diff options
author | Robert May <rmay@gitlab.com> | 2021-01-04 13:18:04 +0300 |
---|---|---|
committer | Grzegorz Bizon <grzegorz@gitlab.com> | 2021-01-04 13:18:04 +0300 |
commit | 9b24a32856bcdfbc16961af9b2e9da63391e9ee8 (patch) | |
tree | 76b7f91ba90972794c53d1d5ffdef0b38f21a84d /test/acceptance | |
parent | 21066de52d7f7af759bdf2395694c935110da1bb (diff) |
Fix for query strings being stripped
This ensures the query string is persisted when redirecting
to add a trailing slash.
Diffstat (limited to 'test/acceptance')
-rw-r--r-- | test/acceptance/auth_test.go | 95 | ||||
-rw-r--r-- | test/acceptance/serving_test.go | 19 |
2 files changed, 75 insertions, 39 deletions
diff --git a/test/acceptance/auth_test.go b/test/acceptance/auth_test.go index e4c621cf..b2233591 100644 --- a/test/acceptance/auth_test.go +++ b/test/acceptance/auth_test.go @@ -189,60 +189,77 @@ func TestAccessControlUnderCustomDomain(t *testing.T) { teardown := RunPagesProcessWithAuthServer(t, *pagesBinary, listeners, "", testServer.URL) defer teardown() - rsp, err := GetRedirectPage(t, httpListener, "private.domain.com", "/") - require.NoError(t, err) - defer rsp.Body.Close() + tests := map[string]struct { + domain string + path string + }{ + "private_domain": { + domain: "private.domain.com", + path: "", + }, + "private_domain_with_query": { + domain: "private.domain.com", + path: "?q=test", + }, + } + for name, tt := range tests { + t.Run(name, func(t *testing.T) { + rsp, err := GetRedirectPage(t, httpListener, tt.domain, tt.path) + require.NoError(t, err) + defer rsp.Body.Close() - cookie := rsp.Header.Get("Set-Cookie") + cookie := rsp.Header.Get("Set-Cookie") - url, err := url.Parse(rsp.Header.Get("Location")) - require.NoError(t, err) + url, err := url.Parse(rsp.Header.Get("Location")) + require.NoError(t, err) - state := url.Query().Get("state") - require.Equal(t, url.Query().Get("domain"), "http://private.domain.com") + state := url.Query().Get("state") + require.Equal(t, "http://"+tt.domain, url.Query().Get("domain")) - pagesrsp, err := GetRedirectPage(t, httpListener, url.Host, url.Path+"?"+url.RawQuery) - require.NoError(t, err) - defer pagesrsp.Body.Close() + pagesrsp, err := GetRedirectPage(t, httpListener, url.Host, url.Path+"?"+url.RawQuery) + require.NoError(t, err) + defer pagesrsp.Body.Close() - pagescookie := pagesrsp.Header.Get("Set-Cookie") + pagescookie := pagesrsp.Header.Get("Set-Cookie") - // Go to auth page with correct state will cause fetching the token - authrsp, err := GetRedirectPageWithCookie(t, httpListener, "projects.gitlab-example.com", "/auth?code=1&state="+ - state, pagescookie) + // Go to auth page with correct state will cause fetching the token + authrsp, err := GetRedirectPageWithCookie(t, httpListener, tt.domain, "/auth?code=1&state="+ + state, pagescookie) - require.NoError(t, err) - defer authrsp.Body.Close() + require.NoError(t, err) + defer authrsp.Body.Close() - url, err = url.Parse(authrsp.Header.Get("Location")) - require.NoError(t, err) + url, err = url.Parse(authrsp.Header.Get("Location")) + require.NoError(t, err) - // Will redirect to custom domain - require.Equal(t, "private.domain.com", url.Host) - require.Equal(t, "1", url.Query().Get("code")) - require.Equal(t, state, url.Query().Get("state")) + // Will redirect to custom domain + require.Equal(t, tt.domain, url.Host) + require.Equal(t, "1", url.Query().Get("code")) + require.Equal(t, state, url.Query().Get("state")) - // Run auth callback in custom domain - authrsp, err = GetRedirectPageWithCookie(t, httpListener, "private.domain.com", "/auth?code=1&state="+ - state, cookie) + // Run auth callback in custom domain + authrsp, err = GetRedirectPageWithCookie(t, httpListener, tt.domain, "/auth?code=1&state="+ + state, cookie) - require.NoError(t, err) - defer authrsp.Body.Close() + require.NoError(t, err) + defer authrsp.Body.Close() - // Will redirect to the page - cookie = authrsp.Header.Get("Set-Cookie") - require.Equal(t, http.StatusFound, authrsp.StatusCode) + // Will redirect to the page + cookie = authrsp.Header.Get("Set-Cookie") + require.Equal(t, http.StatusFound, authrsp.StatusCode) - url, err = url.Parse(authrsp.Header.Get("Location")) - require.NoError(t, err) + url, err = url.Parse(authrsp.Header.Get("Location")) + require.NoError(t, err) - // Will redirect to custom domain - require.Equal(t, "http://private.domain.com/", url.String()) + // Will redirect to custom domain + require.Equal(t, "http://"+tt.domain+"/"+tt.path, url.String()) - // Fetch page in custom domain - authrsp, err = GetRedirectPageWithCookie(t, httpListener, "private.domain.com", "/", cookie) - require.NoError(t, err) - require.Equal(t, http.StatusOK, authrsp.StatusCode) + // Fetch page in custom domain + authrsp, err = GetRedirectPageWithCookie(t, httpListener, tt.domain, tt.path, cookie) + require.NoError(t, err) + require.Equal(t, http.StatusOK, authrsp.StatusCode) + }) + } } func TestCustomErrorPageWithAuth(t *testing.T) { diff --git a/test/acceptance/serving_test.go b/test/acceptance/serving_test.go index da2843a0..66b5fa47 100644 --- a/test/acceptance/serving_test.go +++ b/test/acceptance/serving_test.go @@ -552,3 +552,22 @@ func doCrossOriginRequest(t *testing.T, spec ListenSpec, method, reqMethod, url rsp.Body.Close() return rsp } + +func TestQueryStringPersistedInSlashRewrite(t *testing.T) { + skipUnlessEnabled(t) + teardown := RunPagesProcess(t, *pagesBinary, listeners, "") + defer teardown() + + rsp, err := GetRedirectPage(t, httpsListener, "group.gitlab-example.com", "project?q=test") + require.NoError(t, err) + defer rsp.Body.Close() + + require.Equal(t, http.StatusFound, rsp.StatusCode) + require.Equal(t, 1, len(rsp.Header["Location"])) + require.Equal(t, "//group.gitlab-example.com/project/?q=test", rsp.Header.Get("Location")) + + rsp, err = GetPageFromListener(t, httpsListener, "group.gitlab-example.com", "project/?q=test") + require.NoError(t, err) + defer rsp.Body.Close() + require.Equal(t, http.StatusOK, rsp.StatusCode) +} |