Sync DNS2 production changes - removed obsolete test suite and refactored structure
This commit is contained in:
Krystie
@@ -26,7 +26,7 @@ const colors = {
|
||||
red: '\x1b[31m',
|
||||
yellow: '\x1b[33m',
|
||||
blue: '\x1b[34m',
|
||||
cyan: '\x1b[36m',
|
||||
cyan: '\x1b[36m'
|
||||
};
|
||||
|
||||
function log(message, color = 'reset') {
|
||||
@@ -56,7 +56,7 @@ async function makeRequest(path, options = {}) {
|
||||
path: url.pathname + url.search,
|
||||
method: options.method || 'GET',
|
||||
headers: options.headers || {},
|
||||
...options,
|
||||
...options
|
||||
};
|
||||
|
||||
const req = client.request(requestOptions, (res) => {
|
||||
@@ -67,7 +67,7 @@ async function makeRequest(path, options = {}) {
|
||||
statusCode: res.statusCode,
|
||||
headers: res.headers,
|
||||
body: data,
|
||||
data: data ? (data.startsWith('{') || data.startsWith('[') ? JSON.parse(data) : data) : null,
|
||||
data: data ? (data.startsWith('{') || data.startsWith('[') ? JSON.parse(data) : data) : null
|
||||
});
|
||||
});
|
||||
});
|
||||
@@ -90,7 +90,7 @@ async function testPathTraversal() {
|
||||
{ path: '/api/browse/directories?path=../../../../../../etc/passwd', desc: 'Unix path traversal' },
|
||||
{ path: '/api/browse/directories?path=..\\..\\..\\Windows\\System32', desc: 'Windows path traversal' },
|
||||
{ path: '/api/browse/directories?path=%2e%2e%2f%2e%2e%2fetc%2fpasswd', desc: 'URL-encoded traversal' },
|
||||
{ path: '/api/browse/directories?path=/allowed/media/../../../secrets', desc: 'Mixed path traversal' },
|
||||
{ path: '/api/browse/directories?path=/allowed/media/../../../secrets', desc: 'Mixed path traversal' }
|
||||
];
|
||||
|
||||
for (const attack of attacks) {
|
||||
@@ -117,7 +117,7 @@ async function testRequestSizeLimits() {
|
||||
const response = await makeRequest('/api/services', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify(smallPayload),
|
||||
body: JSON.stringify(smallPayload)
|
||||
});
|
||||
logResult(true, 'Small payload accepted (100 bytes)');
|
||||
} catch (error) {
|
||||
@@ -130,7 +130,7 @@ async function testRequestSizeLimits() {
|
||||
const response = await makeRequest('/api/services', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify(largePayload),
|
||||
body: JSON.stringify(largePayload)
|
||||
});
|
||||
if (response.statusCode === 413 || response.statusCode === 400) {
|
||||
logResult(true, 'Large payload rejected on general endpoint (2MB)');
|
||||
@@ -151,7 +151,7 @@ async function testRequestSizeLimits() {
|
||||
const response = await makeRequest('/api/logo', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify({ logo: largeImage }),
|
||||
body: JSON.stringify({ logo: largeImage })
|
||||
});
|
||||
if (response.statusCode !== 413) {
|
||||
logResult(true, 'Large payload accepted on logo endpoint (5MB)');
|
||||
|
||||
Reference in New Issue
Block a user