OSSForks/express
1
0
Fork 0
mirror of https://github.com/zebrajr/express.git synced 2025-12-06 12:19:51 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
1b2e097be2
express/test/res.sendFile.js
Hashen 1b2e097be2 tests: fix typo in description 
closes #4882
2022-04-07 19:20:41 -04:00

1412 lines
36 KiB
JavaScript
Raw Blame History

'use strict'
var after = require('after');
var asyncHooks = tryRequire('async_hooks')
var Buffer = require('safe-buffer').Buffer
var express = require('../')
, request = require('supertest')
, assert = require('assert');
var onFinished = require('on-finished');
var path = require('path');
var fixtures = path.join(__dirname, 'fixtures');
var utils = require('./support/utils');
var describeAsyncHooks = typeof asyncHooks.AsyncLocalStorage === 'function'
? describe
: describe.skip
describe('res', function(){
describe('.sendFile(path)', function () {
it('should error missing path', function (done) {
var app = createApp();
request(app)
.get('/')
.expect(500, /path.*required/, done);
});
it('should error for non-string path', function (done) {
var app = createApp(42)
request(app)
.get('/')
.expect(500, /TypeError: path must be a string to res.sendFile/, done)
})
it('should error for non-absolute path', function (done) {
var app = createApp('name.txt')
request(app)
.get('/')
.expect(500, /TypeError: path must be absolute/, done)
})
it('should transfer a file', function (done) {
var app = createApp(path.resolve(fixtures, 'name.txt'));
request(app)
.get('/')
.expect(200, 'tobi', done);
});
it('should transfer a file with special characters in string', function (done) {
var app = createApp(path.resolve(fixtures, '% of dogs.txt'));
request(app)
.get('/')
.expect(200, '20%', done);
});
it('should include ETag', function (done) {
var app = createApp(path.resolve(fixtures, 'name.txt'));
request(app)
.get('/')
.expect('ETag', /^(?:W\/)?"[^"]+"$/)
.expect(200, 'tobi', done);
});
it('should 304 when ETag matches', function (done) {
var app = createApp(path.resolve(fixtures, 'name.txt'));
request(app)
.get('/')
.expect('ETag', /^(?:W\/)?"[^"]+"$/)
.expect(200, 'tobi', function (err, res) {
if (err) return done(err);
var etag = res.headers.etag;
request(app)
.get('/')
.set('If-None-Match', etag)
.expect(304, done);
});
});
it('should 404 for directory', function (done) {
var app = createApp(path.resolve(fixtures, 'blog'));
request(app)
.get('/')
.expect(404, done);
});
it('should 404 when not found', function (done) {
var app = createApp(path.resolve(fixtures, 'does-no-exist'));
app.use(function (req, res) {
res.statusCode = 200;
res.send('no!');
});
request(app)
.get('/')
.expect(404, done);
});
it('should send cache-control by default', function (done) {
var app = createApp(path.resolve(__dirname, 'fixtures/name.txt'))
request(app)
.get('/')
.expect('Cache-Control', 'public, max-age=0')
.expect(200, done)
})
it('should not serve dotfiles by default', function (done) {
var app = createApp(path.resolve(__dirname, 'fixtures/.name'))
request(app)
.get('/')
.expect(404, done)
})
it('should not override manual content-types', function (done) {
var app = express();
app.use(function (req, res) {
res.contentType('application/x-bogus');
res.sendFile(path.resolve(fixtures, 'name.txt'));
});
request(app)
.get('/')
.expect('Content-Type', 'application/x-bogus')
.end(done);
})
it('should not error if the client aborts', function (done) {
var app = express();
var cb = after(2, done)
var error = null
app.use(function (req, res) {
setImmediate(function () {
res.sendFile(path.resolve(fixtures, 'name.txt'));
setTimeout(function () {
cb(error)
}, 10)
})
test.req.abort()
});
app.use(function (err, req, res, next) {
error = err
next(err)
});
var server = app.listen()
var test = request(server).get('/')
test.end(function (err) {
assert.ok(err)
server.close(cb)
})
})
})
describe('.sendFile(path, fn)', function () {
it('should invoke the callback when complete', function (done) {
var cb = after(2, done);
var app = createApp(path.resolve(fixtures, 'name.txt'), cb);
request(app)
.get('/')
.expect(200, cb);
})
it('should invoke the callback when client aborts', function (done) {
var cb = after(2, done)
var app = express();
app.use(function (req, res) {
setImmediate(function () {
res.sendFile(path.resolve(fixtures, 'name.txt'), function (err) {
assert.ok(err)
assert.strictEqual(err.code, 'ECONNABORTED')
cb()
});
});
test.req.abort()
});
var server = app.listen()
var test = request(server).get('/')
test.end(function (err) {
assert.ok(err)
server.close(cb)
})
})
it('should invoke the callback when client already aborted', function (done) {
var cb = after(2, done)
var app = express();
app.use(function (req, res) {
onFinished(res, function () {
res.sendFile(path.resolve(fixtures, 'name.txt'), function (err) {
assert.ok(err)
assert.strictEqual(err.code, 'ECONNABORTED')
cb()
});
});
test.req.abort()
});
var server = app.listen()
var test = request(server).get('/')
test.end(function (err) {
assert.ok(err)
server.close(cb)
})
})
it('should invoke the callback without error when HEAD', function (done) {
var app = express();
var cb = after(2, done);
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'name.txt'), cb);
});
request(app)
.head('/')
.expect(200, cb);
});
it('should invoke the callback without error when 304', function (done) {
var app = express();
var cb = after(3, done);
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'name.txt'), cb);
});
request(app)
.get('/')
.expect('ETag', /^(?:W\/)?"[^"]+"$/)
.expect(200, 'tobi', function (err, res) {
if (err) return cb(err);
var etag = res.headers.etag;
request(app)
.get('/')
.set('If-None-Match', etag)
.expect(304, cb);
});
});
it('should invoke the callback on 404', function(done){
var app = express();
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'does-not-exist'), function (err) {
res.send(err ? 'got ' + err.status + ' error' : 'no error')
});
});
request(app)
.get('/')
.expect(200, 'got 404 error', done)
})
describeAsyncHooks('async local storage', function () {
it('should presist store', function (done) {
var app = express()
var cb = after(2, done)
var store = { foo: 'bar' }
app.use(function (req, res, next) {
req.asyncLocalStorage = new asyncHooks.AsyncLocalStorage()
req.asyncLocalStorage.run(store, next)
})
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'name.txt'), function (err) {
if (err) return cb(err)
var local = req.asyncLocalStorage.getStore()
assert.strictEqual(local.foo, 'bar')
cb()
})
})
request(app)
.get('/')
.expect('Content-Type', 'text/plain; charset=UTF-8')
.expect(200, 'tobi', cb)
})
it('should presist store on error', function (done) {
var app = express()
var store = { foo: 'bar' }
app.use(function (req, res, next) {
req.asyncLocalStorage = new asyncHooks.AsyncLocalStorage()
req.asyncLocalStorage.run(store, next)
})
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'does-not-exist'), function (err) {
var local = req.asyncLocalStorage.getStore()
if (local) {
res.setHeader('x-store-foo', String(local.foo))
}
res.send(err ? 'got ' + err.status + ' error' : 'no error')
})
})
request(app)
.get('/')
.expect(200)
.expect('x-store-foo', 'bar')
.expect('got 404 error')
.end(done)
})
})
})
describe('.sendFile(path, options)', function () {
it('should pass options to send module', function (done) {
request(createApp(path.resolve(fixtures, 'name.txt'), { start: 0, end: 1 }))
.get('/')
.expect(200, 'to', done)
})
describe('with "acceptRanges" option', function () {
describe('when true', function () {
it('should advertise byte range accepted', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'nums.txt'), {
acceptRanges: true
})
})
request(app)
.get('/')
.expect(200)
.expect('Accept-Ranges', 'bytes')
.expect('123456789')
.end(done)
})
it('should respond to range request', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'nums.txt'), {
acceptRanges: true
})
})
request(app)
.get('/')
.set('Range', 'bytes=0-4')
.expect(206, '12345', done)
})
})
describe('when false', function () {
it('should not advertise accept-ranges', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'nums.txt'), {
acceptRanges: false
})
})
request(app)
.get('/')
.expect(200)
.expect(utils.shouldNotHaveHeader('Accept-Ranges'))
.end(done)
})
it('should not honor range requests', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'nums.txt'), {
acceptRanges: false
})
})
request(app)
.get('/')
.set('Range', 'bytes=0-4')
.expect(200, '123456789', done)
})
})
})
describe('with "cacheControl" option', function () {
describe('when true', function () {
it('should send cache-control header', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
cacheControl: true
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=0')
.end(done)
})
})
describe('when false', function () {
it('should not send cache-control header', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
cacheControl: false
})
})
request(app)
.get('/')
.expect(200)
.expect(utils.shouldNotHaveHeader('Cache-Control'))
.end(done)
})
})
})
describe('with "dotfiles" option', function () {
describe('when "allow"', function () {
it('should allow dotfiles', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, '.name'), {
dotfiles: 'allow'
})
})
request(app)
.get('/')
.expect(200)
.expect(utils.shouldHaveBody(Buffer.from('tobi')))
.end(done)
})
})
describe('when "deny"', function () {
it('should deny dotfiles', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, '.name'), {
dotfiles: 'deny'
})
})
request(app)
.get('/')
.expect(403)
.expect(/Forbidden/)
.end(done)
})
})
describe('when "ignore"', function () {
it('should ignore dotfiles', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, '.name'), {
dotfiles: 'ignore'
})
})
request(app)
.get('/')
.expect(404)
.expect(/Not Found/)
.end(done)
})
})
})
describe('with "headers" option', function () {
it('should set headers on response', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
headers: {
'X-Foo': 'Bar',
'X-Bar': 'Foo'
}
})
})
request(app)
.get('/')
.expect(200)
.expect('X-Foo', 'Bar')
.expect('X-Bar', 'Foo')
.end(done)
})
it('should use last header when duplicated', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
headers: {
'X-Foo': 'Bar',
'x-foo': 'bar'
}
})
})
request(app)
.get('/')
.expect(200)
.expect('X-Foo', 'bar')
.end(done)
})
it('should override Content-Type', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
headers: {
'Content-Type': 'text/x-custom'
}
})
})
request(app)
.get('/')
.expect(200)
.expect('Content-Type', 'text/x-custom')
.end(done)
})
it('should not set headers on 404', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'does-not-exist'), {
headers: {
'X-Foo': 'Bar'
}
})
})
request(app)
.get('/')
.expect(404)
.expect(utils.shouldNotHaveHeader('X-Foo'))
.end(done)
})
})
describe('with "immutable" option', function () {
describe('when true', function () {
it('should send cache-control header with immutable', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
immutable: true
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=0, immutable')
.end(done)
})
})
describe('when false', function () {
it('should not send cache-control header with immutable', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
immutable: false
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=0')
.end(done)
})
})
})
describe('with "lastModified" option', function () {
describe('when true', function () {
it('should send last-modified header', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
lastModified: true
})
})
request(app)
.get('/')
.expect(200)
.expect(utils.shouldHaveHeader('Last-Modified'))
.end(done)
})
it('should conditionally respond with if-modified-since', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
lastModified: true
})
})
request(app)
.get('/')
.set('If-Modified-Since', (new Date(Date.now() + 99999).toUTCString()))
.expect(304, done)
})
})
describe('when false', function () {
it('should not have last-modified header', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
lastModified: false
})
})
request(app)
.get('/')
.expect(200)
.expect(utils.shouldNotHaveHeader('Last-Modified'))
.end(done)
})
it('should not honor if-modified-since', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
lastModified: false
})
})
request(app)
.get('/')
.set('If-Modified-Since', (new Date(Date.now() + 99999).toUTCString()))
.expect(200)
.expect(utils.shouldNotHaveHeader('Last-Modified'))
.end(done)
})
})
})
describe('with "maxAge" option', function () {
it('should set cache-control max-age to milliseconds', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
maxAge: 20000
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=20')
.end(done)
})
it('should cap cache-control max-age to 1 year', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
maxAge: 99999999999
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=31536000')
.end(done)
})
it('should min cache-control max-age to 0', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
maxAge: -20000
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=0')
.end(done)
})
it('should floor cache-control max-age', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
maxAge: 21911.23
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=21')
.end(done)
})
describe('when cacheControl: false', function () {
it('should not send cache-control', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
cacheControl: false,
maxAge: 20000
})
})
request(app)
.get('/')
.expect(200)
.expect(utils.shouldNotHaveHeader('Cache-Control'))
.end(done)
})
})
describe('when string', function () {
it('should accept plain number as milliseconds', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
maxAge: '20000'
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=20')
.end(done)
})
it('should accept suffix "s" for seconds', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
maxAge: '20s'
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=20')
.end(done)
})
it('should accept suffix "m" for minutes', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
maxAge: '20m'
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=1200')
.end(done)
})
it('should accept suffix "d" for days', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile(path.resolve(fixtures, 'user.html'), {
maxAge: '20d'
})
})
request(app)
.get('/')
.expect(200)
.expect('Cache-Control', 'public, max-age=1728000')
.end(done)
})
})
})
describe('with "root" option', function () {
it('should allow relative path', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile('name.txt', {
root: fixtures
})
})
request(app)
.get('/')
.expect(200, 'tobi', done)
})
it('should allow up within root', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile('fake/../name.txt', {
root: fixtures
})
})
request(app)
.get('/')
.expect(200, 'tobi', done)
})
it('should reject up outside root', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile('..' + path.sep + path.relative(path.dirname(fixtures), path.join(fixtures, 'name.txt')), {
root: fixtures
})
})
request(app)
.get('/')
.expect(403, done)
})
it('should reject reading outside root', function (done) {
var app = express()
app.use(function (req, res) {
res.sendFile('../name.txt', {
root: fixtures
})
})
request(app)
.get('/')
.expect(403, done)
})
})
})
describe('.sendfile(path, fn)', function(){
it('should invoke the callback when complete', function(done){
var app = express();
var cb = after(2, done);
app.use(function(req, res){
res.sendfile('test/fixtures/user.html', cb)
});
request(app)
.get('/')
.expect(200, cb);
})
it('should utilize the same options as express.static()', function(done){
var app = express();
app.use(function(req, res){
res.sendfile('test/fixtures/user.html', { maxAge: 60000 });
});
request(app)
.get('/')
.expect('Cache-Control', 'public, max-age=60')
.end(done);
})
it('should invoke the callback when client aborts', function (done) {
var cb = after(2, done)
var app = express();
app.use(function (req, res) {
setImmediate(function () {
res.sendfile('test/fixtures/name.txt', function (err) {
assert.ok(err)
assert.strictEqual(err.code, 'ECONNABORTED')
cb()
});
});
test.req.abort()
});
var server = app.listen()
var test = request(server).get('/')
test.end(function (err) {
assert.ok(err)
server.close(cb)
})
})
it('should invoke the callback when client already aborted', function (done) {
var cb = after(2, done)
var app = express();
app.use(function (req, res) {
onFinished(res, function () {
res.sendfile('test/fixtures/name.txt', function (err) {
assert.ok(err)
assert.strictEqual(err.code, 'ECONNABORTED')
cb()
});
});
test.req.abort()
});
var server = app.listen()
var test = request(server).get('/')
test.end(function (err) {
assert.ok(err)
server.close(cb)
})
})
it('should invoke the callback without error when HEAD', function (done) {
var app = express();
var cb = after(2, done);
app.use(function (req, res) {
res.sendfile('test/fixtures/name.txt', cb);
});
request(app)
.head('/')
.expect(200, cb);
});
it('should invoke the callback without error when 304', function (done) {
var app = express();
var cb = after(3, done);
app.use(function (req, res) {
res.sendfile('test/fixtures/name.txt', cb);
});
request(app)
.get('/')
.expect('ETag', /^(?:W\/)?"[^"]+"$/)
.expect(200, 'tobi', function (err, res) {
if (err) return cb(err);
var etag = res.headers.etag;
request(app)
.get('/')
.set('If-None-Match', etag)
.expect(304, cb);
});
});
it('should invoke the callback on 404', function(done){
var app = express();
var calls = 0;
app.use(function(req, res){
res.sendfile('test/fixtures/nope.html', function(err){
assert.equal(calls++, 0);
assert(!res.headersSent);
res.send(err.message);
});
});
request(app)
.get('/')
.expect(200, /^ENOENT.*?, stat/, done);
})
it('should not override manual content-types', function(done){
var app = express();
app.use(function(req, res){
res.contentType('txt');
res.sendfile('test/fixtures/user.html');
});
request(app)
.get('/')
.expect('Content-Type', 'text/plain; charset=utf-8')
.end(done);
})
it('should invoke the callback on 403', function(done){
var app = express()
app.use(function(req, res){
res.sendfile('test/fixtures/foo/../user.html', function(err){
assert(!res.headersSent);
res.send(err.message);
});
});
request(app)
.get('/')
.expect('Forbidden')
.expect(200, done);
})
it('should invoke the callback on socket error', function(done){
var app = express()
app.use(function(req, res){
res.sendfile('test/fixtures/user.html', function(err){
assert(!res.headersSent);
assert.strictEqual(req.socket.listeners('error').length, 1) // node's original handler
done();
});
req.socket.emit('error', new Error('broken!'));
});
request(app)
.get('/')
.end(function(){});
})
describeAsyncHooks('async local storage', function () {
it('should presist store', function (done) {
var app = express()
var cb = after(2, done)
var store = { foo: 'bar' }
app.use(function (req, res, next) {
req.asyncLocalStorage = new asyncHooks.AsyncLocalStorage()
req.asyncLocalStorage.run(store, next)
})
app.use(function (req, res) {
res.sendfile('test/fixtures/name.txt', function (err) {
if (err) return cb(err)
var local = req.asyncLocalStorage.getStore()
assert.strictEqual(local.foo, 'bar')
cb()
})
})
request(app)
.get('/')
.expect('Content-Type', 'text/plain; charset=UTF-8')
.expect(200, 'tobi', cb)
})
it('should presist store on error', function (done) {
var app = express()
var store = { foo: 'bar' }
app.use(function (req, res, next) {
req.asyncLocalStorage = new asyncHooks.AsyncLocalStorage()
req.asyncLocalStorage.run(store, next)
})
app.use(function (req, res) {
res.sendfile('test/fixtures/does-not-exist', function (err) {
var local = req.asyncLocalStorage.getStore()
if (local) {
res.setHeader('x-store-foo', String(local.foo))
}
res.send(err ? 'got ' + err.status + ' error' : 'no error')
})
})
request(app)
.get('/')
.expect(200)
.expect('x-store-foo', 'bar')
.expect('got 404 error')
.end(done)
})
})
})
describe('.sendfile(path)', function(){
it('should not serve dotfiles', function(done){
var app = express();
app.use(function(req, res){
res.sendfile('test/fixtures/.name');
});
request(app)
.get('/')
.expect(404, done);
})
it('should accept dotfiles option', function(done){
var app = express();
app.use(function(req, res){
res.sendfile('test/fixtures/.name', { dotfiles: 'allow' });
});
request(app)
.get('/')
.expect(200)
.expect(utils.shouldHaveBody(Buffer.from('tobi')))
.end(done)
})
it('should accept headers option', function(done){
var app = express();
var headers = {
'x-success': 'sent',
'x-other': 'done'
};
app.use(function(req, res){
res.sendfile('test/fixtures/user.html', { headers: headers });
});
request(app)
.get('/')
.expect('x-success', 'sent')
.expect('x-other', 'done')
.expect(200, done);
})
it('should ignore headers option on 404', function(done){
var app = express();
var headers = { 'x-success': 'sent' };
app.use(function(req, res){
res.sendfile('test/fixtures/user.nothing', { headers: headers });
});
request(app)
.get('/')
.expect(utils.shouldNotHaveHeader('X-Success'))
.expect(404, done);
})
it('should transfer a file', function (done) {
var app = express();
app.use(function (req, res) {
res.sendfile('test/fixtures/name.txt');
});
request(app)
.get('/')
.expect(200, 'tobi', done);
});
it('should transfer a directory index file', function (done) {
var app = express();
app.use(function (req, res) {
res.sendfile('test/fixtures/blog/');
});
request(app)
.get('/')
.expect(200, '<b>index</b>', done);
});
it('should 404 for directory without trailing slash', function (done) {
var app = express();
app.use(function (req, res) {
res.sendfile('test/fixtures/blog');
});
request(app)
.get('/')
.expect(404, done);
});
it('should transfer a file with urlencoded name', function (done) {
var app = express();
app.use(function (req, res) {
res.sendfile('test/fixtures/%25%20of%20dogs.txt');
});
request(app)
.get('/')
.expect(200, '20%', done);
});
it('should not error if the client aborts', function (done) {
var app = express();
var cb = after(2, done)
var error = null
app.use(function (req, res) {
setImmediate(function () {
res.sendfile(path.resolve(fixtures, 'name.txt'));
setTimeout(function () {
cb(error)
}, 10)
});
test.req.abort()
});
app.use(function (err, req, res, next) {
error = err
next(err)
});
var server = app.listen()
var test = request(server).get('/')
test.end(function (err) {
assert.ok(err)
server.close(cb)
})
})
describe('with an absolute path', function(){
it('should transfer the file', function(done){
var app = express();
app.use(function(req, res){
res.sendfile(path.join(__dirname, '/fixtures/user.html'))
});
request(app)
.get('/')
.expect('Content-Type', 'text/html; charset=UTF-8')
.expect(200, '<p>{{user.name}}</p>', done);
})
})
describe('with a relative path', function(){
it('should transfer the file', function(done){
var app = express();
app.use(function(req, res){
res.sendfile('test/fixtures/user.html');
});
request(app)
.get('/')
.expect('Content-Type', 'text/html; charset=UTF-8')
.expect(200, '<p>{{user.name}}</p>', done);
})
it('should serve relative to "root"', function(done){
var app = express();
app.use(function(req, res){
res.sendfile('user.html', { root: 'test/fixtures/' });
});
request(app)
.get('/')
.expect('Content-Type', 'text/html; charset=UTF-8')
.expect(200, '<p>{{user.name}}</p>', done);
})
it('should consider ../ malicious when "root" is not set', function(done){
var app = express();
app.use(function(req, res){
res.sendfile('test/fixtures/foo/../user.html');
});
request(app)
.get('/')
.expect(403, done);
})
it('should allow ../ when "root" is set', function(done){
var app = express();
app.use(function(req, res){
res.sendfile('foo/../user.html', { root: 'test/fixtures' });
});
request(app)
.get('/')
.expect(200, done);
})
it('should disallow requesting out of "root"', function(done){
var app = express();
app.use(function(req, res){
res.sendfile('foo/../../user.html', { root: 'test/fixtures' });
});
request(app)
.get('/')
.expect(403, done);
})
it('should next(404) when not found', function(done){
var app = express()
, calls = 0;
app.use(function(req, res){
res.sendfile('user.html');
});
app.use(function(req, res){
assert(0, 'this should not be called');
});
app.use(function(err, req, res, next){
++calls;
next(err);
});
request(app)
.get('/')
.expect(404, function (err) {
if (err) return done(err)
assert.strictEqual(calls, 1)
done()
})
})
describe('with non-GET', function(){
it('should still serve', function(done){
var app = express()
app.use(function(req, res){
res.sendfile(path.join(__dirname, '/fixtures/name.txt'))
});
request(app)
.get('/')
.expect('tobi', done);
})
})
})
})
describe('.sendfile(path, options)', function () {
it('should pass options to send module', function (done) {
var app = express()
app.use(function (req, res) {
res.sendfile(path.resolve(fixtures, 'name.txt'), { start: 0, end: 1 })
})
request(app)
.get('/')
.expect(200, 'to', done)
})
})
})
function createApp(path, options, fn) {
var app = express();
app.use(function (req, res) {
res.sendFile(path, options, fn);
});
return app;
}
function tryRequire (name) {
try {
return require(name)
} catch (e) {
return {}
}
}
Reference in New Issue View Git Blame Copy Permalink