about summary refs log tree commit diff
path: root/spec
diff options
context:
space:
mode:
authorThibG <thib@sitedethib.com>2020-05-14 23:28:06 +0200
committerGitHub <noreply@github.com>2020-05-14 23:28:06 +0200
commit71fce71c94b1e94ae3a7af17bfc141709b61c428 (patch)
tree492cd66640ca1ac97289f073fb55a9301e2daefa /spec
parentc9dcc2d39fb5bd945ecd999e50c08a86cce1aa3e (diff)
Fix webfinger returning wrong status code on malformed or missing param (#13759)
Fixes #13757
Diffstat (limited to 'spec')
-rw-r--r--spec/controllers/well_known/webfinger_controller_spec.rb10
-rw-r--r--spec/lib/webfinger_resource_spec.rb12
2 files changed, 21 insertions, 1 deletions
diff --git a/spec/controllers/well_known/webfinger_controller_spec.rb b/spec/controllers/well_known/webfinger_controller_spec.rb
index 20275aa63..46f63185b 100644
--- a/spec/controllers/well_known/webfinger_controller_spec.rb
+++ b/spec/controllers/well_known/webfinger_controller_spec.rb
@@ -84,5 +84,15 @@ PEM
 
       expect(response).to have_http_status(:not_found)
     end
+
+    it 'returns http bad request when not given a resource parameter' do
+      get :show, params: { }, format: :json
+      expect(response).to have_http_status(:bad_request)
+    end
+
+    it 'returns http bad request when given a nonsense parameter' do
+      get :show, params: { resource: 'df/:dfkj' }
+      expect(response).to have_http_status(:bad_request)
+    end
   end
 end
diff --git a/spec/lib/webfinger_resource_spec.rb b/spec/lib/webfinger_resource_spec.rb
index 287537a26..236e9f3e2 100644
--- a/spec/lib/webfinger_resource_spec.rb
+++ b/spec/lib/webfinger_resource_spec.rb
@@ -39,7 +39,7 @@ describe WebfingerResource do
 
         expect {
           WebfingerResource.new(resource).username
-        }.to raise_error(ActiveRecord::RecordNotFound)
+        }.to raise_error(WebfingerResource::InvalidRequest)
       end
 
       it 'finds the username in a valid https route' do
@@ -123,5 +123,15 @@ describe WebfingerResource do
         expect(result).to eq 'alice'
       end
     end
+
+    describe 'with a nonsense resource' do
+      it 'raises InvalidRequest' do
+        resource = 'df/:dfkj'
+
+        expect {
+          WebfingerResource.new(resource).username
+        }.to raise_error(WebfingerResource::InvalidRequest)
+      end
+    end
   end
 end
generated by cgit-pink (git 2.37.1) at 2024-11-22 02:00:55 +0000