Skip to content

Commit

Permalink
update test and reponse
Browse files Browse the repository at this point in the history
  • Loading branch information
@LexLuthr
LexLuthr committed Dec 26, 2024
1 parent 4542f86 commit 3442484
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 4 deletions.
2 changes: 1 addition & 1 deletion transport/httptransport/http_transport.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,7 @@ func (h *httpTransport) Execute(ctx context.Context, transportInfo []byte, dealI
// Custom CheckRedirect function to limit redirects
CheckRedirect: func(req *http.Request, via []*http.Request) error {
if len(via) >= 2 { // Limit to 2 redirects
return fmt.Errorf("too many redirects: %d", len(via))
return http.ErrUseLastResponse
}
return nil
},
Expand Down
12 changes: 9 additions & 3 deletions transport/httptransport/http_transport_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -387,8 +387,8 @@ func TestDownloadFromPrivateIPs(t *testing.T) {
}

func TestDontFollowHttpRedirects(t *testing.T) {
// we should not follow http redirects for security reasons. If the target URL tries to redirect, the client should return 303 response instead.
// This test sets up two servers, with one redirecting to the other. Without the redirect check the download would have been completed successfully.
// we should not follow more than 2 http redirects for security reasons. If the target URL tries to redirect, the client should return 303 response instead.
// This test sets up 3 servers, with one redirecting to the other. Without the redirect check the download would have been completed successfully.
rawSize := (100 * readBufferSize) + 30
ctx := context.Background()
st := newServerTest(t, rawSize)
Expand Down Expand Up @@ -422,8 +422,14 @@ func TestDontFollowHttpRedirects(t *testing.T) {
redirectSvr := httptest.NewServer(redirectHandler)
defer redirectSvr.Close()

var redirectHandler1 http.HandlerFunc = func(w http.ResponseWriter, r *http.Request) {
http.Redirect(w, r, redirectSvr.URL, http.StatusSeeOther)
}
redirectSvr1 := httptest.NewServer(redirectHandler1)
defer redirectSvr1.Close()

of := getTempFilePath(t)
th := executeTransfer(t, ctx, New(nil, newDealLogger(t, ctx), NChunksOpt(numChunks)), carSize, types.HttpRequest{URL: redirectSvr.URL}, of)
th := executeTransfer(t, ctx, New(nil, newDealLogger(t, ctx), NChunksOpt(numChunks)), carSize, types.HttpRequest{URL: redirectSvr1.URL}, of)
require.NotNil(t, th)

evts := waitForTransferComplete(th)
Expand Down

0 comments on commit 3442484

Please sign in to comment.