Self-Hosted
/
changedetection.io
mirror of https://github.com/dgtlmoon/changedetection.io.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Tweak test file

Browse Source
fix-file-access
dgtlmoon 5 months ago
parent d55f4727a2
commit d0ecee7794
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File

1
changedetectionio/run_basic_tests.sh
Unescape View File

@ -38,4 +38,5 @@ pytest tests/test_rss.py
pytest tests/test_unique_lines.py pytest tests/test_unique_lines.py
# Check file:// will pickup a file when enabled # Check file:// will pickup a file when enabled
echo "Hello world" > /tmp/test-file.txt
ALLOW_FILE_URI=yes pytest tests/test_security.py ALLOW_FILE_URI=yes pytest tests/test_security.py

6
changedetectionio/tests/test_security.py
Unescape View File

@ -64,7 +64,7 @@ def test_bad_access(client, live_server, measure_memory_usage):
def test_file_access(client, live_server, measure_memory_usage): def test_file_access(client, live_server, measure_memory_usage):
#live_server_setup(live_server) #live_server_setup(live_server)
test_file_path = os.path.join(os.getcwd(), "..", "README.md") test_file_path = "/tmp/test-file.txt"
# file:// is permitted by default, but it will be caught by ALLOW_FILE_URI # file:// is permitted by default, but it will be caught by ALLOW_FILE_URI
client.post( client.post(
@ -82,8 +82,8 @@ def test_file_access(client, live_server, measure_memory_usage):
follow_redirects=True follow_redirects=True
) )
# Should see something from the README.md # Should see something (this file added by run_basic_tests.sh)
assert b"release-shield" in res.data assert b"Hello world" in res.data
else: else:
# Default should be here # Default should be here
assert b'file:// type access is denied for security reasons.' in res.data assert b'file:// type access is denied for security reasons.' in res.data

Write Preview
Loading…
Cancel
Save