vvzvlad/gitmost
1
0
Fork 0
Code Issues 14 Pull Requests 12 Packages Projects Releases Activity
Files
3d4ad664b39bf235893e54370737c94684a69a08
gitmost/apps/server/src/core/share/share.util.spec.ts
claude_code 3d4ad664b3 test(refactor-tail): extract pure cores + cover collab/share/ai-chat/client gate 
Batches 6-9: behaviour-preserving extractions of testable pure cores plus the
tests they unblock, and a fix for the broken client test environment.
Full suites green: server 113 suites / 1117 + 1 todo, client 30 files / 338.

client (R0 infra):
- vitest.setup.ts: in-memory localStorage/sessionStorage Storage stub wired via
  setupFiles. Unblocks menu-items.gating.test.ts (was 9 failing) -> client suite
  fully green. + menu-items.suggestions.test.ts (getSuggestionItems filter/sort).

share:
- extract buildShareMetaHtml (share-seo.util.ts) from the SEO controller; tests
  for reflected-XSS escaping in <title>/og/twitter meta, noindex, truncation;
  extractPageSlugId; updateAttachmentAttr; prepareContentForShare comment-strip
  (anonymous-viewer metadata-leak guard).

ai-chat (security extractions):
- selectAccessibleHits: CASL post-filter for semantic search (restricted page in
  an accessible space must NOT leak to the agent).
- validateResolvedAddresses: SSRF connect-time guard (block if ANY resolved
  address is private).
- resolveAudioFormat: mime whitelist (dead `?? 'webm'` fallback dropped, set
  unchanged). + mcp-servers toView header-leak guard, MCP tool namespacing.

collaboration (data-loss area):
- extract computeHistoryJob (pins the "agent delay MUST stay 0" invariant) and
  resolveSource. Integration: onAuthenticate read-only matrix (collab auth
  bypass), HistoryProcessor (contributor restore on save failure), onStoreDocument
  Approach-A boundary snapshot (human revision pinned before agent overwrite).

Reviewed (APPROVE WITH SUGGESTIONS): extractions behaviour-preserving, security
tests mutation-resistant.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-21 19:10:27 +03:00

63 lines
2.5 KiB
TypeScript
Raw Blame History

import { updateAttachmentAttr } from './share.util';
// Pins updateAttachmentAttr — the per-attachment URL rewriter used when serving
// shared page content. Internal attachment paths (/files… and /api/files…) must
// be rewritten to the public form with a scoped jwt appended; anything else
// (external URLs, null) must be left untouched so a public viewer's signed token
// is never attached to a foreign origin. The function only reads/writes
// node.attrs[attr], so a plain object stands in for the real ProseMirror Node.
function fakeNode(attrs: Record<string, any>) {
return { attrs } as any;
}
const JWT = 'TOK';
describe('updateAttachmentAttr', () => {
it('rewrites a /files path to /files/public/ with ?jwt=', () => {
const node = fakeNode({ src: '/files/x.png' });
updateAttachmentAttr(node, 'src', JWT);
expect(node.attrs.src).toBe(`/files/public/x.png?jwt=${JWT}`);
});
it('rewrites an /api/files path (keeps the /api prefix, inserts public)', () => {
const node = fakeNode({ src: '/api/files/y.png' });
updateAttachmentAttr(node, 'src', JWT);
expect(node.attrs.src).toBe(`/api/files/public/y.png?jwt=${JWT}`);
});
it('uses &jwt= when the src already carries a query string', () => {
const node = fakeNode({ src: '/files/x.png?w=100' });
updateAttachmentAttr(node, 'src', JWT);
expect(node.attrs.src).toBe(`/files/public/x.png?w=100&jwt=${JWT}`);
});
it('leaves an external https URL untouched (no token leak to a foreign origin)', () => {
const external = 'https://example.com/x.png';
const node = fakeNode({ src: external });
updateAttachmentAttr(node, 'src', JWT);
expect(node.attrs.src).toBe(external);
});
it('leaves a null src untouched', () => {
const node = fakeNode({ src: null });
updateAttachmentAttr(node, 'src', JWT);
expect(node.attrs.src).toBeNull();
});
it('rewrites the `url` attr variant the same way', () => {
const node = fakeNode({ url: '/files/doc.pdf' });
updateAttachmentAttr(node, 'url', JWT);
expect(node.attrs.url).toBe(`/files/public/doc.pdf?jwt=${JWT}`);
});
it('only touches the requested attr, leaving the other attr alone', () => {
const external = 'https://cdn.example.com/a.png';
const node = fakeNode({ src: '/files/a.png', url: external });
updateAttachmentAttr(node, 'src', JWT);
expect(node.attrs.src).toBe(`/files/public/a.png?jwt=${JWT}`);
// `url` was not requested, so it is unchanged.
expect(node.attrs.url).toBe(external);
});
});
Reference in New Issue View Git Blame Copy Permalink