Commit Graph

48 Commits

Author SHA1 Message Date
Joe Previte c505fc45a8
feat: add escapeHtml function
This can be used to escape any special characters in a string with HTML before
sending from the server back to the client. This is important to prevent a
cross-site scripting attack.
2021-07-01 10:43:36 -07:00
Joe Previte 7f12fab3ca
fix(isHashMatch): check that hash starts with $
Previously, we used argon2 to verify the hash with the password.

If the hash didn't start with a $, then it would enter the catch block.

Now we check the hash before trying to verify it and we also throw an Error if
the verify fails.

This makes the isHashMatch function more robust.
2021-06-30 15:00:21 -07:00
Asher 49c44818d9
Move onLine to utilities
This way it can be used by the tests when spawning code-server on a
random port to look for the address.
2021-06-29 12:04:31 -05:00
Asher add55ecd62
Import utils as a group in tests
This should simplify testing new utils a bit.
2021-06-29 12:03:38 -05:00
Joe Previte 02b9489489
refactor: add func getNlsConfiguration & tests
This PR refactors part of vscode.ts and adds a function to get the NLS
Configuration.

This makes the code more readable and easier to test.

And it adds multiple tests for this part of the codebase.
2021-06-23 13:42:06 -07:00
Joe Previte 1e55a648a5
feat: check for empty str in isHashMatch 2021-06-08 15:10:59 -07:00
Joe Previte 3b50bfc17d
fix: sanitize password and cookie key 2021-06-08 14:33:17 -07:00
Joe Previte 8c2bb61af9
refactor: parse options with multiple = in cli
There was a case with the hashed-password which had multiple equal signs in the
value and it wasn't being parsed correctly. This uses a new function and adds a
few tests.
2021-06-08 14:33:17 -07:00
Joe Previte 531b7c0c25
feat: add splitOnFirstEquals function 2021-06-08 14:33:16 -07:00
Joe Previte 517aaf71c5
docs: update FAQ with new hashing instructions 2021-06-08 14:33:16 -07:00
Joe Previte 6020480b30
feat: add isCookieValid function and tests 2021-06-08 14:33:16 -07:00
Joe Previte a14ea39c4a
feat: add handlePasswordValidation + tests 2021-06-08 14:33:15 -07:00
Joe Previte 7ff4117531
feat: add getPasswordMethod & test for it 2021-06-08 14:33:15 -07:00
Joe Previte ffa5c16e51
feat: update cli and test for hashed-password 2021-06-08 14:33:15 -07:00
Joe Previte fd3cb6cfa0
refactor: update unit tests for hash fns
Since the hash and isHashMatch are now async, I had to update the tests
accordingly. Now everything is working.
2021-06-08 14:33:13 -07:00
Joe Previte fc3326f1f2
feat: add tests using real hashes 2021-06-08 14:33:12 -07:00
Joe Previte aaf044728f
refactor: add functions to check hash password 2021-06-08 14:33:12 -07:00
Joe Previte f35120c0a3
feat: add unit test for hash function 2021-06-08 14:33:12 -07:00
Joe Previte 46fe77d464
chore: update CHANGELOG 2021-05-13 12:10:22 -07:00
Joe Previte 2a657ab930
feat: add tests for getEnvPaths 2021-05-13 12:10:21 -07:00
Akash Satheesan adc9b57080
chore: reformat with new prettier 2021-05-12 01:14:04 +05:30
Asher e8443e2602
Fix helpers not working in e2e tests
It errors that jest is not defined so put it behind a function instead
of immediately creating the mock (this is probably a better pattern
anyway).

The constant tests had to be reworked a little. Since the logger mock is
hoisted it runs before createLoggerMock is imported. I moved it into a
beforeAll which means the require call also needed to be moved
there (since we need to mock the logger before requiring the constants
or it'll pull the non-mocked logger).

This means getPackageJson needs to be a let and assigned afterward. To
avoid having to define a type for getPackageJson I just added a let var
set to the type of the imported constants file and modified the other
areas to use the same paradigm.

I also replaced some hardcoded strings with the mocked package.json
object.
2021-05-06 15:01:35 -05:00
Asher 4925e97080
Add static route tests 2021-05-06 14:27:11 -05:00
Asher 52cf2fcf29
Move tmpdir test helper to test helpers file 2021-05-06 14:25:50 -05:00
Asher 0e4672f6b9
Move health route tests to routes directory 2021-05-06 14:25:49 -05:00
Joe Previte cb5ab48d48
fix: coveragePathIgnorePatterns to /out
We were accidentally ignoring `node/routes` because we had "out"
instead of "/out" in `coveragePathIgnorePatterns` which caused
us to not collect coverage for those files. Now we do.
2021-05-06 11:53:17 -07:00
Joe Previte 027106a5e1
feat(testing): add test for constants "version" and commit 2021-05-05 15:34:48 -07:00
Asher a882be5748
Refactor integration tests to use main entry point 2021-05-05 12:24:41 -05:00
Asher 083400b50a
Add flag to enable permessage-deflate 2021-05-05 12:24:34 -05:00
Asher 8b2c78c4a4
Re-enable update tests 2021-05-04 13:29:42 -05:00
Asher 10babb4a0c
Replace console with logger in sw register 2021-05-04 13:29:41 -05:00
Asher a48ac5080b
Share common util code with VS Code
This lets us re-use the normalized base path so when we expire/clear the
cookie we use the same base path.
2021-05-04 13:29:40 -05:00
Joe Previte d07317ad01
docs: add maintaining.md with workflow 2021-04-28 11:25:25 -07:00
Joe Previte 07d682392e
Merge pull request #3169 from cdr/jsjoeio/add-terminal-e2e-test
feat(testing): add e2e tests for code-server and terminal
2021-04-26 15:16:06 -07:00
Joe Previte 83746c8a1f
refactor: remove null check in register.ts options.base
Inside registerServiceWorker, we were originally using the nullash coalescing
operator to check if options.base was null or undefined. However, I realized
this check is not necessary.

If you look at getOptions' return value, we return an object with a key "base"
which is of type "string". We get that value by calling resolveBase which always
returns a string.

As a result, we didn't need to check if options.base was null or undefined
because it never can be.
2021-04-23 17:09:03 -07:00
Joe Previte 7bfdd13cb3
refactor: tmpdir and add to test utils 2021-04-23 16:40:39 -07:00
Joe Previte 6f2709bcaa
feat: add tests for registerServiceWorker 2021-04-23 16:31:56 -07:00
Joe Previte cb65590b98
refactor: move tmpdir into src/node/constants 2021-04-23 14:35:32 -07:00
Joe Previte a3f18d6158
refactor: change limiter.Try() to .removeToken() 2021-04-19 10:57:50 -07:00
Joe Previte 7928dc2bff
feat: add test for limiter.canTry() 2021-04-19 10:41:00 -07:00
Joe Previte 58e17c5e50
feat(testing): add tests for RateLimiter 2021-04-19 10:40:58 -07:00
Joe Previte fd69f2db88
refactor: logout test 2021-04-06 15:46:57 -07:00
Joe Previte 071c8e15fc
Merge branch 'main' into jsjoeio/upgrade-vscode-1.54 2021-03-17 13:51:27 -07:00
Joe Previte d3df963d39
Merge branch 'main' into jsjoeio/upgrade-vscode-1.54 2021-03-16 14:42:51 -07:00
Asher 964ebe8d0a
Replace fs-extra with fs.promises
Remove the Mac directory copy instead of refactoring it since we've had
this for a long time now and I think it's safe to assume that users
running code-server on Mac don't have the old directory anymore.
2021-03-16 12:51:08 -05:00
Asher f33402c503
Remove extra awaits from tests 2021-03-15 15:34:44 -05:00
Joe Previte 7e23575978
chore: update code-server path in tsconfig 2021-03-12 12:00:57 -07:00
Joe Previte 3f7104bb4e
refactor: move unit tests to test/unit 2021-03-12 12:00:56 -07:00