diff options
Diffstat (limited to 'spec/initializers/rack_multipart_patch_spec.rb')
| -rw-r--r-- | spec/initializers/rack_multipart_patch_spec.rb | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/spec/initializers/rack_multipart_patch_spec.rb b/spec/initializers/rack_multipart_patch_spec.rb new file mode 100644 index 00000000000..862fdc7901b --- /dev/null +++ b/spec/initializers/rack_multipart_patch_spec.rb @@ -0,0 +1,79 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe Rack::Multipart do # rubocop:disable RSpec/FilePath + def multipart_fixture(name, length, boundary = "AaB03x") + data = <<EOF +--#{boundary}\r +content-disposition: form-data; name="reply"\r +\r +yes\r +--#{boundary}\r +content-disposition: form-data; name="fileupload"; filename="dj.jpg"\r +Content-Type: image/jpeg\r +Content-Transfer-Encoding: base64\r +\r +/9j/4AAQSkZJRgABAQAAAQABAAD//gA+Q1JFQVRPUjogZ2QtanBlZyB2MS4wICh1c2luZyBJSkcg\r +--#{boundary}--\r +EOF + + type = %(multipart/form-data; boundary=#{boundary}) + + length ||= data.bytesize + + { + "CONTENT_TYPE" => type, + "CONTENT_LENGTH" => length.to_s, + input: StringIO.new(data) + } + end + + context 'with Content-Length under the limit' do + it 'extracts multipart message' do + env = Rack::MockRequest.env_for("/", multipart_fixture(:text, nil)) + + expect(described_class).to receive(:log_large_multipart?).and_call_original + expect(described_class).not_to receive(:log_multipart_warning) + params = described_class.parse_multipart(env) + + expect(params.keys).to include(*%w(reply fileupload)) + end + end + + context 'with Content-Length over the limit' do + shared_examples 'logs multipart message' do + it 'extracts multipart message' do + env = Rack::MockRequest.env_for("/", multipart_fixture(:text, length)) + + expect(described_class).to receive(:log_large_multipart?).and_return(true) + expect(described_class).to receive(:log_multipart_warning).and_call_original + expect(described_class).to receive(:log_warn).with({ + message: 'Large multipart body detected', + path: '/', + content_length: anything, + correlation_id: anything + }) + params = described_class.parse_multipart(env) + + expect(params.keys).to include(*%w(reply fileupload)) + end + end + + context 'from environment' do + let(:length) { 1001 } + + before do + stub_env('RACK_MULTIPART_LOGGING_BYTES', 1000) + end + + it_behaves_like 'logs multipart message' + end + + context 'default limit' do + let(:length) { 100_000_001 } + + it_behaves_like 'logs multipart message' + end + end +end |