Skip to content

Commit 6eafd6e

Browse files
sheharyarnsheharyarn
committed
Add basic tests
1 parent 3c15b0e commit 6eafd6e

File tree

2 files changed

+44
-6
lines changed

2 files changed

+44
-6
lines changed

lib/safeurl.ex

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ defmodule SafeURL do
6464
If the URL is safe, this function returns the `HTTPoison` result directly; otherwise, `{:error, :restricted}`.
6565
"""
6666
def get(url, options \\ [], headers \\ [], httpoison_options \\ []) do
67-
if validate_url(url, options) do
67+
if allowed?(url, options) do
6868
HTTPoison.get(url, headers, httpoison_options)
6969
else
7070
{:error, :restricted}
@@ -78,7 +78,7 @@ defmodule SafeURL do
7878
7979
Returns `true` if the URL meets the requirements, `false` otherwise.
8080
"""
81-
def validate_url(url, options \\ []) do
81+
def allowed?(url, options \\ []) do
8282
blacklist_private = Keyword.get(options, :blacklist_private, true)
8383
blacklist = Keyword.get(options, :blacklist, [])
8484
whitelist = Keyword.get(options, :whitelist, [])

test/safeurl_test.exs

Lines changed: 42 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,46 @@
1-
defmodule SafeurlTest do
1+
defmodule SafeURLTest do
22
use ExUnit.Case
3-
doctest Safeurl
43

5-
test "greets the world" do
6-
assert Safeurl.hello() == :world
4+
# setup_all do
5+
# global_whitelist = ["10.0.0.0/24"]
6+
# global_blacklist = ["8.8.0.0/16"]
7+
8+
# Application.put_env(:safeurl, :whitelist, global_whitelist)
9+
# end
10+
11+
describe "#allowed?" do
12+
test "returns true for only allowed schemes" do
13+
assert SafeURL.allowed?("http://includesecurity.com")
14+
assert SafeURL.allowed?("https://includesecurity.com")
15+
refute SafeURL.allowed?("ftp://includesecurity.com")
16+
17+
assert SafeURL.allowed?("ftp://includesecurity.com", schemes: ~w[ftp])
18+
refute SafeURL.allowed?("http://includesecurity.com", schemes: ~w[ftp])
19+
end
20+
21+
test "returns false for reserved ranges" do
22+
refute SafeURL.allowed?("http://0.0.0.0/")
23+
refute SafeURL.allowed?("http://10.0.0.1/")
24+
refute SafeURL.allowed?("http://127.0.0.1/")
25+
refute SafeURL.allowed?("http://169.254.9.1/")
26+
refute SafeURL.allowed?("http://192.168.1.1/")
27+
end
28+
29+
test "allows blacklisting custom IP ranges" do
30+
opts = [blacklist: ["5.5.0.0/16", "100.0.0.0/24"]]
31+
32+
assert SafeURL.allowed?("http://includesecurity.com", opts)
33+
assert SafeURL.allowed?("http://3.3.3.3", opts)
34+
refute SafeURL.allowed?("http://5.5.5.5", opts)
35+
refute SafeURL.allowed?("http://100.0.0.50", opts)
36+
end
37+
38+
test "only allows whitelist when present" do
39+
opts = [whitelist: ["10.0.0.0/24"]]
40+
41+
assert SafeURL.allowed?("http://10.0.0.1/", opts)
42+
refute SafeURL.allowed?("http://72.254.45.178", opts)
43+
refute SafeURL.allowed?("https://includesecurity.com", opts)
44+
end
745
end
846
end

0 commit comments

Comments
 (0)