vultr/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-01 21:00:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

test: fix bluebubbles attachment ssrf expectations

Browse Source
This commit is contained in:
Tak Hoffman
2026-03-26 07:25:14 -05:00
parent 6fbe9dd935
commit b529d13477
1 changed files with 17 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
extensions/bluebubbles/src/attachments.test.ts
View File

@@ -288,7 +288,7 @@ describe("downloadBlueBubblesAttachment", () => {
expect(fetchMediaArgs.ssrfPolicy).toEqual({ allowPrivateNetwork: true });
});
it("auto-allowlists serverUrl hostname when allowPrivateNetwork is not set", async () => {
it("auto-enables private-network fetches for loopback serverUrl when allowPrivateNetwork is not set", async () => {
mockSuccessfulAttachmentDownload();
const attachment: BlueBubblesAttachment = { guid: "att-no-ssrf" };
@@ -298,10 +298,10 @@ describe("downloadBlueBubblesAttachment", () => {
});
const fetchMediaArgs = fetchRemoteMediaMock.mock.calls[0][0] as Record<string, unknown>;
expect(fetchMediaArgs.ssrfPolicy).toEqual({ allowedHostnames: ["localhost"] });
expect(fetchMediaArgs.ssrfPolicy).toEqual({ allowPrivateNetwork: true });
});
it("auto-allowlists private IP serverUrl hostname when allowPrivateNetwork is not set", async () => {
it("auto-enables private-network fetches for private IP serverUrl when allowPrivateNetwork is not set", async () => {
mockSuccessfulAttachmentDownload();
const attachment: BlueBubblesAttachment = { guid: "att-private-ip" };
@@ -311,7 +311,20 @@ describe("downloadBlueBubblesAttachment", () => {
});
const fetchMediaArgs = fetchRemoteMediaMock.mock.calls[0][0] as Record<string, unknown>;
expect(fetchMediaArgs.ssrfPolicy).toEqual({ allowedHostnames: ["192.168.1.5"] });
expect(fetchMediaArgs.ssrfPolicy).toEqual({ allowPrivateNetwork: true });
});
it("allowlists public serverUrl hostname when allowPrivateNetwork is not set", async () => {
mockSuccessfulAttachmentDownload();
const attachment: BlueBubblesAttachment = { guid: "att-public-host" };
await downloadBlueBubblesAttachment(attachment, {
serverUrl: "https://bluebubbles.example.com:1234",
password: "test",
});
const fetchMediaArgs = fetchRemoteMediaMock.mock.calls[0][0] as Record<string, unknown>;
expect(fetchMediaArgs.ssrfPolicy).toEqual({ allowedHostnames: ["bluebubbles.example.com"] });
});
});