feat: add WebSocket origin checker
This commit is contained in:
82
tests/NATS.Server.Tests/WebSocket/WsOriginCheckerTests.cs
Normal file
82
tests/NATS.Server.Tests/WebSocket/WsOriginCheckerTests.cs
Normal file
@@ -0,0 +1,82 @@
|
||||
using NATS.Server.WebSocket;
|
||||
using Shouldly;
|
||||
|
||||
namespace NATS.Server.Tests.WebSocket;
|
||||
|
||||
public class WsOriginCheckerTests
|
||||
{
|
||||
[Fact]
|
||||
public void NoOriginHeader_Accepted()
|
||||
{
|
||||
var checker = new WsOriginChecker(sameOrigin: true, allowedOrigins: null);
|
||||
checker.CheckOrigin(origin: null, requestHost: "localhost:4222", isTls: false)
|
||||
.ShouldBeNull();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void NeitherSameNorList_AlwaysAccepted()
|
||||
{
|
||||
var checker = new WsOriginChecker(sameOrigin: false, allowedOrigins: null);
|
||||
checker.CheckOrigin("https://evil.com", "localhost:4222", false)
|
||||
.ShouldBeNull();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void SameOrigin_Match()
|
||||
{
|
||||
var checker = new WsOriginChecker(sameOrigin: true, allowedOrigins: null);
|
||||
checker.CheckOrigin("http://localhost:4222", "localhost:4222", false)
|
||||
.ShouldBeNull();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void SameOrigin_Mismatch()
|
||||
{
|
||||
var checker = new WsOriginChecker(sameOrigin: true, allowedOrigins: null);
|
||||
checker.CheckOrigin("http://other:4222", "localhost:4222", false)
|
||||
.ShouldNotBeNull();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void SameOrigin_DefaultPort_Http()
|
||||
{
|
||||
var checker = new WsOriginChecker(sameOrigin: true, allowedOrigins: null);
|
||||
checker.CheckOrigin("http://localhost", "localhost:80", false)
|
||||
.ShouldBeNull();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void SameOrigin_DefaultPort_Https()
|
||||
{
|
||||
var checker = new WsOriginChecker(sameOrigin: true, allowedOrigins: null);
|
||||
checker.CheckOrigin("https://localhost", "localhost:443", true)
|
||||
.ShouldBeNull();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void AllowedOrigins_Match()
|
||||
{
|
||||
var checker = new WsOriginChecker(sameOrigin: false,
|
||||
allowedOrigins: ["https://app.example.com"]);
|
||||
checker.CheckOrigin("https://app.example.com", "localhost:4222", false)
|
||||
.ShouldBeNull();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void AllowedOrigins_Mismatch()
|
||||
{
|
||||
var checker = new WsOriginChecker(sameOrigin: false,
|
||||
allowedOrigins: ["https://app.example.com"]);
|
||||
checker.CheckOrigin("https://evil.example.com", "localhost:4222", false)
|
||||
.ShouldNotBeNull();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void AllowedOrigins_SchemeMismatch()
|
||||
{
|
||||
var checker = new WsOriginChecker(sameOrigin: false,
|
||||
allowedOrigins: ["https://app.example.com"]);
|
||||
checker.CheckOrigin("http://app.example.com", "localhost:4222", false)
|
||||
.ShouldNotBeNull();
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user