mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-24 11:22:19 +03:00
01f8737d39
closes https://github.com/TryGhost/Team/issues/952 - The `/email/` route will be a home for email only posts. We are adding the route preemptively to have the crowlers update their caches before the feature sees the light of The Internet
485 lines
20 KiB
JavaScript
485 lines
20 KiB
JavaScript
// # Default Frontend Routing Test
|
|
// These tests check the default out-of-the-box behaviour of Ghost is working as expected.
|
|
|
|
// Test Structure
|
|
// As it stands, these tests depend on the database, and as such are integration tests.
|
|
// Mocking out the models to not touch the DB would turn these into unit tests, and should probably be done in future,
|
|
// But then again testing real code, rather than mock code, might be more useful...
|
|
const should = require('should');
|
|
const sinon = require('sinon');
|
|
const supertest = require('supertest');
|
|
const moment = require('moment');
|
|
const cheerio = require('cheerio');
|
|
const _ = require('lodash');
|
|
const testUtils = require('../utils');
|
|
const configUtils = require('../utils/configUtils');
|
|
const settingsCache = require('../../core/shared/settings-cache');
|
|
const origCache = _.cloneDeep(settingsCache);
|
|
|
|
function assertCorrectFrontendHeaders(res) {
|
|
should.not.exist(res.headers['x-cache-invalidate']);
|
|
should.not.exist(res.headers['X-CSRF-Token']);
|
|
should.not.exist(res.headers['set-cookie']);
|
|
should.exist(res.headers.date);
|
|
}
|
|
|
|
describe('Default Frontend routing', function () {
|
|
let request;
|
|
|
|
afterEach(function () {
|
|
sinon.restore();
|
|
});
|
|
|
|
before(async function () {
|
|
await testUtils.startGhost();
|
|
request = supertest.agent(configUtils.config.get('url'));
|
|
});
|
|
|
|
describe('Error', function () {
|
|
it('should 404 for unknown post', async function () {
|
|
await request.get('/spectacular/')
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
.expect(404)
|
|
.expect(/Page not found/)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
it('should 404 for unknown file', async function () {
|
|
await request.get('/content/images/some/file/that/doesnt-exist.jpg')
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
.expect(404)
|
|
.expect(/404 Image not found/)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
});
|
|
|
|
describe('Main Routes', function () {
|
|
it('/ should respond with valid HTML', async function () {
|
|
await request.get('/')
|
|
.expect('Content-Type', /html/)
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
.expect(200)
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
const $ = cheerio.load(res.text);
|
|
|
|
// NOTE: "Ghost" is the title from the settings.
|
|
$('title').text().should.equal('Ghost');
|
|
|
|
$('body.home-template').length.should.equal(1);
|
|
$('article.post').length.should.equal(7);
|
|
$('article.tag-getting-started').length.should.equal(7);
|
|
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('/author/ghost/ should respond with valid HTML', async function () {
|
|
await request.get('/author/ghost/')
|
|
.expect('Content-Type', /html/)
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
.expect(200)
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
const $ = cheerio.load(res.text);
|
|
|
|
// NOTE: "Ghost" is the title from the settings.
|
|
$('title').text().should.equal('Ghost - Ghost');
|
|
|
|
$('body.author-template').length.should.equal(1);
|
|
$('article.post').length.should.equal(7);
|
|
$('article.tag-getting-started').length.should.equal(7);
|
|
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('/tag/getting-started/ should respond with valid HTML', async function () {
|
|
await request.get('/tag/getting-started/')
|
|
.expect('Content-Type', /html/)
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
.expect(200)
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
const $ = cheerio.load(res.text);
|
|
|
|
// NOTE: "Ghost" is the title from the settings.
|
|
$('title').text().should.equal('Getting Started - Ghost');
|
|
|
|
$('body.tag-template').length.should.equal(1);
|
|
$('article.post').length.should.equal(7);
|
|
$('article.tag-getting-started').length.should.equal(7);
|
|
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('Single post', function () {
|
|
it('/welcome/ should respond with valid HTML', async function () {
|
|
await request.get('/welcome/')
|
|
.expect('Content-Type', /html/)
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
const $ = cheerio.load(res.text);
|
|
|
|
// NOTE: This is the title from the settings.
|
|
$('title').text().should.equal('Start here for a quick overview of everything you need to know');
|
|
|
|
$('body.post-template').length.should.equal(1);
|
|
$('body.tag-getting-started').length.should.equal(1);
|
|
$('article.post').length.should.equal(2);
|
|
$('article.tag-getting-started').length.should.equal(2);
|
|
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('should not work with date permalinks', async function () {
|
|
// get today's date
|
|
const date = moment().format('YYYY/MM/DD');
|
|
|
|
await request.get('/' + date + '/welcome/')
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
.expect(404)
|
|
.expect(/Page not found/)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
});
|
|
|
|
describe('Post edit', function () {
|
|
it('should redirect to editor', async function () {
|
|
await request.get('/welcome/edit/')
|
|
.expect('Location', /ghost\/#\/editor\/\w+/)
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
.expect(302)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
it('should 404 for non-edit parameter', async function () {
|
|
await request.get('/welcome/notedit/')
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
.expect(404)
|
|
.expect(/Page not found/)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
describe('Admin Redirects Disabled', function () {
|
|
before(async function () {
|
|
configUtils.set('admin:redirects', false);
|
|
|
|
await testUtils.startGhost({forceStart: true});
|
|
request = supertest.agent(configUtils.config.get('url'));
|
|
});
|
|
|
|
after(async function () {
|
|
configUtils.restore();
|
|
|
|
await testUtils.startGhost({forceStart: true});
|
|
request = supertest.agent(configUtils.config.get('url'));
|
|
});
|
|
|
|
it('/edit/ should NOT redirect to the editor', async function () {
|
|
await request.get('/welcome/edit/')
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
.expect(404)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('AMP post', function () {
|
|
it('should respond with html for valid url', async function () {
|
|
await request.get('/welcome/amp/')
|
|
.expect('Content-Type', /html/)
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
.expect(200)
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
const $ = cheerio.load(res.text);
|
|
|
|
$('.post-title').text().should.equal('Start here for a quick overview of everything you need to know');
|
|
|
|
$('.content .post').length.should.equal(1);
|
|
$('.powered').text().should.equal(' Published with Ghost');
|
|
$('body.amp-template').length.should.equal(1);
|
|
$('article.post').length.should.equal(1);
|
|
|
|
$('style[amp-custom]').length.should.equal(1);
|
|
|
|
res.text.should.containEql(':root {--ghost-accent-color: #FF1A75;}');
|
|
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('should not work with date permalinks', async function () {
|
|
// get today's date
|
|
const date = moment().format('YYYY/MM/DD');
|
|
|
|
await request.get('/' + date + '/welcome/amp/')
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
.expect(404)
|
|
.expect(/Page not found/)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
describe('AMP Disabled', function () {
|
|
it('/amp/ should redirect to regular post, including any query params', async function () {
|
|
sinon.stub(settingsCache, 'get').callsFake(function (key, options) {
|
|
if (key === 'amp' && !options) {
|
|
return false;
|
|
}
|
|
return origCache.get(key, options);
|
|
});
|
|
|
|
await request.get('/welcome/amp/?q=a')
|
|
.expect('Location', '/welcome/?q=a')
|
|
.expect(301)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('RSS', function () {
|
|
it('/rss/ should serve an RSS feed', async function () {
|
|
await request.get('/rss/')
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/<!\[CDATA\[Start here for a quick overview of everything you need to know\]\]>/);
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('/author/ghost/rss/ should serve an RSS feed', async function () {
|
|
await request.get('/author/ghost/rss/')
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/<!\[CDATA\[Start here for a quick overview of everything you need to know\]\]>/);
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('/tag/getting-started/rss/ should serve an RSS feed', async function () {
|
|
await request.get('/tag/getting-started/rss/')
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.public)
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/<!\[CDATA\[Start here for a quick overview of everything you need to know\]\]>/);
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('Static assets', function () {
|
|
it('should retrieve theme assets', async function () {
|
|
await request.get('/assets/css/screen.css')
|
|
.expect('Cache-Control', testUtils.cacheRules.year)
|
|
.expect(200)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
it('should retrieve default robots.txt', async function () {
|
|
const res = await request.get('/robots.txt')
|
|
.expect('Cache-Control', testUtils.cacheRules.hour)
|
|
.expect('ETag', /[0-9a-f]{32}/i)
|
|
.expect(200)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
|
|
// The response here is a publicly documented format users rely on
|
|
// In case it's changed remember to update the docs at https://ghost.org/help/modifying-robots-txt/
|
|
res.text.should.equal(
|
|
'User-agent: *\n' +
|
|
'Sitemap: http://127.0.0.1:2369/sitemap.xml\nDisallow: /ghost/\n' +
|
|
'Disallow: /p/\n' +
|
|
'Disallow: /email/\n'
|
|
);
|
|
});
|
|
|
|
it('should retrieve default favicon.ico', async function () {
|
|
await request.get('/favicon.ico')
|
|
.expect('Cache-Control', testUtils.cacheRules.day)
|
|
.expect('ETag', /[0-9a-f]{32}/i)
|
|
.expect(200)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
});
|
|
|
|
describe('Site Map', function () {
|
|
before(async function () {
|
|
await testUtils.clearData();
|
|
await testUtils.initData();
|
|
await testUtils.initFixtures('posts');
|
|
});
|
|
|
|
it('should serve sitemap.xml', async function () {
|
|
await request.get('/sitemap.xml')
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.hour)
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/sitemapindex/);
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('should serve sitemap-posts.xml', async function () {
|
|
await request.get('/sitemap-posts.xml')
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.hour)
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/urlset/);
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('should serve sitemap-pages.xml', async function () {
|
|
await request.get('/sitemap-pages.xml')
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.hour)
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/urlset/);
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('should serve sitemap-tags.xml', async function () {
|
|
await request.get('/sitemap-tags.xml')
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.hour)
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/urlset/);
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('should serve sitemap-users.xml', async function () {
|
|
await request.get('/sitemap-users.xml')
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.hour)
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/urlset/);
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
|
|
it('should serve sitemap.xsl', async function () {
|
|
await request.get('/sitemap.xsl')
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.day)
|
|
.expect('Content-Type', 'text/xsl')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/urlset/);
|
|
res.text.should.not.containEql('__GHOST_URL__');
|
|
});
|
|
});
|
|
});
|
|
|
|
describe('Private Blogging', function () {
|
|
beforeEach(function () {
|
|
sinon.stub(settingsCache, 'get').callsFake(function (key, options) {
|
|
if (key === 'is_private') {
|
|
return true;
|
|
}
|
|
return origCache.get(key, options);
|
|
});
|
|
});
|
|
|
|
it('/ should redirect to /private/', async function () {
|
|
await request.get('/')
|
|
.expect('Location', '/private/?r=%2F')
|
|
.expect(302)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
it('/welcome/ should redirect to /private/', async function () {
|
|
await request.get('/welcome/')
|
|
.expect('Location', '/private/?r=%2Fwelcome%2F')
|
|
.expect(302)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
it('/private/?r=%2Fwelcome%2F should not redirect', async function () {
|
|
await request.get('/private/?r=%2Fwelcome%2F')
|
|
.expect(200)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
it('should redirect, NOT 404 for private route with extra path', async function () {
|
|
await request.get('/private/welcome/')
|
|
.expect('Location', '/private/?r=%2Fprivate%2Fwelcome%2F')
|
|
.expect(302)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
it('should still serve private RSS feed', async function () {
|
|
await request.get(`/${settingsCache.get('public_hash')}/rss/`)
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/<!\[CDATA\[Start here for a quick overview of everything you need to know\]\]>/);
|
|
});
|
|
});
|
|
|
|
it('should still serve private tag RSS feed', async function () {
|
|
await request.get(`/tag/getting-started/${settingsCache.get('public_hash')}/rss/`)
|
|
.expect(200)
|
|
.expect('Cache-Control', testUtils.cacheRules.private)
|
|
.expect('Content-Type', 'text/xml; charset=utf-8')
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match(/<!\[CDATA\[Start here for a quick overview of everything you need to know\]\]>/);
|
|
});
|
|
});
|
|
|
|
it('should redirect, NOT 404 for private tag RSS feed with extra path', async function () {
|
|
await request.get(`/tag/getting-started/${settingsCache.get('public_hash')}/rss/hack/`)
|
|
.expect('Location', `/private/?r=%2Ftag%2Fgetting-started%2F${settingsCache.get('public_hash')}%2Frss%2Fhack%2F`)
|
|
.expect(302)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
// NOTE: this case is covered by extra error handling, and cannot be unit tested
|
|
it('should redirect, NOT 404 for unknown private RSS feed', async function () {
|
|
// NOTE: the redirect will be to /hack/rss because we strip the hash from the URL before trying to serve RSS
|
|
// This isn't ideal, but it's better to expose this internal logic than it is a 404 page
|
|
await request.get(`/hack/${settingsCache.get('public_hash')}/rss/`)
|
|
.expect('Location', '/private/?r=%2Fhack%2Frss%2F')
|
|
.expect(302)
|
|
.expect(assertCorrectFrontendHeaders);
|
|
});
|
|
|
|
// NOTE: this test extends the unit test, checking that there is no other robots.txt middleware overriding private blogging
|
|
it('should serve private robots.txt', async function () {
|
|
await request.get('/robots.txt')
|
|
.expect('Cache-Control', 'public, max-age=3600000')
|
|
.expect(200)
|
|
.expect(assertCorrectFrontendHeaders)
|
|
.expect((res) => {
|
|
res.text.should.match('User-agent: *\nDisallow: /');
|
|
});
|
|
});
|
|
});
|
|
});
|