Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

226 lines (172 sloc) 6.524 kB
require 'minitest/autorun'
require 'rack/file'
require 'rack/lint'
require 'rack/mock'
describe Rack::File do
DOCROOT = File.expand_path(File.dirname(__FILE__)) unless defined? DOCROOT
def file(*args)
Rack::Lint.new Rack::File.new(*args)
end
it "serve files" do
res = Rack::MockRequest.new(file(DOCROOT)).get("/cgi/test")
res.must_be :ok?
assert_match(res, /ruby/)
end
it "set Last-Modified header" do
res = Rack::MockRequest.new(file(DOCROOT)).get("/cgi/test")
path = File.join(DOCROOT, "/cgi/test")
res.must_be :ok?
res["Last-Modified"].must_equal File.mtime(path).httpdate
end
it "return 304 if file isn't modified since last serve" do
path = File.join(DOCROOT, "/cgi/test")
res = Rack::MockRequest.new(file(DOCROOT)).
get("/cgi/test", 'HTTP_IF_MODIFIED_SINCE' => File.mtime(path).httpdate)
res.status.must_equal 304
res.body.must_be :empty?
end
it "return the file if it's modified since last serve" do
path = File.join(DOCROOT, "/cgi/test")
res = Rack::MockRequest.new(file(DOCROOT)).
get("/cgi/test", 'HTTP_IF_MODIFIED_SINCE' => (File.mtime(path) - 100).httpdate)
res.must_be :ok?
end
it "serve files with URL encoded filenames" do
res = Rack::MockRequest.new(file(DOCROOT)).get("/cgi/%74%65%73%74") # "/cgi/test"
res.must_be :ok?
# res.must_match(/ruby/) # nope
# (/ruby/).must_match res # This is wierd, but an oddity of minitest
# assert_match(/ruby/, res) # nope
assert_match(res, /ruby/)
end
it "allow safe directory traversal" do
req = Rack::MockRequest.new(file(DOCROOT))
res = req.get('/cgi/../cgi/test')
res.must_be :successful?
res = req.get('.')
res.must_be :not_found?
res = req.get("test/..")
res.must_be :not_found?
end
it "not allow unsafe directory traversal" do
req = Rack::MockRequest.new(file(DOCROOT))
res = req.get("/../README.rdoc")
res.must_be :client_error?
res = req.get("../test/spec_file.rb")
res.must_be :client_error?
res = req.get("../README.rdoc")
res.must_be :client_error?
res.must_be :not_found?
end
it "allow files with .. in their name" do
req = Rack::MockRequest.new(file(DOCROOT))
res = req.get("/cgi/..test")
res.must_be :not_found?
res = req.get("/cgi/test..")
res.must_be :not_found?
res = req.get("/cgi../test..")
res.must_be :not_found?
end
it "not allow unsafe directory traversal with encoded periods" do
res = Rack::MockRequest.new(file(DOCROOT)).get("/%2E%2E/README")
res.must_be :client_error?
res.must_be :not_found?
end
it "allow safe directory traversal with encoded periods" do
res = Rack::MockRequest.new(file(DOCROOT)).get("/cgi/%2E%2E/cgi/test")
res.must_be :successful?
end
it "404 if it can't find the file" do
res = Rack::MockRequest.new(file(DOCROOT)).get("/cgi/blubb")
res.must_be :not_found?
end
it "detect SystemCallErrors" do
res = Rack::MockRequest.new(file(DOCROOT)).get("/cgi")
res.must_be :not_found?
end
it "return bodies that respond to #to_path" do
env = Rack::MockRequest.env_for("/cgi/test")
status, _, body = Rack::File.new(DOCROOT).call(env)
path = File.join(DOCROOT, "/cgi/test")
status.must_equal 200
body.must_respond_to :to_path
body.to_path.must_equal path
end
it "return correct byte range in body" do
env = Rack::MockRequest.env_for("/cgi/test")
env["HTTP_RANGE"] = "bytes=22-33"
res = Rack::MockResponse.new(*file(DOCROOT).call(env))
res.status.must_equal 206
res["Content-Length"].must_equal "12"
res["Content-Range"].must_equal "bytes 22-33/193"
res.body.must_equal "-*- ruby -*-"
end
it "return error for unsatisfiable byte range" do
env = Rack::MockRequest.env_for("/cgi/test")
env["HTTP_RANGE"] = "bytes=1234-5678"
res = Rack::MockResponse.new(*file(DOCROOT).call(env))
res.status.must_equal 416
res["Content-Range"].must_equal "bytes */193"
end
it "support custom http headers" do
env = Rack::MockRequest.env_for("/cgi/test")
status, heads, _ = file(DOCROOT, 'Cache-Control' => 'public, max-age=38',
'Access-Control-Allow-Origin' => '*').call(env)
status.must_equal 200
heads['Cache-Control'].must_equal 'public, max-age=38'
heads['Access-Control-Allow-Origin'].must_equal '*'
end
it "support not add custom http headers if none are supplied" do
env = Rack::MockRequest.env_for("/cgi/test")
status, heads, _ = file(DOCROOT).call(env)
status.must_equal 200
heads['Cache-Control'].must_equal nil
heads['Access-Control-Allow-Origin'].must_equal nil
end
it "only support GET, HEAD, and OPTIONS requests" do
req = Rack::MockRequest.new(file(DOCROOT))
forbidden = %w[post put patch delete]
forbidden.each do |method|
res = req.send(method, "/cgi/test")
res.must_be :client_error?
res.must_be :method_not_allowed?
res.headers['Allow'].split(/, */).sort.must_equal %w(GET HEAD OPTIONS)
end
allowed = %w[get head options]
allowed.each do |method|
res = req.send(method, "/cgi/test")
res.must_be :successful?
end
end
it "set Allow correctly for OPTIONS requests" do
req = Rack::MockRequest.new(file(DOCROOT))
res = req.options('/cgi/test')
res.must_be :successful?
res.headers['Allow'].wont_equal nil
res.headers['Allow'].split(/, */).sort.must_equal %w(GET HEAD OPTIONS)
end
it "set Content-Length correctly for HEAD requests" do
req = Rack::MockRequest.new(Rack::Lint.new(Rack::File.new(DOCROOT)))
res = req.head "/cgi/test"
res.must_be :successful?
res['Content-Length'].must_equal "193"
end
it "default to a mime type of text/plain" do
req = Rack::MockRequest.new(Rack::Lint.new(Rack::File.new(DOCROOT)))
res = req.get "/cgi/test"
res.must_be :successful?
res['Content-Type'].must_equal "text/plain"
end
it "allow the default mime type to be set" do
req = Rack::MockRequest.new(Rack::Lint.new(Rack::File.new(DOCROOT, nil, 'application/octet-stream')))
res = req.get "/cgi/test"
res.must_be :successful?
res['Content-Type'].must_equal "application/octet-stream"
end
it "not set Content-Type if the mime type is not set" do
req = Rack::MockRequest.new(Rack::Lint.new(Rack::File.new(DOCROOT, nil, nil)))
res = req.get "/cgi/test"
res.must_be :successful?
res['Content-Type'].must_equal nil
end
end
Jump to Line
Something went wrong with that request. Please try again.