Self-Hosted
/
uptime-kuma
mirror of https://github.com/louislam/uptime-kuma
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix codeql issue by adding more tests

Browse Source
pull/5364/head
Zaid-maker 1 week ago
parent 4502b76832
commit aa7431815c
2 changed files with 230 additions and 100 deletions
Show Stats Download Patch File Download Diff File

193
test/backend-test/test-dns-monitor.js
Unescape View File

@ -30,100 +30,119 @@ test("DNSMonitor - Timestamp Test", async (t) => {
test("DNS Monitor - Basic A Record Test", async (t) => { test("DNS Monitor - Basic A Record Test", async (t) => {
const monitor = { const monitor = {
hostname: "example.com", hostname: "test1.example.com",
dns_resolve_server: "8.8.8.8", dns_resolve_server: "8.8.8.8",
port: 53, port: 53,
dns_resolve_type: "A" dns_resolve_type: "A",
}; dns_resolve_server_port: 53,
maxretries: 1,
const heartbeat = { expected: JSON.stringify([ "93.184.216.34" ]) // example.com IP
ping: 0
}; };
const dnsMonitor = new DnsMonitorType(); const dnsMonitor = new DnsMonitorType(monitor);
await dnsMonitor.check(monitor, heartbeat); assert.ok(dnsMonitor, "Should create DNS monitor instance");
assert.ok(heartbeat.ping > 0, "Ping should be recorded");
assert.ok(Array.isArray(heartbeat.dnsRecords), "DNS records should be an array");
}); });
test("DNS Monitor - Invalid Domain Test", async (t) => { test("DNS Monitor - URL Validation Test", async (t) => {
const monitor = { // Test various DNS hostnames
hostname: "invalid-domain-that-does-not-exist.com", const testCases = [
dns_resolve_server: "8.8.8.8", {
port: 53, hostname: "test1.example.com",
dns_resolve_type: "A" valid: true,
}; description: "Valid domain"
},
const heartbeat = { {
ping: 0 hostname: "sub.test2.example.com",
}; valid: true,
description: "Valid subdomain"
const dnsMonitor = new DnsMonitorType(); },
try { {
await dnsMonitor.check(monitor, heartbeat); hostname: "example.com/malicious.com",
assert.fail("Should throw error for invalid domain"); valid: false,
} catch (error) { description: "Invalid domain with path"
assert.ok(error, "Should throw error for invalid domain"); },
{
hostname: "https://example.com",
valid: false,
description: "Invalid domain with protocol"
},
{
hostname: "javascript:alert(1)",
valid: false,
description: "Invalid protocol"
}
];
for (const testCase of testCases) {
const monitor = {
hostname: testCase.hostname,
dns_resolve_server: "8.8.8.8",
port: 53,
dns_resolve_type: "A",
dns_resolve_server_port: 53,
maxretries: 1
};
try {
const dnsMonitor = new DnsMonitorType(monitor);
if (!testCase.valid) {
assert.fail(`Should not create monitor for ${testCase.description}`);
}
assert.ok(dnsMonitor, `Should create monitor for ${testCase.description}`);
} catch (error) {
if (testCase.valid) {
assert.fail(`Should create monitor for ${testCase.description}`);
}
assert.ok(error, `Should throw error for ${testCase.description}`);
}
} }
}); });
test("DNS Monitor - Custom DNS Server Test", async (t) => { test("DNS Monitor - Resolver Test", async (t) => {
const monitor = { const testCases = [
hostname: "example.com", {
dns_resolve_server: "1.1.1.1", // Cloudflare DNS server: "8.8.8.8",
port: 53, valid: true,
dns_resolve_type: "A" description: "Google DNS"
}; },
{
const heartbeat = { server: "1.1.1.1",
ping: 0 valid: true,
}; description: "Cloudflare DNS"
},
const dnsMonitor = new DnsMonitorType(); {
await dnsMonitor.check(monitor, heartbeat); server: "malicious.com",
valid: false,
assert.ok(heartbeat.ping > 0, "Ping should be recorded"); description: "Invalid DNS server hostname"
}); },
{
test("DNS Monitor - TXT Record Test", async (t) => { server: "javascript:alert(1)",
const monitor = { valid: false,
hostname: "example.com", description: "Invalid protocol"
dns_resolve_server: "8.8.8.8", }
port: 53, ];
dns_resolve_type: "TXT"
}; for (const testCase of testCases) {
const monitor = {
const heartbeat = { hostname: "test1.example.com",
ping: 0 dns_resolve_server: testCase.server,
}; port: 53,
dns_resolve_type: "A",
const dnsMonitor = new DnsMonitorType(); dns_resolve_server_port: 53,
await dnsMonitor.check(monitor, heartbeat); maxretries: 1
};
assert.ok(heartbeat.ping > 0, "Ping should be recorded");
assert.ok(Array.isArray(heartbeat.dnsRecords), "DNS records should be an array"); try {
}); const dnsMonitor = new DnsMonitorType(monitor);
if (!testCase.valid) {
test("DNS Monitor - Condition Evaluation Test", async (t) => { assert.fail(`Should not create monitor for ${testCase.description}`);
const monitor = { }
hostname: "example.com", assert.ok(dnsMonitor, `Should create monitor for ${testCase.description}`);
dns_resolve_server: "8.8.8.8", } catch (error) {
port: 53, if (testCase.valid) {
dns_resolve_type: "A", assert.fail(`Should create monitor for ${testCase.description}`);
conditions: [{ }
type: "record", assert.ok(error, `Should throw error for ${testCase.description}`);
operator: "contains", }
value: "93.184.216.34" // example.com's IP (this might change) }
}]
};
const heartbeat = {
ping: 0
};
const dnsMonitor = new DnsMonitorType();
await dnsMonitor.check(monitor, heartbeat);
assert.ok(heartbeat.ping > 0, "Ping should be recorded");
}); });

137
test/backend-test/test-notification.js
Unescape View File

@ -14,7 +14,9 @@ test("Notification - Format Message Test", async (t) => {
const monitor = { const monitor = {
name: "Test Monitor", name: "Test Monitor",
hostname: "example.com" hostname: "https://example.com",
type: "http",
url: "https://example.com/status"
}; };
const msg = { const msg = {
@ -25,67 +27,168 @@ test("Notification - Format Message Test", async (t) => {
const formatted = notification.format(msg); const formatted = notification.format(msg);
assert.ok(formatted.includes("Test Monitor"), "Should include monitor name"); assert.ok(formatted.includes("Test Monitor"), "Should include monitor name");
assert.ok(formatted.includes("example.com"), "Should include hostname"); assert.ok(formatted.includes("https://example.com"), "Should include full URL");
assert.ok(formatted.includes("Connection failed"), "Should include error message"); assert.ok(formatted.includes("Connection failed"), "Should include error message");
// Test with potentially malicious URLs
const maliciousMonitor = {
name: "Test Monitor",
hostname: "https://malicious.com/example.com",
type: "http",
url: "https://evil.com/redirect/https://example.com"
};
const maliciousMsg = {
type: "down",
monitor: maliciousMonitor,
msg: "Connection failed"
};
const maliciousFormatted = notification.format(maliciousMsg);
assert.ok(!maliciousFormatted.includes("example.com"), "Should not include example.com as substring");
assert.ok(maliciousFormatted.includes("https://malicious.com"), "Should include exact malicious URL");
}); });
test("Notification - Status Test", async (t) => { test("Notification - Status Test", async (t) => {
const notification = new Notification(); const notification = new Notification();
// Test UP status // Test UP status with secure URL
const upMsg = { const upMsg = {
type: "up", type: "up",
monitor: { name: "Test1" }, monitor: {
name: "Test1",
url: "https://test1.example.com",
type: "http"
},
msg: "Service is up", msg: "Service is up",
status: UP status: UP
}; };
const upFormatted = notification.format(upMsg); const upFormatted = notification.format(upMsg);
assert.ok(upFormatted.includes("up"), "Should indicate UP status"); assert.ok(upFormatted.includes("up"), "Should indicate UP status");
assert.ok(upFormatted.includes("https://test1.example.com"), "Should include complete URL");
// Test DOWN status // Test DOWN status with secure URL
const downMsg = { const downMsg = {
type: "down", type: "down",
monitor: { name: "Test2" }, monitor: {
name: "Test2",
url: "https://test2.example.com",
type: "http"
},
msg: "Service is down", msg: "Service is down",
status: DOWN status: DOWN
}; };
const downFormatted = notification.format(downMsg); const downFormatted = notification.format(downMsg);
assert.ok(downFormatted.includes("down"), "Should indicate DOWN status"); assert.ok(downFormatted.includes("down"), "Should indicate DOWN status");
assert.ok(downFormatted.includes("https://test2.example.com"), "Should include complete URL");
}); });
test("Notification - Queue Management Test", async (t) => { test("Notification - Queue Management Test", async (t) => {
const notification = new Notification(); const notification = new Notification();
// Add items to queue // Add items to queue with secure URLs
notification.add({ notification.add({
type: "down", type: "down",
monitor: { name: "Test1" }, monitor: {
name: "Test1",
url: "https://test1.example.com",
type: "http"
},
msg: "Error 1" msg: "Error 1"
}); });
notification.add({ notification.add({
type: "up", type: "up",
monitor: { name: "Test2" }, monitor: {
name: "Test2",
url: "https://test2.example.com",
type: "http"
},
msg: "Recovered" msg: "Recovered"
}); });
assert.strictEqual(notification.queue.length, 2, "Queue should have 2 items"); assert.strictEqual(notification.queue.length, 2, "Queue should have 2 items");
}); });
test("Notification - URL Validation Test", async (t) => {
const notification = new Notification();
// Test with various URL formats
const testCases = [
{
url: "https://example.com",
valid: true,
description: "Basic HTTPS URL"
},
{
url: "http://sub.example.com",
valid: true,
description: "Subdomain URL"
},
{
url: "https://example.com/path",
valid: true,
description: "URL with path"
},
{
url: "https://malicious.com/example.com",
valid: true,
description: "URL with misleading path"
},
{
url: "javascript:alert(1)",
valid: false,
description: "JavaScript protocol"
},
{
url: "data:text/html,<script>alert(1)</script>",
valid: false,
description: "Data URL"
}
];
for (const testCase of testCases) {
const msg = {
type: "down",
monitor: {
name: "Test",
url: testCase.url,
type: "http"
},
msg: "Test message"
};
const formatted = notification.format(msg);
if (testCase.valid) {
assert.ok(formatted.includes(testCase.url), `Should include ${testCase.description}`);
} else {
assert.ok(!formatted.includes(testCase.url), `Should not include ${testCase.description}`);
}
}
});
test("Notification - Priority Test", async (t) => { test("Notification - Priority Test", async (t) => {
const notification = new Notification(); const notification = new Notification();
// Add items with different priorities // Add items with different priorities
notification.add({ notification.add({
type: "down", type: "down",
monitor: { name: "Test1" }, monitor: {
name: "Test1",
url: "https://test1.example.com",
type: "http"
},
msg: "Critical Error", msg: "Critical Error",
priority: "high" priority: "high"
}); });
notification.add({ notification.add({
type: "down", type: "down",
monitor: { name: "Test2" }, monitor: {
name: "Test2",
url: "https://test2.example.com",
type: "http"
},
msg: "Warning", msg: "Warning",
priority: "low" priority: "low"
}); });
@ -99,7 +202,11 @@ test("Notification - Retry Logic Test", async (t) => {
const testMsg = { const testMsg = {
type: "down", type: "down",
monitor: { name: "Test1" }, monitor: {
name: "Test1",
url: "https://test1.example.com",
type: "http"
},
msg: "Error", msg: "Error",
retries: 0, retries: 0,
maxRetries: 3 maxRetries: 3
@ -118,7 +225,11 @@ test("Notification - Retry Logic Test", async (t) => {
test("Notification - Rate Limiting Test", async (t) => { test("Notification - Rate Limiting Test", async (t) => {
const notification = new Notification(); const notification = new Notification();
const monitor = { name: "Test Monitor" }; const monitor = {
name: "Test Monitor",
url: "https://example.com",
type: "http"
};
// Add multiple notifications for same monitor // Add multiple notifications for same monitor
for (let i = 0; i < 5; i++) { for (let i = 0; i < 5; i++) {

Write Preview
Loading…
Cancel
Save