res.headers['access-control-allow-credentials'], 'true');
assert.equal(res.headers['access-control-allow-methods'], 'GET,HEAD,PUT,PATCH,POST,DELETE');
assert.equal(res.headers['access-control-max-age'], '86400');
assert.equal(res.headers.vary, 'Origin, Access-Control-Request-Headers');
assert.equal(res.headers['cache-control'], undefined);
assert.equal(res.headers.allow, undefined);
});
it('Does not allow CORS with when no origin is present in the request', async function () {
const res = await frontendAgent
.options('/')
.set('origin', null)
.expect(200);
assert.equal(res.headers['cache-control'], 'public, max-age=0');
Added Vary value for CORS in Frontend refs https://github.com/TryGhost/Toolbox/issues/461 - Having a 'Origin' in vary header value present on each `OPTIONS` allows to correctly bucket "allowed CORS" and "disallowed CORS" responses in shared caches
2022-11-02 11:20:15 +03:00
assert.equal(res.headers.vary, 'Origin, Accept-Encoding');
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
assert.equal(res.headers.allow, 'POST,GET,HEAD');
});
it('Responds with no referer vary header value when different referer', async function () {
const res = await frontendAgent
.options('/')
.set('origin', 'https://otherdomain.tld/')
.expect(200);
assert.equal(res.headers['cache-control'], 'public, max-age=0');
Added Vary value for CORS in Frontend refs https://github.com/TryGhost/Toolbox/issues/461 - Having a 'Origin' in vary header value present on each `OPTIONS` allows to correctly bucket "allowed CORS" and "disallowed CORS" responses in shared caches
2022-11-02 11:20:15 +03:00
assert.equal(res.headers.vary, 'Origin, Accept-Encoding');
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
assert.equal(res.headers.allow, 'POST,GET,HEAD');
});
});
describe('CORS headers in Content API', function () {
Renamed options test suite cases refs https://github.com/TryGhost/Toolbox/issues/461 - The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 10:05:37 +03:00
it('Handles same origin request', async function () {
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
await contentAPIAgent
.options('site')
.expectStatus(204)
Added `Content-Version` header to all API requests refs https://github.com/TryGhost/Team/issues/2400 - we've deemed it useful to start to return `Content-Version` for all API requests, because it becomes useful to know which version of Ghost a response has come from in logs - this should also help us detect Admin<->Ghost API mismatches, which was the cause of a bug recently (ref'd issue)
2023-01-17 14:56:29 +03:00
.matchHeaderSnapshot({
'content-version': anyContentVersion
});
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
});
Renamed options test suite cases refs https://github.com/TryGhost/Toolbox/issues/461 - The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 10:05:37 +03:00
it('Handles no origin header request', async function () {
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
await contentAPIAgent
.options('site', {
headers: {
origin: null
}
})
.expectStatus(204)
Added `Content-Version` header to all API requests refs https://github.com/TryGhost/Team/issues/2400 - we've deemed it useful to start to return `Content-Version` for all API requests, because it becomes useful to know which version of Ghost a response has come from in logs - this should also help us detect Admin<->Ghost API mismatches, which was the cause of a bug recently (ref'd issue)
2023-01-17 14:56:29 +03:00
.matchHeaderSnapshot({
'content-version': anyContentVersion
});
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
});
Renamed options test suite cases refs https://github.com/TryGhost/Toolbox/issues/461 - The previous names were poorly representing the state that was produced and checked by the test cases
2022-11-02 10:05:37 +03:00
it('Handles cross-domain origin header request', async function () {
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
await contentAPIAgent
.options('site', {
headers: {
origin: 'https://otherdomain.tld/'
}
})
.expectStatus(204)
Added `Content-Version` header to all API requests refs https://github.com/TryGhost/Team/issues/2400 - we've deemed it useful to start to return `Content-Version` for all API requests, because it becomes useful to know which version of Ghost a response has come from in logs - this should also help us detect Admin<->Ghost API mismatches, which was the cause of a bug recently (ref'd issue)
2023-01-17 14:56:29 +03:00
.matchHeaderSnapshot({
'content-version': anyContentVersion
});
Added a test suite for OPTIONS requests refs https://github.com/TryGhost/Toolbox/issues/461 - The codebase has ambiguous behavior with OPTIONS request. Adding tests covering edge cases for all possible variations of OPTIONS responses is the first step to solving cahceability of these requests. - The obvious question if you look into the changeset itself would also be: "WTF did you do with test suite naming? What are these changes in admin and click tracking suites? You having a bad day Naz?". The answer is "yes" (╯°□°)╯︵ ┻━┻ - On a serious note. I've introduced multiple hacks here that should be fixed: 1. Forced test suite execution order for options request - extreme blasphemy. This was last resort decision. I went deep into trying to fixup the server shutdown in the "admin" test suite, which cascaded into failing "click tracking" suite, which has shortcomings on it's own (see notes left in that suite) 2. Exposed "ghostServer" from the e2e-framework's "getAgentsWithFrontend" method. Exposing ghostServer to be able to shut it down (or do other manipulations) was one of the pitfalls we had in the previous test utils, which ended up plaguing the test codebase. Ideally the framework should only be exposing the agents and the rest would happen behind the scenes. - To fix the hacks above I've raised a cleanup issue (https://github.com/TryGhost/Toolbox/issues/471). I'm very sorry for this mess. The issue at hand has very little to do with fixing the e2e framework, so leaving things "as is".
2022-11-02 08:10:49 +03:00
});
});
});
Reference in New Issue Copy Permalink