mirror of
https://github.com/PostHog/posthog.git
synced 2024-11-29 03:04:16 +01:00
b7fe004d6b
* chore(plugin-server): Validate fetch hostnames * Only apply Python host check on Cloud * Update tests to use valid hook URLs * Only apply plugin server host check in prod * Update URLs in a couple more tests * Only check hostnames on Cloud and remove port check * Fix fetch mocking * Roll out hostname guard per project * Fix fetch call assertions * Make `fetchHostnameGuardTeams` optional
41 lines
2.1 KiB
TypeScript
41 lines
2.1 KiB
TypeScript
import { FetchError } from 'node-fetch'
|
|
|
|
import { raiseIfUserProvidedUrlUnsafe } from '../../src/utils/fetch'
|
|
|
|
test('raiseIfUserProvidedUrlUnsafe', async () => {
|
|
// Sync test cases with posthog/api/test/test_utils.py
|
|
await raiseIfUserProvidedUrlUnsafe('https://google.com?q=20') // Safe
|
|
await raiseIfUserProvidedUrlUnsafe('https://posthog.com') // Safe
|
|
await raiseIfUserProvidedUrlUnsafe('https://posthog.com/foo/bar') // Safe, with path
|
|
await raiseIfUserProvidedUrlUnsafe('https://posthog.com:443') // Safe, good port
|
|
await raiseIfUserProvidedUrlUnsafe('https://1.1.1.1') // Safe, public IP
|
|
await expect(raiseIfUserProvidedUrlUnsafe('')).rejects.toThrow(new FetchError('Invalid URL', 'posthog-host-guard'))
|
|
await expect(raiseIfUserProvidedUrlUnsafe('@@@')).rejects.toThrow(
|
|
new FetchError('Invalid URL', 'posthog-host-guard')
|
|
)
|
|
await expect(raiseIfUserProvidedUrlUnsafe('posthog.com')).rejects.toThrow(
|
|
new FetchError('Invalid URL', 'posthog-host-guard')
|
|
)
|
|
await expect(raiseIfUserProvidedUrlUnsafe('ftp://posthog.com')).rejects.toThrow(
|
|
new FetchError('Scheme must be either HTTP or HTTPS', 'posthog-host-guard')
|
|
)
|
|
await expect(raiseIfUserProvidedUrlUnsafe('http://localhost')).rejects.toThrow(
|
|
new FetchError('Internal hostname', 'posthog-host-guard')
|
|
)
|
|
await expect(raiseIfUserProvidedUrlUnsafe('http://192.168.0.5')).rejects.toThrow(
|
|
new FetchError('Internal hostname', 'posthog-host-guard')
|
|
)
|
|
await expect(raiseIfUserProvidedUrlUnsafe('http://0.0.0.0')).rejects.toThrow(
|
|
new FetchError('Internal hostname', 'posthog-host-guard')
|
|
)
|
|
await expect(raiseIfUserProvidedUrlUnsafe('http://10.0.0.24')).rejects.toThrow(
|
|
new FetchError('Internal hostname', 'posthog-host-guard')
|
|
)
|
|
await expect(raiseIfUserProvidedUrlUnsafe('http://172.20.0.21')).rejects.toThrow(
|
|
new FetchError('Internal hostname', 'posthog-host-guard')
|
|
)
|
|
await expect(raiseIfUserProvidedUrlUnsafe('http://fgtggggzzggggfd.com')).rejects.toThrow(
|
|
new FetchError('Invalid hostname', 'posthog-host-guard')
|
|
)
|
|
})
|