mirror of
https://github.com/onionshare/onionshare.git
synced 2025-08-03 11:56:06 -04:00
Register the 405 error handler properly. Enforce the appropriate methods for each route (GET or POST only, with OPTIONS disabled). Add tests for invalid methods. Add a friendlier 500 internal server error handler
This commit is contained in:
parent
e067fc2963
commit
2618e89eda
11 changed files with 120 additions and 13 deletions
|
@ -452,6 +452,20 @@ class GuiBaseTest(unittest.TestCase):
|
|||
# We should have timed out now
|
||||
self.assertEqual(tab.get_mode().server_status.status, 0)
|
||||
|
||||
def hit_405(self, url, expected_resp, data = {}, methods = [] ):
|
||||
"""Test various HTTP methods and the response"""
|
||||
for method in methods:
|
||||
if method == "put":
|
||||
r = requests.put(url, data = data)
|
||||
if method == "post":
|
||||
r = requests.post(url, data = data)
|
||||
if method == "delete":
|
||||
r = requests.delete(url)
|
||||
if method == "options":
|
||||
r = requests.options(url)
|
||||
self.assertTrue(expected_resp in r.text)
|
||||
self.assertFalse('Werkzeug' in r.headers)
|
||||
|
||||
# Grouped tests follow from here
|
||||
|
||||
def run_all_common_setup_tests(self):
|
||||
|
|
|
@ -286,3 +286,19 @@ class TestReceive(GuiBaseTest):
|
|||
self.run_all_upload_non_writable_dir_tests(tab)
|
||||
|
||||
self.close_all_tabs()
|
||||
|
||||
def test_405_page_returned_for_invalid_methods(self):
|
||||
"""
|
||||
Our custom 405 page should return for invalid methods
|
||||
"""
|
||||
tab = self.new_receive_tab()
|
||||
|
||||
tab.get_mode().mode_settings_widget.public_checkbox.click()
|
||||
|
||||
self.run_all_common_setup_tests()
|
||||
self.run_all_receive_mode_setup_tests(tab)
|
||||
self.run_all_receive_mode_tests(tab)
|
||||
url = f"http://127.0.0.1:{tab.app.port}/"
|
||||
self.hit_405(url, expected_resp="OnionShare: 405 Method Not Allowed", data = {'foo':'bar'}, methods = ["put", "post", "delete", "options"])
|
||||
|
||||
self.close_all_tabs()
|
||||
|
|
|
@ -608,3 +608,20 @@ class TestShare(GuiBaseTest):
|
|||
self.hit_401(tab)
|
||||
|
||||
self.close_all_tabs()
|
||||
|
||||
def test_405_page_returned_for_invalid_methods(self):
|
||||
"""
|
||||
Our custom 405 page should return for invalid methods
|
||||
"""
|
||||
tab = self.new_share_tab()
|
||||
|
||||
tab.get_mode().autostop_sharing_checkbox.click()
|
||||
tab.get_mode().mode_settings_widget.public_checkbox.click()
|
||||
|
||||
self.run_all_common_setup_tests()
|
||||
self.run_all_share_mode_setup_tests(tab)
|
||||
self.run_all_share_mode_started_tests(tab)
|
||||
url = f"http://127.0.0.1:{tab.app.port}/"
|
||||
self.hit_405(url, expected_resp="OnionShare: 405 Method Not Allowed", data = {'foo':'bar'}, methods = ["put", "post", "delete", "options"])
|
||||
self.history_widgets_present(tab)
|
||||
self.close_all_tabs()
|
||||
|
|
|
@ -99,3 +99,19 @@ class TestWebsite(GuiBaseTest):
|
|||
tab.get_mode().disable_csp_checkbox.click()
|
||||
self.run_all_website_mode_download_tests(tab)
|
||||
self.close_all_tabs()
|
||||
|
||||
def test_405_page_returned_for_invalid_methods(self):
|
||||
"""
|
||||
Our custom 405 page should return for invalid methods
|
||||
"""
|
||||
tab = self.new_website_tab()
|
||||
|
||||
tab.get_mode().mode_settings_widget.public_checkbox.click()
|
||||
|
||||
self.run_all_common_setup_tests()
|
||||
self.run_all_website_mode_setup_tests(tab)
|
||||
self.run_all_website_mode_started_tests(tab)
|
||||
url = f"http://127.0.0.1:{tab.app.port}/"
|
||||
self.hit_405(url, expected_resp="OnionShare: 405 Method Not Allowed", data = {'foo':'bar'}, methods = ["put", "delete", "options"])
|
||||
|
||||
self.close_all_tabs()
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue