maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

[chrome/csrf] polish up some tests

Browse source
This commit is contained in:
spalger 2015-11-09 23:28:27 -06:00
parent 5cdeae5fb4
commit b4517cbe5c
3 changed files with 38 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
src/ui/public/chrome/api/__tests__/xsrf.js
View file

@ -5,7 +5,7 @@ import ngMock from 'ngMock';
import xsrfChromeApi from '../xsrf';
const xsrfHeader = 'kbn-xsrf-header';
const xsrfHeader = 'kbn-xsrf-token';
const xsrfToken = 'xsrfToken';
describe('chrome xsrf apis', function () {
@ -39,13 +39,8 @@ describe('chrome xsrf apis', function () {
it('can be canceled by setting the kbnXsrfToken option', function () {
const setHeader = stub();
prefilter({}, {}, { setRequestHeader: setHeader });
expect(setHeader.callCount).to.be(1);
expect(setHeader.args[0]).to.eql([
xsrfHeader,
xsrfToken
]);
prefilter({ kbnXsrfToken: false }, {}, { setRequestHeader: setHeader });
expect(setHeader.callCount).to.be(0);
});
});
@ -58,7 +53,7 @@ describe('chrome xsrf apis', function () {
stub($, 'ajaxPrefilter');
const chrome = {};
xsrfChromeApi(chrome, { xsrfToken });
ngMock.module(chrome.$setupCsrfRequestInterceptor);
ngMock.module(chrome.$setupXsrfRequestInterceptor);
});
beforeEach(ngMock.inject(function ($injector) {
@ -84,24 +79,42 @@ describe('chrome xsrf apis', function () {
$httpBackend.flush();
});
it('skips requests with the kbnCsrfToken set falsey', function () {
it('skips requests with the kbnXsrfToken set falsey', function () {
$httpBackend.expectPOST('/api/test', undefined, function (headers) {
return !(xsrfHeader in headers);
}).respond(200, '');
$http.post({
$http({
method: 'POST',
url: '/api/test',
xsrfHeader: 0
kbnXsrfToken: 0
});
$http.post({
$http({
method: 'POST',
url: '/api/test',
xsrfHeader: ''
kbnXsrfToken: ''
});
$http.post({
$http({
method: 'POST',
url: '/api/test',
xsrfHeader: false
kbnXsrfToken: false
});
$httpBackend.flush();
});
it('accepts alternate tokens to use', function () {
const customToken = `custom:${xsrfToken}`;
$httpBackend.expectPOST('/api/test', undefined, function (headers) {
return headers[xsrfHeader] === customToken;
}).respond(200, '');
$http({
method: 'POST',
url: '/api/test',
kbnXsrfToken: customToken
});
$httpBackend.flush();

2
src/ui/public/chrome/api/angular.js vendored
View file

@ -24,7 +24,7 @@ module.exports = function (chrome, internals) {
a.href = '/elasticsearch';
return a.href;
}()))
.config(chrome.$setupCsrfRequestInterceptor)
.config(chrome.$setupXsrfRequestInterceptor)
.directive('kbnChrome', function ($rootScope) {
return {
template: function ($el) {

15
src/ui/public/chrome/api/xsrf.js
View file

@ -7,20 +7,21 @@ export default function (chrome, internals) {
return internals.xsrfToken;
};
$.ajaxPrefilter(function ({ kbnCsrfToken = internals.xsrfToken }, originalOptions, jqXHR) {
if (kbnCsrfToken) {
jqXHR.setRequestHeader('kbn-xsrf-token', kbnCsrfToken);
$.ajaxPrefilter(function ({ kbnXsrfToken = internals.xsrfToken }, originalOptions, jqXHR) {
if (kbnXsrfToken) {
jqXHR.setRequestHeader('kbn-xsrf-token', kbnXsrfToken);
}
});
chrome.$setupCsrfRequestInterceptor = function ($httpProvider) {
chrome.$setupXsrfRequestInterceptor = function ($httpProvider) {
$httpProvider.interceptors.push(function () {
return {
request: function (opts) {
const { kbnCsrfToken = internals.xsrfToken } = opts;
if (kbnCsrfToken) {
return set(opts, ['headers', 'kbn-xsrf-token'], kbnCsrfToken);
const { kbnXsrfToken = internals.xsrfToken } = opts;
if (kbnXsrfToken) {
set(opts, ['headers', 'kbn-xsrf-token'], kbnXsrfToken);
}
return opts;
}
};
});