From 8f38dc2e7f9dc7272c6882fff369be5e43dc711a Mon Sep 17 00:00:00 2001 From: tobi <31960611+tsmethurst@users.noreply.github.com> Date: Wed, 23 Aug 2023 14:32:27 +0200 Subject: [feature] Add rate limit exceptions option, use ISO8601 for rate limit reset (#2151) * start updating rate limiting, add exceptions * tests, comments, tidying up * add rate limiting exceptions to example config * envparsing * nolint * apply kimbediff * add examples --- internal/middleware/middleware_test.go | 75 ---------------------------------- 1 file changed, 75 deletions(-) delete mode 100644 internal/middleware/middleware_test.go (limited to 'internal/middleware/middleware_test.go') diff --git a/internal/middleware/middleware_test.go b/internal/middleware/middleware_test.go deleted file mode 100644 index fad05931b..000000000 --- a/internal/middleware/middleware_test.go +++ /dev/null @@ -1,75 +0,0 @@ -// GoToSocial -// Copyright (C) GoToSocial Authors admin@gotosocial.org -// SPDX-License-Identifier: AGPL-3.0-or-later -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program. If not, see . - -package middleware_test - -import ( - "testing" - - "github.com/superseriousbusiness/gotosocial/internal/middleware" -) - -func TestBuildContentSecurityPolicy(t *testing.T) { - type cspTest struct { - extraURLs []string - expected string - } - - for _, test := range []cspTest{ - { - extraURLs: nil, - expected: "default-src 'self'; object-src 'none'; img-src 'self' blob:; media-src 'self'", - }, - { - extraURLs: []string{ - "https://some-bucket-provider.com", - }, - expected: "default-src 'self'; object-src 'none'; img-src 'self' blob: https://some-bucket-provider.com; media-src 'self' https://some-bucket-provider.com", - }, - { - extraURLs: []string{ - "https://some-bucket-provider.com:6969", - }, - expected: "default-src 'self'; object-src 'none'; img-src 'self' blob: https://some-bucket-provider.com:6969; media-src 'self' https://some-bucket-provider.com:6969", - }, - { - extraURLs: []string{ - "http://some-bucket-provider.com:6969", - }, - expected: "default-src 'self'; object-src 'none'; img-src 'self' blob: http://some-bucket-provider.com:6969; media-src 'self' http://some-bucket-provider.com:6969", - }, - { - extraURLs: []string{ - "https://s3.nl-ams.scw.cloud", - }, - expected: "default-src 'self'; object-src 'none'; img-src 'self' blob: https://s3.nl-ams.scw.cloud; media-src 'self' https://s3.nl-ams.scw.cloud", - }, - { - extraURLs: []string{ - "https://s3.nl-ams.scw.cloud", - "https://s3.somewhere.else.example.org", - }, - expected: "default-src 'self'; object-src 'none'; img-src 'self' blob: https://s3.nl-ams.scw.cloud https://s3.somewhere.else.example.org; media-src 'self' https://s3.nl-ams.scw.cloud https://s3.somewhere.else.example.org", - }, - } { - csp := middleware.BuildContentSecurityPolicy(test.extraURLs...) - if csp != test.expected { - t.Logf("expected '%s', got '%s'", test.expected, csp) - t.Fail() - } - } -} -- cgit v1.2.3