Commit 55640c48 authored by kaniini's avatar kaniini
Browse files

tests: add a test to verify the general fake direction protection works in all cases

parent dc1d8e13
Pipeline #4544 passed with stages
in 7 minutes and 35 seconds
{
"@context": "https://www.w3.org/ns/activitystreams",
"attributedTo": "http://mastodon.example.org/users/admin",
"attachment": [],
"content": "<p>this post was not actually written by Haelwenn</p>",
"id": "http://mastodon.example.org/users/admin/activities/1234",
"published": "2018-09-01T22:15:00Z",
"tag": [],
"to": [
"https://www.w3.org/ns/activitystreams#Public"
],
"type": "Note"
}
......@@ -56,6 +56,14 @@ def get("https://info.pleroma.site/activity3.json", _, _) do
}}
end
def get("https://info.pleroma.site/activity4.json", _, _) do
{:ok,
%Response{
status_code: 200,
body: File.read!("test/fixtures/httpoison_mock/https__info.pleroma.site_activity4.json")
}}
end
def get("https://info.pleroma.site/actor.json", _, _) do
{:ok,
%Response{
......
......@@ -967,5 +967,12 @@ test "users cannot be collided through fake direction spoofing attempts" do
{:error, _} = User.get_or_fetch_by_ap_id("https://n1u.moe/users/rye")
end
test "all objects with fake directions are rejected by the object fetcher" do
{:error, _} =
ActivityPub.fetch_and_contain_remote_object_from_id(
"https://info.pleroma.site/activity4.json"
)
end
end
end
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment