Skip to content

Commit

Permalink
adapt tests fix webpack#1618
Browse files Browse the repository at this point in the history
  • Loading branch information
Carlos Requena López committed Jan 8, 2019
1 parent 657a2e5 commit 0f22eaa
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 21 deletions.
3 changes: 2 additions & 1 deletion lib/Server.js
Original file line number Diff line number Diff line change
Expand Up @@ -672,8 +672,9 @@ Server.prototype.checkHost = function (headers, headerToCheck) {
false,
true
).hostname;

// always allow localhost host, for convience
if (hostname === 'localhost') {
if (hostname === 'localhost' || hostname === '127.0.0.1') {
return true;
}
// allow if hostname is in allowedHosts
Expand Down
37 changes: 17 additions & 20 deletions test/Validation.test.js
Original file line number Diff line number Diff line change
Expand Up @@ -132,10 +132,17 @@ describe('Validation', () => {
}
});

it('should allow access for every requests using an IP', () => {
const options = {};
it('should not allow access for IPs or hostnames that are not in options.public or allowedHosts and viceversa', () => {
const options = {
public: 'pointerpointer.com',
allowedHosts: ['realdevdomain.dev']
};

const tests = [
'realdevdomain.dev',
'test.hostname:80',
'google.com',
'pointerpointer.com',
'192.168.1.123',
'192.168.1.2:8080',
'[::1]',
Expand All @@ -149,28 +156,18 @@ describe('Validation', () => {
tests.forEach((test) => {
const headers = { host: test };

if (!server.checkHost(headers)) {
throw new Error("Validation didn't pass");
const isPublicHostname = test === options.public;
const isInAllowedHosts = options.allowedHosts.includes(test);
if (server.checkHost(headers)) {
if (!isPublicHostname && !isInAllowedHosts)
throw new Error("Validation didn't fail. It should");
} else {
if (isPublicHostname || isInAllowedHosts)
throw new Error("Validation failed and it shouldn't");
}
});
});

it("should not allow hostnames that don't match options.public", () => {
const options = {
public: 'test.host:80'
};

const headers = {
host: 'test.hostname:80'
};

const server = new Server(compiler, options);

if (server.checkHost(headers)) {
throw new Error("Validation didn't fail");
}
});

it('should allow urls with scheme for checking origin', () => {
const options = {
public: 'test.host:80'
Expand Down

0 comments on commit 0f22eaa

Please sign in to comment.