diff options
| author | Javier Peletier <jpeletier@users.noreply.github.com> | 2018-11-07 21:49:42 +0800 |
|---|---|---|
| committer | Anton Evangelatov <anton.evangelatov@gmail.com> | 2018-11-07 21:49:42 +0800 |
| commit | 36ca85fa1c2936087b2c3d976d3576f0f5d2157e (patch) | |
| tree | 8d5e74962ca37461ebca2f7d369c4017c4bff997 /swarm/api/http/server_test.go | |
| parent | b35165555d737042d5f958413827c31a7a5f4805 (diff) | |
| download | dexon-36ca85fa1c2936087b2c3d976d3576f0f5d2157e.tar.gz dexon-36ca85fa1c2936087b2c3d976d3576f0f5d2157e.tar.zst dexon-36ca85fa1c2936087b2c3d976d3576f0f5d2157e.zip | |
swarm/api: Fix #18007, missing signature should return HTTP 400 (#18008)
Diffstat (limited to 'swarm/api/http/server_test.go')
| -rw-r--r-- | swarm/api/http/server_test.go | 34 |
1 files changed, 32 insertions, 2 deletions
diff --git a/swarm/api/http/server_test.go b/swarm/api/http/server_test.go index 1cf7ff577..159c8a159 100644 --- a/swarm/api/http/server_test.go +++ b/swarm/api/http/server_test.go @@ -333,15 +333,45 @@ func TestBzzFeed(t *testing.T) { } urlQuery = testUrl.Query() body = updateRequest.AppendValues(urlQuery) // this adds all query parameters + goodQueryParameters := urlQuery.Encode() // save the query parameters for a second attempt + + // create bad query parameters in which the signature is missing + urlQuery.Del("signature") testUrl.RawQuery = urlQuery.Encode() + // 1st attempt with bad query parameters in which the signature is missing resp, err = http.Post(testUrl.String(), "application/octet-stream", bytes.NewReader(body)) if err != nil { t.Fatal(err) } defer resp.Body.Close() - if resp.StatusCode != http.StatusOK { - t.Fatalf("Update returned %s", resp.Status) + expectedCode := http.StatusBadRequest + if resp.StatusCode != expectedCode { + t.Fatalf("Update returned %s. Expected %d", resp.Status, expectedCode) + } + + // 2nd attempt with bad query parameters in which the signature is of incorrect length + urlQuery.Set("signature", "0xabcd") // should be 130 hex chars + resp, err = http.Post(testUrl.String(), "application/octet-stream", bytes.NewReader(body)) + if err != nil { + t.Fatal(err) + } + defer resp.Body.Close() + expectedCode = http.StatusBadRequest + if resp.StatusCode != expectedCode { + t.Fatalf("Update returned %s. Expected %d", resp.Status, expectedCode) + } + + // 3rd attempt, with good query parameters: + testUrl.RawQuery = goodQueryParameters + resp, err = http.Post(testUrl.String(), "application/octet-stream", bytes.NewReader(body)) + if err != nil { + t.Fatal(err) + } + defer resp.Body.Close() + expectedCode = http.StatusOK + if resp.StatusCode != expectedCode { + t.Fatalf("Update returned %s. Expected %d", resp.Status, expectedCode) } // get latest update through bzz-feed directly |