\/snow%20%E2%98%83\/<\/a>, done)
+ .expect(301, />Redirecting to \/snow%20%E2%98%83\/, done)
})
it('should respond with default Content-Security-Policy', function (done) {
@@ -524,7 +524,7 @@ describe('serveStatic()', function () {
describe('when false', function () {
var server
before(function () {
- server = createServer(fixtures, { 'redirect': false })
+ server = createServer(fixtures, { redirect: false })
})
it('should disable redirect', function (done) {
@@ -537,13 +537,15 @@ describe('serveStatic()', function () {
describe('setHeaders', function () {
it('should reject non-functions', function () {
- assert.throws(serveStatic.bind(null, fixtures, { 'setHeaders': 3 }), /setHeaders.*function/)
+ assert.throws(serveStatic.bind(null, fixtures, { setHeaders: 3 }), /setHeaders.*function/)
})
it('should get called when sending file', function (done) {
- var server = createServer(fixtures, { 'setHeaders': function (res) {
- res.setHeader('x-custom', 'set')
- } })
+ var server = createServer(fixtures, {
+ setHeaders: function (res) {
+ res.setHeader('x-custom', 'set')
+ }
+ })
request(server)
.get('/nums.txt')
@@ -552,9 +554,11 @@ describe('serveStatic()', function () {
})
it('should not get called on 404', function (done) {
- var server = createServer(fixtures, { 'setHeaders': function (res) {
- res.setHeader('x-custom', 'set')
- } })
+ var server = createServer(fixtures, {
+ setHeaders: function (res) {
+ res.setHeader('x-custom', 'set')
+ }
+ })
request(server)
.get('/bogus')
@@ -563,9 +567,11 @@ describe('serveStatic()', function () {
})
it('should not get called on redirect', function (done) {
- var server = createServer(fixtures, { 'setHeaders': function (res) {
- res.setHeader('x-custom', 'set')
- } })
+ var server = createServer(fixtures, {
+ setHeaders: function (res) {
+ res.setHeader('x-custom', 'set')
+ }
+ })
request(server)
.get('/users')
@@ -574,9 +580,28 @@ describe('serveStatic()', function () {
})
})
+ describe('when non-existent root path', function () {
+ var server
+ before(function () {
+ server = createServer(fixtures + '/does_not_exist')
+ })
+
+ it('should 404 for any file', function (done) {
+ request(server)
+ .get('/todo.txt')
+ .expect(404, done)
+ })
+
+ it('should not allow traversal', function (done) {
+ request(server)
+ .get('/../todo.txt')
+ .expect(404, done)
+ })
+ })
+
describe('when traversing past root', function () {
before(function () {
- this.server = createServer(fixtures, { 'fallthrough': false })
+ this.server = createServer(fixtures, { fallthrough: false })
})
it('should catch urlencoded ../', function (done) {
@@ -787,7 +812,7 @@ describe('serveStatic()', function () {
describe('when index file serving disabled', function () {
var server
before(function () {
- server = createServer(fixtures, { 'index': false }, function (req) {
+ server = createServer(fixtures, { index: false }, function (req) {
// mimic express/connect mount
req.originalUrl = req.url
req.url = '/' + req.url.split('/').slice(2).join('/')
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy