mirror of
https://github.com/langgenius/dify.git
synced 2025-12-20 06:32:45 +00:00
e9738b891f
Some checks are pending
Build and Push API & Web / build (api, DIFY_API_IMAGE_NAME, linux/amd64, build-api-amd64) (push) Waiting to run
Build and Push API & Web / build (api, DIFY_API_IMAGE_NAME, linux/arm64, build-api-arm64) (push) Waiting to run
Build and Push API & Web / build (web, DIFY_WEB_IMAGE_NAME, linux/amd64, build-web-amd64) (push) Waiting to run
Build and Push API & Web / build (web, DIFY_WEB_IMAGE_NAME, linux/arm64, build-web-arm64) (push) Waiting to run
Build and Push API & Web / create-manifest (api, DIFY_API_IMAGE_NAME, merge-api-images) (push) Blocked by required conditions
Build and Push API & Web / create-manifest (web, DIFY_WEB_IMAGE_NAME, merge-web-images) (push) Blocked by required conditions
Main CI Pipeline / Check Changed Files (push) Waiting to run
Main CI Pipeline / API Tests (push) Blocked by required conditions
Main CI Pipeline / Web Tests (push) Blocked by required conditions
Main CI Pipeline / Style Check (push) Waiting to run
Main CI Pipeline / VDB Tests (push) Blocked by required conditions
Main CI Pipeline / DB Migration Test (push) Blocked by required conditions
50 lines
2.0 KiB
TypeScript
50 lines
2.0 KiB
TypeScript
import { validateRedirectUrl } from './urlValidation'
|
|
|
|
describe('URL Validation', () => {
|
|
describe('validateRedirectUrl', () => {
|
|
it('should reject data: protocol', () => {
|
|
expect(() => validateRedirectUrl('data:text/html,<script>alert(1)</script>')).toThrow('Authorization URL must be HTTP or HTTPS')
|
|
})
|
|
|
|
it('should reject file: protocol', () => {
|
|
expect(() => validateRedirectUrl('file:///etc/passwd')).toThrow('Authorization URL must be HTTP or HTTPS')
|
|
})
|
|
|
|
it('should reject ftp: protocol', () => {
|
|
expect(() => validateRedirectUrl('ftp://example.com')).toThrow('Authorization URL must be HTTP or HTTPS')
|
|
})
|
|
|
|
it('should reject vbscript: protocol', () => {
|
|
expect(() => validateRedirectUrl('vbscript:msgbox(1)')).toThrow('Authorization URL must be HTTP or HTTPS')
|
|
})
|
|
|
|
it('should reject malformed URLs', () => {
|
|
expect(() => validateRedirectUrl('not a url')).toThrow('Invalid URL')
|
|
expect(() => validateRedirectUrl('://example.com')).toThrow('Invalid URL')
|
|
expect(() => validateRedirectUrl('')).toThrow('Invalid URL')
|
|
})
|
|
|
|
it('should handle URLs with query parameters', () => {
|
|
expect(() => validateRedirectUrl('https://example.com?param=value')).not.toThrow()
|
|
expect(() => validateRedirectUrl('https://example.com?redirect=http://evil.com')).not.toThrow()
|
|
})
|
|
|
|
it('should handle URLs with fragments', () => {
|
|
expect(() => validateRedirectUrl('https://example.com#section')).not.toThrow()
|
|
expect(() => validateRedirectUrl('https://example.com/path#fragment')).not.toThrow()
|
|
})
|
|
|
|
it('should handle URLs with authentication', () => {
|
|
expect(() => validateRedirectUrl('https://user:pass@example.com')).not.toThrow()
|
|
})
|
|
|
|
it('should handle international domain names', () => {
|
|
expect(() => validateRedirectUrl('https://例え.jp')).not.toThrow()
|
|
})
|
|
|
|
it('should reject protocol-relative URLs', () => {
|
|
expect(() => validateRedirectUrl('//example.com')).toThrow('Invalid URL')
|
|
})
|
|
})
|
|
})
|