File tree Expand file tree Collapse file tree 1 file changed +27
-0
lines changed Expand file tree Collapse file tree 1 file changed +27
-0
lines changed Original file line number Diff line number Diff line change @@ -44,3 +44,30 @@ fn blocked_traffic_doesnt_panic_if_checked_header_is_not_present() {
4444 let resp = anon. run :: < ( ) > ( req) ;
4545 resp. assert_status ( 302 ) ;
4646}
47+
48+ #[ test]
49+ fn block_traffic_via_arbitrary_header_and_value ( ) {
50+ let ( app, anon, user) = TestApp :: init ( )
51+ . with_config ( |config| {
52+ config. blocked_traffic = vec ! [ ( "User-Agent" . into( ) , vec![ "1" . into( ) , "2" . into( ) ] ) ] ;
53+ } )
54+ . with_user ( ) ;
55+
56+ app. db ( |conn| {
57+ CrateBuilder :: new ( "dl_no_ua" , user. as_model ( ) . id ) . expect_build ( conn) ;
58+ } ) ;
59+
60+ let mut req = anon. request_builder ( Method :: Get , "/api/v1/crates/dl_no_ua/0.99.0/download" ) ;
61+ // A request with a header value we want to block isn't allowed
62+ req. header ( "User-Agent" , "1" ) ;
63+ req. header ( "X-Request-Id" , "abcd" ) ; // Needed for the error message we generate
64+ let resp = anon. run :: < ( ) > ( req) ;
65+ resp. assert_status ( 403 ) ;
66+
67+ let mut req = anon. request_builder ( Method :: Get , "/api/v1/crates/dl_no_ua/0.99.0/download" ) ;
68+ // A request with a header value we don't want to block is allowed, even though there might
69+ // be a substring match
70+ req. header ( "User-Agent" , "1value-must-match-exactly-this-is-allowed" ) ;
71+ let resp = anon. run :: < ( ) > ( req) ;
72+ resp. assert_status ( 302 ) ;
73+ }
You can’t perform that action at this time.
0 commit comments