diff options
author | Alexander Shorin <kxepal@apache.org> | 2014-06-10 19:54:20 +0400 |
---|---|---|
committer | Alexander Shorin <kxepal@apache.org> | 2014-06-17 01:41:45 +0400 |
commit | fafbee9c90b901569c9ba609d8574e15a1a93d10 (patch) | |
tree | 58e75747e1aff4dbbc0793ff9cccc4b3f878661b | |
parent | 9b2525b6c4a98cd49545b98f313c2b94c49c0f6d (diff) | |
download | couchdb-fafbee9c90b901569c9ba609d8574e15a1a93d10.tar.gz |
Port 232-csp.t etap test suite to eunit
-rw-r--r-- | test/couchdb/Makefile.am | 1 | ||||
-rw-r--r-- | test/couchdb/couchdb_csp_tests.erl | 96 | ||||
-rw-r--r-- | test/etap/232-csp.t | 85 |
3 files changed, 97 insertions, 85 deletions
diff --git a/test/couchdb/Makefile.am b/test/couchdb/Makefile.am index 08ff76aad..dcb8fa48d 100644 --- a/test/couchdb/Makefile.am +++ b/test/couchdb/Makefile.am @@ -42,6 +42,7 @@ eunit_files = \ couchdb_attachments_tests.erl \ couchdb_compaction_daemon.erl \ couchdb_cors_tests.erl \ + couchdb_csp_tests.erl \ couchdb_file_compression_tests.erl \ couchdb_http_proxy_tests.erl \ couchdb_modules_load_tests.erl \ diff --git a/test/couchdb/couchdb_csp_tests.erl b/test/couchdb/couchdb_csp_tests.erl new file mode 100644 index 000000000..adb0e6d2a --- /dev/null +++ b/test/couchdb/couchdb_csp_tests.erl @@ -0,0 +1,96 @@ +% Licensed under the Apache License, Version 2.0 (the "License"); you may not +% use this file except in compliance with the License. You may obtain a copy of +% the License at +% +% http://www.apache.org/licenses/LICENSE-2.0 +% +% Unless required by applicable law or agreed to in writing, software +% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +% License for the specific language governing permissions and limitations under +% the License. + +-module(couchdb_csp_tests). + +-include("couch_eunit.hrl"). + +-define(TIMEOUT, 1000). + + +start() -> + {ok, Pid} = couch_server_sup:start_link(?CONFIG_CHAIN), + Pid. + +stop(Pid) -> + couch_server_sup:stop(), + erlang:monitor(process, Pid), + receive + {'DOWN', _, _, Pid, _} -> + ok + after ?TIMEOUT -> + throw({timeout, server_stop}) + end. + +setup() -> + ok = couch_config:set("csp", "enable", "true", false), + Addr = couch_config:get("httpd", "bind_address", "127.0.0.1"), + Port = integer_to_list(mochiweb_socket_server:get(couch_httpd, port)), + lists:concat(["http://", Addr, ":", Port, "/_utils/"]). + +teardown(_) -> + ok. + + +csp_test_() -> + { + "Content Security Policy tests", + { + setup, + fun start/0, fun stop/1, + { + foreach, + fun setup/0, fun teardown/1, + [ + fun should_not_return_any_csp_headers_when_disabled/1, + fun should_apply_default_policy/1, + fun should_return_custom_policy/1, + fun should_only_enable_csp_when_true/1 + ] + } + } + }. + + +should_not_return_any_csp_headers_when_disabled(Url) -> + ?_assertEqual(undefined, + begin + ok = couch_config:set("csp", "enable", "false", false), + {ok, _, Headers, _} = test_request:get(Url), + proplists:get_value("Content-Security-Policy", Headers) + end). + +should_apply_default_policy(Url) -> + ?_assertEqual( + "default-src 'self'; img-src 'self'; font-src 'self'; " + "script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';", + begin + {ok, _, Headers, _} = test_request:get(Url), + proplists:get_value("Content-Security-Policy", Headers) + end). + +should_return_custom_policy(Url) -> + ?_assertEqual("default-src 'http://example.com';", + begin + ok = couch_config:set("csp", "header_value", + "default-src 'http://example.com';", false), + {ok, _, Headers, _} = test_request:get(Url), + proplists:get_value("Content-Security-Policy", Headers) + end). + +should_only_enable_csp_when_true(Url) -> + ?_assertEqual(undefined, + begin + ok = couch_config:set("csp", "enable", "tru", false), + {ok, _, Headers, _} = test_request:get(Url), + proplists:get_value("Content-Security-Policy", Headers) + end). diff --git a/test/etap/232-csp.t b/test/etap/232-csp.t deleted file mode 100644 index 6dbce6aa0..000000000 --- a/test/etap/232-csp.t +++ /dev/null @@ -1,85 +0,0 @@ -#!/usr/bin/env escript -%% -*- erlang -*- - -% Licensed under the Apache License, Version 2.0 (the "License"); you may not -% use this file except in compliance with the License. You may obtain a copy of -% the License at -% -% http://www.apache.org/licenses/LICENSE-2.0 -% -% Unless required by applicable law or agreed to in writing, software -% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -% License for the specific language governing permissions and limitations under -% the License. - -server() -> - lists:concat([ - "http://127.0.0.1:", - mochiweb_socket_server:get(couch_httpd, port), - "/_utils/" - ]). - - -main(_) -> - test_util:init_code_path(), - - etap:plan(3), - case (catch test()) of - ok -> - etap:end_tests(); - Other -> - etap:diag(io_lib:format("Test died abnormally: ~p", [Other])), - etap:bail(Other) - end, - ok. - -test() -> - %% launch couchdb - couch_server_sup:start_link(test_util:config_files()), - - % CSP is disabled by default - test_no_csp_headers_server(), - - % Now enable CSP - ok = couch_config:set("csp", "enable", "true", false), - - test_default_header_value(), - - ok = couch_config:set("csp", "header_value", "default-src 'http://example.com';", false), - test_custom_header_value(), - - % Disabled on all other values than true - ok = couch_config:set("csp", "enable", "blerg", false), - test_all_other_values_for_enable(), - - timer:sleep(3000), - couch_server_sup:stop(), - ok. - -test_no_csp_headers_server() -> - Headers = [{"Origin", "http://127.0.0.1"}], - {ok, _, Resp, _} = ibrowse:send_req(server(), Headers, get, []), - etap:is(proplists:get_value("Content-Security-Policy", Resp), - undefined, "No CSP Headers when disabled"). - -test_default_header_value() -> - Headers = [{"Origin", "http://127.0.0.1"}], - {ok, _, Resp, _} = ibrowse:send_req(server(), Headers, get, []), - etap:is(proplists:get_value("Content-Security-Policy", Resp), - "default-src 'self'; img-src 'self'; font-src 'self'; " - "script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';", - "Default CSP Headers when enabled"). - -test_custom_header_value() -> - Headers = [{"Origin", "http://127.0.0.1"}], - {ok, _, Resp, _} = ibrowse:send_req(server(), Headers, get, []), - etap:is(proplists:get_value("Content-Security-Policy", Resp), - "default-src 'http://example.com';", - "Custom CSP Headers possible"). - -test_all_other_values_for_enable() -> - Headers = [{"Origin", "http://127.0.0.1"}], - {ok, _, Resp, _} = ibrowse:send_req(server(), Headers, get, []), - etap:is(proplists:get_value("Content-Security-Policy", Resp), - undefined, "No CSP Headers when wrong value given"). |