@Test public void testMissingConfig() throws Exception { ContainerConfig containerMissingConfig = mock(ContainerConfig.class); expect(containerMissingConfig.getContainers()) .andReturn(Arrays.asList(ContainerConfig.DEFAULT_CONTAINER)); replay(); lockedDomainService = new HashLockedDomainService(containerMissingConfig, true); assertFalse(lockedDomainService.gadgetCanRender("www.example.com", wantsLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender("www.example.com", notLocked, "default")); }
@Test public void containerConfigurationChanges() throws Exception { ContainerConfig config = new BasicContainerConfig(); config .newTransaction() .addContainer(ImmutableMap .<String, Object>builder() .put(ContainerConfig.CONTAINER_KEY, ContainerConfig.DEFAULT_CONTAINER) .put(LOCKED_DOMAIN_SUFFIX_KEY, LD_SUFFIX) .put(IFRAME_BASE_PATH_KEY, IFRAME_PATH) .put(LOCKED_DOMAIN_REQUIRED_KEY, true) .build()) .commit(); LockedDomainService ldService = new HashLockedDomainService(config, true, prefixGen); TestDefaultIframeUriManager manager = new TestDefaultIframeUriManager(config, ldService); Uri testUri = Uri.parse("http://foobar" + LD_SUFFIX + "/?url=http://example.com"); config.newTransaction().addContainer(ImmutableMap .<String, Object>builder() .put(ContainerConfig.CONTAINER_KEY, ContainerConfig.DEFAULT_CONTAINER) .put(LOCKED_DOMAIN_SUFFIX_KEY, LD_SUFFIX_ALT) .build()).commit(); assertEquals(UriStatus.VALID_UNVERSIONED, manager.validateRenderingUri(testUri)); }
@Test public void containerConfigurationChanges() throws Exception { ContainerConfig config = new BasicContainerConfig(); config .newTransaction() .addContainer(ImmutableMap .<String, Object>builder() .put(ContainerConfig.CONTAINER_KEY, ContainerConfig.DEFAULT_CONTAINER) .put(LOCKED_DOMAIN_SUFFIX_KEY, LD_SUFFIX) .put(IFRAME_BASE_PATH_KEY, IFRAME_PATH) .put(LOCKED_DOMAIN_REQUIRED_KEY, true) .build()) .commit(); LockedDomainService ldService = new HashLockedDomainService(config, true, prefixGen); TestDefaultIframeUriManager manager = new TestDefaultIframeUriManager(config, ldService); Uri testUri = Uri.parse("http://foobar" + LD_SUFFIX + "/?url=http://example.com"); config.newTransaction().addContainer(ImmutableMap .<String, Object>builder() .put(ContainerConfig.CONTAINER_KEY, ContainerConfig.DEFAULT_CONTAINER) .put(LOCKED_DOMAIN_SUFFIX_KEY, LD_SUFFIX_ALT) .build()).commit(); assertEquals(UriStatus.VALID_UNVERSIONED, manager.validateRenderingUri(testUri)); }
@Before public void setUp() throws Exception { JSONObject config = new JSONObject('{' + ContainerConfig.DEFAULT_CONTAINER + ':' + "{'gadgets.container': ['default']," + "'gadgets.features':{views:" + "{aliased: {aliases: ['some-alias', 'alias']}}" + ",'core.io':" + "{unparseableCruft :\"throw 1; < don't be evil' >\"}}}}"); containerConfig = new JsonContainerConfig(config, Expressions.forTesting()); Gadget gadget = mock(Gadget.class); processor = mock(Processor.class); Capture<GadgetContext> context = new Capture<GadgetContext>(); expect(processor.process(EasyMock.capture(context))).andReturn(gadget).anyTimes(); ldService = new HashLockedDomainService(containerConfig, false, mock(LockedDomainPrefixGenerator.class)); handler = new MakeRequestHandler(containerConfig, pipeline, rewriterRegistry, feedProcessorProvider, gadgetAdminStore, processor, ldService); servlet.setMakeRequestHandler(handler); expect(request.getHeaderNames()).andReturn(EMPTY_ENUM).anyTimes(); expect(request.getParameter(MakeRequestHandler.METHOD_PARAM)) .andReturn("GET").anyTimes(); expect(request.getParameter(Param.URL.getKey())) .andReturn(REQUEST_URL.toString()).anyTimes(); expect(request.getParameter(Param.GADGET.getKey())) .andReturn(REQUEST_GADGET.toString()).anyTimes(); expect(gadgetAdminStore.isWhitelisted(isA(String.class), isA(String.class))).andReturn(true); }
@Before public void setUp() throws Exception { expect(request.getMethod()).andReturn("POST").anyTimes(); expect(request.getParameter(Param.URL.getKey())) .andReturn(REQUEST_URL.toString()).anyTimes(); JSONObject config = new JSONObject('{' + ContainerConfig.DEFAULT_CONTAINER + ':' + "{'gadgets.container': ['default']," + "'gadgets.features':{views:" + "{aliased: {aliases: ['some-alias', 'alias']}}" + ",'core.io':" + "{unparseableCruft :\"throw 1; < don't be evil' >\"}}}}"); containerConfig = new JsonContainerConfig(config, Expressions.forTesting()); ldService = new HashLockedDomainService(containerConfig, false, new HashShaLockedDomainPrefixGenerator()); handler = new MakeRequestHandler(containerConfig, pipeline, rewriterRegistry, feedProcessorProvider, gadgetAdminStore, processor, ldService); DUMMY_TOKEN.setAppUrl("http://some/gadget.xml"); DUMMY_TOKEN.setContainer(ContainerConfig.DEFAULT_CONTAINER); expect(request.getParameter(Param.GADGET.getKey())).andReturn("http://some/gadget.xml").anyTimes(); expect(processor.process(capture(context))).andReturn(gadget).anyTimes(); expect(gadgetAdminStore.isWhitelisted(isA(String.class), isA(String.class))).andReturn(true); }
@Before public void setUp() throws Exception { expect(request.getMethod()).andReturn("POST").anyTimes(); expect(request.getParameter(Param.URL.getKey())) .andReturn(REQUEST_URL.toString()).anyTimes(); JSONObject config = new JSONObject('{' + ContainerConfig.DEFAULT_CONTAINER + ':' + "{'gadgets.container': ['default']," + "'gadgets.features':{views:" + "{aliased: {aliases: ['some-alias', 'alias']}}" + ",'core.io':" + "{unparseableCruft :\"throw 1; < don't be evil' >\"}}}}"); containerConfig = new JsonContainerConfig(config, Expressions.forTesting()); ldService = new HashLockedDomainService(containerConfig, false, new HashShaLockedDomainPrefixGenerator()); handler = new MakeRequestHandler(containerConfig, pipeline, rewriterRegistry, feedProcessorProvider, gadgetAdminStore, processor, ldService); DUMMY_TOKEN.setAppUrl("http://some/gadget.xml"); DUMMY_TOKEN.setContainer(ContainerConfig.DEFAULT_CONTAINER); expect(request.getParameter(Param.GADGET.getKey())).andReturn("http://some/gadget.xml").anyTimes(); expect(processor.process(capture(context))).andReturn(gadget).anyTimes(); expect(gadgetAdminStore.isWhitelisted(isA(String.class), isA(String.class))).andReturn(true); }
@Test public void testMultiContainer() throws Exception { ContainerConfig inheritsConfig = mock(ContainerConfig.class); expect(inheritsConfig.getContainers()) .andReturn(Arrays.asList(ContainerConfig.DEFAULT_CONTAINER, "other")); expect(inheritsConfig.getBool(isA(String.class), eq(LOCKED_DOMAIN_REQUIRED_KEY))) .andReturn(true).anyTimes(); expect(inheritsConfig.getString(isA(String.class), eq(LOCKED_DOMAIN_SUFFIX_KEY))) .andReturn("-a.example.com:8080").anyTimes(); replay(); lockedDomainService = new HashLockedDomainService(inheritsConfig, true); assertFalse(lockedDomainService.gadgetCanRender("www.example.com", wantsLocked, "other")); assertFalse(lockedDomainService.gadgetCanRender("www.example.com", notLocked, "other")); assertTrue(lockedDomainService.gadgetCanRender( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "other")); } }
@Test public void testMissingConfig() throws Exception { ContainerConfig containerMissingConfig = new BasicContainerConfig(); containerMissingConfig.newTransaction().addContainer(makeContainer(ContainerConfig.DEFAULT_CONTAINER)).commit(); lockedDomainService = new HashLockedDomainService(containerMissingConfig, true, ldgen); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); }
@Test public void testMissingConfig() throws Exception { ContainerConfig containerMissingConfig = new BasicContainerConfig(); containerMissingConfig.newTransaction().addContainer(makeContainer(ContainerConfig.DEFAULT_CONTAINER)).commit(); lockedDomainService = new HashLockedDomainService(containerMissingConfig, true, ldgen); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); }
@Test public void testDisabledGlobally() { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, false, ldgen); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsBoth, "default")); lockedDomainService = new HashLockedDomainService(enabledConfig, false, ldgen); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsBoth, "default")); }
@Test public void testDisabledGlobally() { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, false, ldgen); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsBoth, "default")); lockedDomainService = new HashLockedDomainService(enabledConfig, false, ldgen); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.isGadgetValidForHost("embed.com", wantsBoth, "default")); }
@Test public void testDisabledGlobally() { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, false); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", notLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsBoth, "default")); lockedDomainService = new HashLockedDomainService(enabledConfig, false); assertTrue(lockedDomainService.isSafeForOpenProxy("anywhere.com")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", notLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsSecurityToken, "default")); assertTrue(lockedDomainService.gadgetCanRender("embed.com", wantsBoth, "default")); }
@Test public void testMultiContainer() throws Exception { ContainerConfig inheritsConfig = new BasicContainerConfig(); inheritsConfig .newTransaction() .addContainer( makeContainer(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_SUFFIX_KEY, "-a.example.com:8080", LOCKED_DOMAIN_REQUIRED_KEY, true)) .addContainer(makeContainer("other")) .commit(); lockedDomainService = new HashLockedDomainService(inheritsConfig, true, ldgen); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "other")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "other")); assertTrue(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "other")); }
@Test public void testMultiContainer() throws Exception { ContainerConfig inheritsConfig = new BasicContainerConfig(); inheritsConfig .newTransaction() .addContainer( makeContainer(ContainerConfig.DEFAULT_CONTAINER, LOCKED_DOMAIN_SUFFIX_KEY, "-a.example.com:8080", LOCKED_DOMAIN_REQUIRED_KEY, true)) .addContainer(makeContainer("other")) .commit(); lockedDomainService = new HashLockedDomainService(inheritsConfig, true, ldgen); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "other")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "other")); assertTrue(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "other")); }
@Test public void testNotEnabledForGadget() throws GadgetException { replay(); lockedDomainService = new HashLockedDomainService(enabledConfig, true, ldgen); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertNull(lockedDomainService.getLockedDomainForGadget(notLocked, "default")); }
@Test public void testNotEnabledForGadget() { replay(); lockedDomainService = new HashLockedDomainService(enabledConfig, true); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.gadgetCanRender("www.example.com", notLocked, "default")); assertFalse(lockedDomainService.gadgetCanRender( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertNull(lockedDomainService.getLockedDomainForGadget(notLocked, "default")); }
@Test public void testNotEnabledForGadget() throws GadgetException { replay(); lockedDomainService = new HashLockedDomainService(enabledConfig, true, ldgen); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertTrue(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertNull(lockedDomainService.getLockedDomainForGadget(notLocked, "default")); }
@Test public void testRequiredForContainer() throws GadgetException { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, true, ldgen); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); String target = lockedDomainService.getLockedDomainForGadget(wantsLocked, "default"); assertEquals("8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", target); target = lockedDomainService.getLockedDomainForGadget(notLocked, "default"); assertEquals("auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", target); assertTrue(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); }
@Test public void testRequiredForContainer() { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, true); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertFalse(lockedDomainService.gadgetCanRender("www.example.com", wantsLocked, "default")); assertFalse(lockedDomainService.gadgetCanRender("www.example.com", notLocked, "default")); String target = lockedDomainService.getLockedDomainForGadget(wantsLocked, "default"); assertEquals("8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", target); target = lockedDomainService.getLockedDomainForGadget(notLocked, "default"); assertEquals("auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", target); assertTrue(lockedDomainService.gadgetCanRender( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "default")); assertFalse(lockedDomainService.gadgetCanRender( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", wantsLocked, "default")); assertTrue(lockedDomainService.gadgetCanRender( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertFalse(lockedDomainService.gadgetCanRender( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); }
@Test public void testRequiredForContainer() throws GadgetException { replay(); lockedDomainService = new HashLockedDomainService(requiredConfig, true, ldgen); assertFalse(lockedDomainService.isSafeForOpenProxy("images-a.example.com:8080")); assertFalse(lockedDomainService.isSafeForOpenProxy("-a.example.com:8080")); assertTrue(lockedDomainService.isSafeForOpenProxy("embed.com")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", wantsLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost("www.example.com", notLocked, "default")); String target = lockedDomainService.getLockedDomainForGadget(wantsLocked, "default"); assertEquals("8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", target); target = lockedDomainService.getLockedDomainForGadget(notLocked, "default"); assertEquals("auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", target); assertTrue(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", wantsLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", wantsLocked, "default")); assertTrue(lockedDomainService.isGadgetValidForHost( "auvn86n7q0l4ju2tq5cq8akotcjlda66-a.example.com:8080", notLocked, "default")); assertFalse(lockedDomainService.isGadgetValidForHost( "8uhr00296d2o3sfhqilj387krjmgjv3v-a.example.com:8080", notLocked, "default")); }