tcjlj/nginx-proxy-manager-zh
1
0
Fork 0
mirror of https://github.com/xiaoxinpro/nginx-proxy-manager-zh.git synced 2025-01-23 05:18:12 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity
351ba8dacd
nginx-proxy-manager-zh/test/cypress/e2e/api/Certificates.cy.js

98 lines
2.8 KiB
JavaScript
Raw Normal View History

Fix CVE-2024-46256 and CVE-2024-46257 - Schema validate against bad domain characters - Integration test for CVE POC examples - Cypress rewrite of plugins for file upload
2024-10-10 21:21:22 -04:00
/// <reference types="Cypress" />
describe('Certificates endpoints', () => {
let token;
More tests for certificates, fixed schema problems
2024-10-14 08:48:36 -04:00
let certID;
Fix CVE-2024-46256 and CVE-2024-46257 - Schema validate against bad domain characters - Integration test for CVE POC examples - Cypress rewrite of plugins for file upload
2024-10-10 21:21:22 -04:00
before(() => {
cy.getToken().then((tok) => {
token = tok;
});
});
it('Validate custom certificate', function() {
cy.task('backendApiPostFiles', {
token: token,
path: '/api/nginx/certificates/validate',
files: {
certificate: 'test.example.com.pem',
certificate_key: 'test.example.com-key.pem',
},
}).then((data) => {
cy.validateSwaggerSchema('post', 200, '/nginx/certificates/validate', data);
expect(data).to.have.property('certificate');
expect(data).to.have.property('certificate_key');
});
});
More tests for certificates, fixed schema problems
2024-10-14 08:48:36 -04:00
it('Custom certificate lifecycle', function() {
cy.task('backendApiPost', {
token: token,
path: '/api/nginx/certificates',
data: {
provider: "other",
nice_name: "Test Certificate",
},
}).then((data) => {
cy.validateSwaggerSchema('post', 201, '/nginx/certificates', data);
expect(data).to.have.property('id');
certID = data.id;
cy.task('backendApiPostFiles', {
token: token,
path: `/api/nginx/certificates/${certID}/upload`,
files: {
certificate: 'test.example.com.pem',
certificate_key: 'test.example.com-key.pem',
},
}).then((data) => {
cy.validateSwaggerSchema('post', 201, '/nginx/certificates/upload', data);
expect(data).to.have.property('certificate');
expect(data).to.have.property('certificate_key');
cy.task('backendApiDelete', {
token: token,
path: `/api/nginx/certificates/${certID}`
}).then((data) => {
cy.validateSwaggerSchema('delete', 200, '/nginx/certificates/{certID}', data);
expect(data).to.be.equal(true);
});
});
});
});
it('Should be able to get all certs', function() {
cy.task('backendApiGet', {
token: token,
path: '/api/nginx/certificates?expand=owner'
}).then((data) => {
cy.validateSwaggerSchema('get', 200, '/nginx/certificates', data);
expect(data.length).to.be.greaterThan(0);
});
});
Fix CVE-2024-46256 and CVE-2024-46257 - Schema validate against bad domain characters - Integration test for CVE POC examples - Cypress rewrite of plugins for file upload
2024-10-10 21:21:22 -04:00
it('Request Certificate - CVE-2024-46256/CVE-2024-46257', function() {
cy.task('backendApiPost', {
token: token,
path: '/api/nginx/certificates',
data: {
domain_names: ['test.com"||echo hello-world||\\\\n test.com"'],
meta: {
dns_challenge: false,
letsencrypt_agree: true,
letsencrypt_email: 'admin@example.com',
},
provider: 'letsencrypt',
},
returnOnError: true,
}).then((data) => {
cy.validateSwaggerSchema('post', 400, '/nginx/certificates', data);
expect(data).to.have.property('error');
expect(data.error).to.have.property('message');
expect(data.error).to.have.property('code');
expect(data.error.code).to.equal(400);
expect(data.error.message).to.contain('data/domain_names/0 must match pattern');
});
});
});
Reference in New Issue Copy Permalink