jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

app proxy: protect code accessing containerId

Browse Source
This commit is contained in:
Girish Ramakrishnan
2024-06-10 10:53:00 +02:00
parent db3eabcd2f
commit 692be297b3
4 changed files with 19 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/test/apps-test.js
View File

@@ -54,17 +54,17 @@ describe('Apps', function () {
describe('validateLocations', function () {
it('does not allow reserved subdomain', async function () {
let location = new Location('my', domain.domain, Location.TYPE_ALIAS);
const location = new Location('my', domain.domain, Location.TYPE_ALIAS);
expect(await apps._validateLocations([location])).to.be.an(Error);
});
it('does not allow unknown domain', async function () {
let location = new Location('my2', domain.domain + 'x', Location.TYPE_PRIMARY);
const location = new Location('my2', domain.domain + 'x', Location.TYPE_PRIMARY);
expect(await apps._validateLocations([location])).to.be.an(Error);
});
it('allows valid locations', async function () {
let location = new Location('my2', domain.domain, Location.TYPE_SECONDARY);
const location = new Location('my2', domain.domain, Location.TYPE_SECONDARY);
expect(await apps._validateLocations([location])).to.be(null);
});
});
@@ -355,21 +355,21 @@ describe('Apps', function () {
});
describe('proxy app', function () {
const app = require('./common.js').proxyApp;
const proxyApp = require('./common.js').proxyApp;
const newUpstreamUri = 'https://foobar.com:443';
before(async function () {
await apps.add(app.id, app.appStoreId, app.manifest, app.subdomain, app.domain, app.portBindings, app);
await apps.add(proxyApp.id, proxyApp.appStoreId, proxyApp.manifest, proxyApp.subdomain, proxyApp.domain, proxyApp.portBindings, proxyApp);
});
it('cannot set invalid upstream uri', async function () {
const [error] = await safe(apps.setUpstreamUri(app, 'foo:bar:80', AuditSource.PLATFORM));
const [error] = await safe(apps.setUpstreamUri(proxyApp, 'foo:bar:80', AuditSource.PLATFORM));
expect(error.reason).to.be(BoxError.BAD_FIELD);
});
it('can set upstream uri', async function () {
await apps.setUpstreamUri(app, newUpstreamUri, AuditSource.PLATFORM);
const result = await apps.get(app.id);
await apps.setUpstreamUri(proxyApp, newUpstreamUri, AuditSource.PLATFORM);
const result = await apps.get(proxyApp.id);
expect(result.upstreamUri).to.equal(newUpstreamUri);
});

2
src/test/common.js
View File

@@ -151,7 +151,7 @@ const proxyApp = {
upstreamUri: 'http://1.2.3.4:80',
domain: domain.domain,
fqdn: domain.domain + '.' + 'proxylocation',
manifest,
manifest: proxyAppManifest,
containerId: '',
portBindings: null,
accessRestriction: null,