2015-07-15 19:01:23 +03:00
|
|
|
var sinon = require('sinon'),
|
2015-09-08 19:05:22 +03:00
|
|
|
should = require('should'),
|
2015-12-14 23:05:11 +03:00
|
|
|
configUtils = require('../../utils/configUtils'),
|
2015-07-15 19:01:23 +03:00
|
|
|
checkSSL = require('../../../server/middleware/check-ssl');
|
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
should.equal(true, true);
|
|
|
|
|
2015-07-15 19:01:23 +03:00
|
|
|
describe('checkSSL', function () {
|
2015-09-08 19:05:22 +03:00
|
|
|
var res, req, next, sandbox;
|
2015-07-15 19:01:23 +03:00
|
|
|
|
|
|
|
beforeEach(function () {
|
|
|
|
sandbox = sinon.sandbox.create();
|
2015-09-08 19:05:22 +03:00
|
|
|
req = {};
|
|
|
|
res = {};
|
|
|
|
next = sandbox.spy();
|
2015-12-14 23:05:11 +03:00
|
|
|
|
|
|
|
configUtils.set({
|
|
|
|
url: 'http://default.com:2368/'
|
|
|
|
});
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
|
|
|
|
afterEach(function () {
|
|
|
|
sandbox.restore();
|
2015-12-14 23:05:11 +03:00
|
|
|
configUtils.restore();
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
it('should not require SSL (frontend)', function (done) {
|
|
|
|
req.url = '/';
|
2015-07-15 19:01:23 +03:00
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.true();
|
|
|
|
next.calledWith().should.be.true();
|
2015-09-08 19:05:22 +03:00
|
|
|
done();
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
it('should require SSL (frontend)', function (done) {
|
|
|
|
req.url = '/';
|
|
|
|
req.secure = true;
|
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.true();
|
|
|
|
next.calledWith().should.be.true();
|
2015-09-08 19:05:22 +03:00
|
|
|
done();
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
it('should not require SSL (admin)', function (done) {
|
|
|
|
req.url = '/ghost';
|
|
|
|
res.isAdmin = true;
|
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.true();
|
|
|
|
next.calledWith().should.be.true();
|
2015-09-08 19:05:22 +03:00
|
|
|
done();
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
it('should not redirect with SSL (admin)', function (done) {
|
|
|
|
req.url = '/ghost';
|
|
|
|
res.isAdmin = true;
|
|
|
|
res.secure = true;
|
2015-12-14 23:05:11 +03:00
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.true();
|
|
|
|
next.calledWith().should.be.true();
|
2015-09-08 19:05:22 +03:00
|
|
|
done();
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
it('should not redirect with force admin SSL (admin)', function (done) {
|
|
|
|
req.url = '/ghost';
|
|
|
|
res.isAdmin = true;
|
|
|
|
req.secure = true;
|
2015-12-14 23:05:11 +03:00
|
|
|
configUtils.set({
|
2015-09-08 19:05:22 +03:00
|
|
|
url: 'http://default.com:2368/',
|
|
|
|
forceAdminSSL: true
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
2015-09-08 19:05:22 +03:00
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.true();
|
|
|
|
next.calledWith().should.be.true();
|
2015-09-08 19:05:22 +03:00
|
|
|
done();
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
it('should redirect with force admin SSL (admin)', function (done) {
|
|
|
|
req.url = '/ghost/';
|
|
|
|
res.isAdmin = true;
|
|
|
|
res.redirect = {};
|
|
|
|
req.secure = false;
|
2015-12-14 23:05:11 +03:00
|
|
|
configUtils.set({
|
2015-09-08 19:05:22 +03:00
|
|
|
url: 'http://default.com:2368/',
|
|
|
|
urlSSL: '',
|
|
|
|
forceAdminSSL: true
|
|
|
|
});
|
|
|
|
sandbox.stub(res, 'redirect', function (statusCode, url) {
|
|
|
|
statusCode.should.eql(301);
|
2016-02-08 00:27:01 +03:00
|
|
|
url.should.not.be.empty();
|
2015-09-08 19:05:22 +03:00
|
|
|
url.should.eql('https://default.com:2368/ghost/');
|
|
|
|
return;
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
2015-09-08 19:05:22 +03:00
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.false();
|
2015-09-08 19:05:22 +03:00
|
|
|
done();
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
|
2015-09-25 13:02:14 +03:00
|
|
|
it('should redirect to subdirectory with force admin SSL (admin)', function (done) {
|
|
|
|
req.url = '/blog/ghost/';
|
|
|
|
res.isAdmin = true;
|
|
|
|
res.redirect = {};
|
|
|
|
req.secure = false;
|
2015-12-14 23:05:11 +03:00
|
|
|
configUtils.set({
|
2015-09-25 13:02:14 +03:00
|
|
|
url: 'http://default.com:2368/blog/',
|
|
|
|
urlSSL: '',
|
|
|
|
forceAdminSSL: true
|
|
|
|
});
|
|
|
|
sandbox.stub(res, 'redirect', function (statusCode, url) {
|
|
|
|
statusCode.should.eql(301);
|
2016-02-08 00:27:01 +03:00
|
|
|
url.should.not.be.empty();
|
2015-09-25 13:02:14 +03:00
|
|
|
url.should.eql('https://default.com:2368/blog/ghost/');
|
|
|
|
return;
|
|
|
|
});
|
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.false();
|
2015-09-25 13:02:14 +03:00
|
|
|
done();
|
|
|
|
});
|
|
|
|
|
|
|
|
it('should redirect and keep query with force admin SSL (admin)', function (done) {
|
|
|
|
req.url = '/ghost/';
|
|
|
|
req.query = {
|
|
|
|
test: 'true'
|
|
|
|
};
|
|
|
|
res.isAdmin = true;
|
|
|
|
res.redirect = {};
|
|
|
|
req.secure = false;
|
2015-12-14 23:05:11 +03:00
|
|
|
configUtils.set({
|
2015-09-25 13:02:14 +03:00
|
|
|
url: 'http://default.com:2368/',
|
|
|
|
urlSSL: '',
|
|
|
|
forceAdminSSL: true
|
|
|
|
});
|
|
|
|
sandbox.stub(res, 'redirect', function (statusCode, url) {
|
|
|
|
statusCode.should.eql(301);
|
2016-02-08 00:27:01 +03:00
|
|
|
url.should.not.be.empty();
|
2015-09-25 13:02:14 +03:00
|
|
|
url.should.eql('https://default.com:2368/ghost/?test=true');
|
|
|
|
return;
|
|
|
|
});
|
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.false();
|
2015-09-25 13:02:14 +03:00
|
|
|
done();
|
|
|
|
});
|
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
it('should redirect with with config.url being SSL (frontend)', function (done) {
|
2015-09-25 13:02:14 +03:00
|
|
|
req.url = '/';
|
2015-09-08 19:05:22 +03:00
|
|
|
req.secure = false;
|
|
|
|
res.redirect = {};
|
2015-12-14 23:05:11 +03:00
|
|
|
configUtils.set({
|
2015-09-08 19:05:22 +03:00
|
|
|
url: 'https://default.com:2368',
|
|
|
|
urlSSL: '',
|
|
|
|
forceAdminSSL: true
|
|
|
|
});
|
|
|
|
sandbox.stub(res, 'redirect', function (statusCode, url) {
|
|
|
|
statusCode.should.eql(301);
|
2016-02-08 00:27:01 +03:00
|
|
|
url.should.not.be.empty();
|
2015-09-08 19:05:22 +03:00
|
|
|
url.should.eql('https://default.com:2368/');
|
|
|
|
return;
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
2015-09-08 19:05:22 +03:00
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.false();
|
2015-09-08 19:05:22 +03:00
|
|
|
done();
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
it('should redirect to urlSSL (admin)', function (done) {
|
|
|
|
req.url = '/ghost/';
|
|
|
|
res.isAdmin = true;
|
|
|
|
res.redirect = {};
|
|
|
|
req.secure = false;
|
2015-12-14 23:05:11 +03:00
|
|
|
configUtils.set({
|
2015-09-08 19:05:22 +03:00
|
|
|
url: 'http://default.com:2368/',
|
2015-12-14 23:05:11 +03:00
|
|
|
urlSSL: 'https://ssl-domain.com:2368/',
|
|
|
|
forceAdminSSL: true
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
2015-09-08 19:05:22 +03:00
|
|
|
sandbox.stub(res, 'redirect', function (statusCode, url) {
|
|
|
|
statusCode.should.eql(301);
|
2016-02-08 00:27:01 +03:00
|
|
|
url.should.not.be.empty();
|
2015-09-08 19:05:22 +03:00
|
|
|
url.should.eql('https://ssl-domain.com:2368/ghost/');
|
|
|
|
return;
|
|
|
|
});
|
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.false();
|
2015-09-08 19:05:22 +03:00
|
|
|
done();
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
|
2015-09-08 19:05:22 +03:00
|
|
|
it('should not redirect if redirect:false (admin)', function (done) {
|
|
|
|
req.url = '/ghost/';
|
|
|
|
res.isAdmin = true;
|
|
|
|
res.sendStatus = {};
|
|
|
|
req.secure = false;
|
2015-12-14 23:05:11 +03:00
|
|
|
configUtils.set({
|
2015-09-08 19:05:22 +03:00
|
|
|
url: 'http://default.com:2368/',
|
|
|
|
forceAdminSSL: {
|
|
|
|
redirect: false
|
|
|
|
}
|
|
|
|
});
|
|
|
|
sandbox.stub(res, 'sendStatus', function (statusCode) {
|
|
|
|
statusCode.should.eql(403);
|
|
|
|
return;
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
2015-09-08 19:05:22 +03:00
|
|
|
checkSSL(req, res, next);
|
2016-02-08 00:27:01 +03:00
|
|
|
next.called.should.be.false();
|
2015-09-08 19:05:22 +03:00
|
|
|
done();
|
2015-07-15 19:01:23 +03:00
|
|
|
});
|
|
|
|
});
|