Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
txlyre
/
3x-ui
-ын хуулбар https://github.com/MHSanaei/3x-ui
1
0
Салаа 0
Файлууд Асуудлууд 0 Мэдлэгийн сан
Мод: cf5f37e409
Салаанууд Тагууд
3x-ui
/
internal
/
web
/
middleware
/
bodylimit_test.go

bodylimit_test.go 2.2 KB
Түүх Анхны өгөгдөл

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980 
  1. package middleware
    2. 

  2. 

  3. import (
    4. 

  4. 	"bytes"
    5. 

  5. 	"io"
    6. 

  6. 	"net/http"
    7. 

  7. 	"net/http/httptest"
    8. 

  8. 	"strings"
    9. 

  9. 	"testing"
    10. 

  10. 

  11. 	"github.com/gin-gonic/gin"
    12. 

  12. )
    13. 

  13. 

  14. func TestMaxBodyBytes(t *testing.T) {
    15. 

  15. 	gin.SetMode(gin.TestMode)
    16. 

  16. 	const limit = 16
    17. 

  17. 

  18. 	r := gin.New()
    19. 

  19. 	r.Use(MaxBodyBytes(limit))
    20. 

  20. 	r.POST("/x", func(c *gin.Context) {
    21. 

  21. 		if _, err := io.ReadAll(c.Request.Body); err != nil {
    22. 

  22. 			c.String(http.StatusRequestEntityTooLarge, "too big")
    23. 

  23. 			return
    24. 

  24. 		}
    25. 

  25. 		c.String(http.StatusOK, "ok")
    26. 

  26. 	})
    27. 

  27. 	r.GET("/x", func(c *gin.Context) { c.String(http.StatusOK, "ok") })
    28. 

  28. 

  29. 	// Body within the limit is read normally.
    30. 

  30. 	w := httptest.NewRecorder()
    31. 

  31. 	r.ServeHTTP(w, httptest.NewRequest(http.MethodPost, "/x", strings.NewReader("0123456789")))
    32. 

  32. 	if w.Code != http.StatusOK {
    33. 

  33. 		t.Errorf("under-limit POST: got %d, want 200", w.Code)
    34. 

  34. 	}
    35. 

  35. 

  36. 	// Body over the limit makes the handler's read fail (no unbounded buffer).
    37. 

  37. 	w = httptest.NewRecorder()
    38. 

  38. 	r.ServeHTTP(w, httptest.NewRequest(http.MethodPost, "/x", bytes.NewReader(make([]byte, limit*4))))
    39. 

  39. 	if w.Code == http.StatusOK {
    40. 

  40. 		t.Errorf("over-limit POST should not succeed, got 200")
    41. 

  41. 	}
    42. 

  42. 

  43. 	// Bodyless methods pass through untouched.
    44. 

  44. 	w = httptest.NewRecorder()
    45. 

  45. 	r.ServeHTTP(w, httptest.NewRequest(http.MethodGet, "/x", nil))
    46. 

  46. 	if w.Code != http.StatusOK {
    47. 

  47. 		t.Errorf("GET should pass through, got %d", w.Code)
    48. 

  48. 	}
    49. 

  49. }
    50. 

  50. 

  51. func TestMaxBodyBytesSkipSuffix(t *testing.T) {
    52. 

  52. 	gin.SetMode(gin.TestMode)
    53. 

  53. 	const limit = 16
    54. 

  54. 

  55. 	r := gin.New()
    56. 

  56. 	r.Use(MaxBodyBytes(limit, "/server/importDB"))
    57. 

  57. 	read := func(c *gin.Context) {
    58. 

  58. 		if _, err := io.ReadAll(c.Request.Body); err != nil {
    59. 

  59. 			c.String(http.StatusRequestEntityTooLarge, "too big")
    60. 

  60. 			return
    61. 

  61. 		}
    62. 

  62. 		c.String(http.StatusOK, "ok")
    63. 

  63. 	}
    64. 

  64. 	r.POST("/server/importDB", read)
    65. 

  65. 	r.POST("/x", read)
    66. 

  66. 

  67. 	// Exempt route reads an over-limit body without error.
    68. 

  68. 	w := httptest.NewRecorder()
    69. 

  69. 	r.ServeHTTP(w, httptest.NewRequest(http.MethodPost, "/server/importDB", bytes.NewReader(make([]byte, limit*4))))
    70. 

  70. 	if w.Code != http.StatusOK {
    71. 

  71. 		t.Errorf("exempt route should pass through over-limit body, got %d", w.Code)
    72. 

  72. 	}
    73. 

  73. 

  74. 	// Non-exempt route is still capped.
    75. 

  75. 	w = httptest.NewRecorder()
    76. 

  76. 	r.ServeHTTP(w, httptest.NewRequest(http.MethodPost, "/x", bytes.NewReader(make([]byte, limit*4))))
    77. 

  77. 	if w.Code == http.StatusOK {
    78. 

  78. 		t.Errorf("non-exempt over-limit POST should not succeed, got 200")
    79. 

  79. 	}
    80. 

  80. }
    81.