tests: add a test to verify the general fake direction protection works in all cases
This commit is contained in:
parent
dc1d8e13b4
commit
55640c4804
13
test/fixtures/httpoison_mock/https__info.pleroma.site_activity4.json
vendored
Normal file
13
test/fixtures/httpoison_mock/https__info.pleroma.site_activity4.json
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
"@context": "https://www.w3.org/ns/activitystreams",
|
||||
"attributedTo": "http://mastodon.example.org/users/admin",
|
||||
"attachment": [],
|
||||
"content": "<p>this post was not actually written by Haelwenn</p>",
|
||||
"id": "http://mastodon.example.org/users/admin/activities/1234",
|
||||
"published": "2018-09-01T22:15:00Z",
|
||||
"tag": [],
|
||||
"to": [
|
||||
"https://www.w3.org/ns/activitystreams#Public"
|
||||
],
|
||||
"type": "Note"
|
||||
}
|
|
@ -56,6 +56,14 @@ def get("https://info.pleroma.site/activity3.json", _, _) do
|
|||
}}
|
||||
end
|
||||
|
||||
def get("https://info.pleroma.site/activity4.json", _, _) do
|
||||
{:ok,
|
||||
%Response{
|
||||
status_code: 200,
|
||||
body: File.read!("test/fixtures/httpoison_mock/https__info.pleroma.site_activity4.json")
|
||||
}}
|
||||
end
|
||||
|
||||
def get("https://info.pleroma.site/actor.json", _, _) do
|
||||
{:ok,
|
||||
%Response{
|
||||
|
|
|
@ -967,5 +967,12 @@ test "users cannot be collided through fake direction spoofing attempts" do
|
|||
|
||||
{:error, _} = User.get_or_fetch_by_ap_id("https://n1u.moe/users/rye")
|
||||
end
|
||||
|
||||
test "all objects with fake directions are rejected by the object fetcher" do
|
||||
{:error, _} =
|
||||
ActivityPub.fetch_and_contain_remote_object_from_id(
|
||||
"https://info.pleroma.site/activity4.json"
|
||||
)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue