Skip to content

Commit

Permalink
chore: add test for checking interception for relative URL (#243)
Browse files Browse the repository at this point in the history 
* Add test to check if relative URLs get intercepted

* Update changelog

* Remove special case for test

* Remove stray comments

* Add similar tests for fetch and xhr

---------

Co-authored-by: Rishabh Poddar <[email protected]>
  • Loading branch information
@prateek3255 @rishabhpoddar
prateek3255 and rishabhpoddar authored Jan 22, 2024
1 parent f5e6814 commit 416edab
Show file tree
Hide file tree
Showing 4 changed files with 112 additions and 2 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Added a `DateProvider`, that both built-in and custom validators can use instead of `Date.now` to get an estimate of the server clock.
- Added the `dateProvider` prop to the configuration that can be used to customize the built-in `DateProvider`.
- Added `getClockSkewInMillis` as an overrideable function that estimates the time difference between the backend and the client.
- Added a test to check that relative URLs get intercepted correctly

## [17.0.5] - 2024-01-03

Expand Down
34 changes: 34 additions & 0 deletions test/axios.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2003,6 +2003,40 @@ describe("Axios AuthHttpRequest class tests", function () {
await browser.close();
}
});

it("test that relative URLs get intercepted if frontend and backend are on same domain", async function () {
await startST(3);
const browser = await puppeteer.launch({
args: ["--no-sandbox", "--disable-setuid-sandbox"]
});
try {
const page = await browser.newPage();
await page.goto(BASE_URL + "/index.html", { waitUntil: "load" });
await page.addScriptTag({ path: `./bundle/bundle.js`, type: "text/javascript" });
await page.evaluate(async () => {
let BASE_URL = "http://localhost.org:8080";
supertokens.addAxiosInterceptors(axios);
supertokens.init({
apiDomain: BASE_URL
});
let userId = "testing-supertokens-website";
let loginResponse = await axios.post(`/login`, JSON.stringify({ userId }), {
headers: {
Accept: "application/json",
"Content-Type": "application/json"
}
});
let userIdFromResponse = loginResponse.data;
assertEqual(userId, userIdFromResponse);

let checkRidResponse = await axios({ url: `/check-rid`, method: "GET" });

assertEqual(await checkRidResponse.data, "success");
});
} finally {
await browser.close();
}
});
});

function addAxiosInterceptorsTest(axiosInstance) {
Expand Down
36 changes: 36 additions & 0 deletions test/fetch.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2325,4 +2325,40 @@ describe("Fetch AuthHttpRequest class tests", function () {
await browser.close();
}
});

it("test that relative URLs get intercepted if frontend and backend are on same domain", async function () {
await startST(3);
const browser = await puppeteer.launch({
args: ["--no-sandbox", "--disable-setuid-sandbox"]
});
try {
const page = await browser.newPage();
await page.goto(BASE_URL + "/index.html", { waitUntil: "load" });
await page.addScriptTag({ path: `./bundle/bundle.js`, type: "text/javascript" });
await page.evaluate(async () => {
let BASE_URL = "http://localhost.org:8080";
supertokens.init({
apiDomain: BASE_URL
});
let userId = "testing-supertokens-website";

let loginResponse = await fetch(`/login`, {
method: "post",
headers: {
Accept: "application/json",
"Content-Type": "application/json"
},
body: JSON.stringify({ userId })
});

assertEqual(await loginResponse.text(), userId);

let checkRidResponse = await fetch(`/check-rid`);

assertEqual(await checkRidResponse.text(), "success");
});
} finally {
await browser.close();
}
});
});
43 changes: 41 additions & 2 deletions test/xmlhttprequest.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,10 @@ const axios = require("axios");

const puppeteer = require("puppeteer");
const assert = require("assert");
const { BASE_URL, BASE_URL_FOR_ST } = require("./utils.js");
const { BASE_URL, BASE_URL_FOR_ST, startST } = require("./utils.js");
const { spawn } = require("child_process");

describe("Axios AuthHttpRequest class tests header", function () {
describe("XmlHttpRequest tests", function () {
let browser, page;
before(async function () {
spawn(
Expand Down Expand Up @@ -123,4 +123,43 @@ describe("Axios AuthHttpRequest class tests header", function () {
assert.strictEqual(errors.length, 0);
});
});

it("test that relative URLs get intercepted if frontend and backend are on same domain", async function () {
await startST(3);
const browser = await puppeteer.launch({
args: ["--no-sandbox", "--disable-setuid-sandbox"]
});
try {
const page = await browser.newPage();
await page.goto(BASE_URL + "/index.html", { waitUntil: "load" });
await page.addScriptTag({ path: `./bundle/bundle.js`, type: "text/javascript" });
await page.evaluate(async () => {
let BASE_URL = "http://localhost.org:8080";
supertokens.init({
apiDomain: BASE_URL
});
let userId = "testing-supertokens-website";

let loginRequest = new XMLHttpRequest();
loginRequest.open("POST", `/login`);
loginRequest.setRequestHeader("Content-Type", "application/json");
loginRequest.setRequestHeader("Accept", "application/json");
loginRequest.send(JSON.stringify({ userId }));
await new Promise(res => {
loginRequest.onload = res;
});
assertEqual(loginRequest.responseText, userId);

let checkRidRequest = new XMLHttpRequest();
checkRidRequest.open("GET", `/check-rid`);
checkRidRequest.send();
await new Promise(res => {
checkRidRequest.onload = res;
});
assertEqual(checkRidRequest.responseText, "success");
});
} finally {
await browser.close();
}
});
});

0 comments on commit 416edab

Please sign in to comment.