From 88e1154f726aba6e3a36ad3f31cd78fa3c9313c5 Mon Sep 17 00:00:00 2001 From: Jaime Martinez Date: Wed, 13 Oct 2021 11:35:45 +1100 Subject: refactor: remove WithProxied setting --- test/acceptance/helpers_test.go | 7 +++--- test/acceptance/ratelimiter_test.go | 46 +++++++++++++++++++------------------ 2 files changed, 27 insertions(+), 26 deletions(-) (limited to 'test') diff --git a/test/acceptance/helpers_test.go b/test/acceptance/helpers_test.go index e600a9e5..4abbe33d 100644 --- a/test/acceptance/helpers_test.go +++ b/test/acceptance/helpers_test.go @@ -399,18 +399,17 @@ func GetCompressedPageFromListener(t *testing.T, spec ListenSpec, host, urlsuffi return DoPagesRequest(t, spec, req) } -func GetPageFromListenerWithRemoteAddrAndXFF(t *testing.T, spec ListenSpec, host, urlsuffix, xForwardedFor, xForwardedHost string) (*http.Response, error) { +func GetPageFromListenerWithHeaders(t *testing.T, spec ListenSpec, host, urlSuffix string, header http.Header) (*http.Response, error) { t.Helper() - url := spec.URL(urlsuffix) + url := spec.URL(urlSuffix) req, err := http.NewRequest("GET", url, nil) if err != nil { return nil, err } req.Host = host - req.Header.Set("X-Forwarded-For", xForwardedFor) - req.Header.Set("X-Forwarded-Host", xForwardedHost) + req.Header = header return DoPagesRequest(t, spec, req) } diff --git a/test/acceptance/ratelimiter_test.go b/test/acceptance/ratelimiter_test.go index 8f96d74b..2986d46b 100644 --- a/test/acceptance/ratelimiter_test.go +++ b/test/acceptance/ratelimiter_test.go @@ -12,24 +12,22 @@ import ( ) func TestSourceIPRateLimitMiddleware(t *testing.T) { - testhelpers.EnableRateLimiter(t) + testhelpers.SetEnvironmentVariable(t, testhelpers.FFEnableRateLimiter, "true") tcs := map[string]struct { - listener ListenSpec - rateLimit float64 - rateBurst string - blockedIP string - xForwardedHost string - xForwardedFor string - expectFail bool - sleep time.Duration + listener ListenSpec + rateLimit float64 + rateBurst string + blockedIP string + header http.Header + expectFail bool + sleep time.Duration }{ "http_slow_requests_should_not_be_blocked": { listener: httpListener, rateLimit: 1000, // RunPagesProcess makes one request, so we need to allow a burst of 2 // because r.RemoteAddr == 127.0.0.1 and X-Forwarded-For is ignored for non-proxy requests - // TODO: consider using X-Real-IP https://gitlab.com/gitlab-org/gitlab-pages/-/issues/644 rateBurst: "2", sleep: 10 * time.Millisecond, }, @@ -43,10 +41,12 @@ func TestSourceIPRateLimitMiddleware(t *testing.T) { listener: proxyListener, rateLimit: 1000, // listen-proxy uses X-Forwarded-For - rateBurst: "1", - xForwardedFor: "172.16.123.1", - xForwardedHost: "group.gitlab-example.com", - sleep: 10 * time.Millisecond, + rateBurst: "1", + header: http.Header{ + "X-Forwarded-For": []string{"172.16.123.1"}, + "X-Forwarded-Host": []string{"group.gitlab-example.com"}, + }, + sleep: 10 * time.Millisecond, }, "proxyv2_slow_requests_should_not_be_blocked": { listener: httpsProxyv2Listener, @@ -69,13 +69,15 @@ func TestSourceIPRateLimitMiddleware(t *testing.T) { blockedIP: "127.0.0.1", }, "proxy_fast_requests_blocked_after_burst": { - listener: proxyListener, - rateLimit: 1, - rateBurst: "1", - xForwardedFor: "172.16.123.1", - xForwardedHost: "group.gitlab-example.com", - expectFail: true, - blockedIP: "172.16.123.1", + listener: proxyListener, + rateLimit: 1, + rateBurst: "1", + header: http.Header{ + "X-Forwarded-For": []string{"172.16.123.1"}, + "X-Forwarded-Host": []string{"group.gitlab-example.com"}, + }, + expectFail: true, + blockedIP: "172.16.123.1", }, "proxyv2_fast_requests_blocked_after_burst": { listener: httpsProxyv2Listener, @@ -96,7 +98,7 @@ func TestSourceIPRateLimitMiddleware(t *testing.T) { ) for i := 0; i < 5; i++ { - rsp, err := GetPageFromListenerWithRemoteAddrAndXFF(t, tc.listener, "group.gitlab-example.com", "project/", tc.xForwardedFor, tc.xForwardedHost) + rsp, err := GetPageFromListenerWithHeaders(t, tc.listener, "group.gitlab-example.com", "project/", tc.header) require.NoError(t, err) rsp.Body.Close() -- cgit v1.2.3