Update cors plugin tests

tests/core/cors/Dockerfile.init

@@ -0,0 +1,10 @@
+FROM alpine
+
+WORKDIR /opt/init
+
+COPY entrypoint.sh .
+
+RUN apk add --no-cache bash && \
+  chmod +x entrypoint.sh
+
+ENTRYPOINT [ "./entrypoint.sh" ]

tests/core/cors/docker-compose.init.yml

@@ -0,0 +1,9 @@
+version: "3.5"
+
+services:
+  init:
+    build:
+      context: .
+      dockerfile: Dockerfile.init
+    volumes:
+      - ./www:/www

tests/core/cors/docker-compose.test.yml

@@ -15,6 +15,7 @@ services:
       CORS_ALLOW_HEADERS: "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range"
     extra_hosts:
       - "www.example.com:192.168.0.2"
+      - "app1.example.com:192.168.0.2"
     networks:
       bw-services:
         ipv4_address: 192.168.0.3

tests/core/cors/docker-compose.yml

@@ -7,17 +7,20 @@ services:
     labels:
       - "bunkerweb.INSTANCE"
     volumes:
-      - ./index.html:/var/www/html/index.html
+      - ./www:/var/www/html
     environment:
+      SERVER_NAME: "www.example.com app1.example.com"
       API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
+      MULTISITE: "yes"
       HTTP_PORT: "80"
       HTTPS_PORT: "443"
       USE_BUNKERNET: "no"
       USE_BLACKLIST: "no"
+      REMOTE_PHP: "app1"
+      REMOTE_PHP_PATH: "/app"
       LOG_LEVEL: "info"
       GENERATE_SELF_SIGNED_SSL: "no"
       ALLOWED_METHODS: "GET|POST|HEAD|OPTIONS"
-      CUSTOM_CONF_SEVER_HTTP_main: "location /options { default_type 'text/plain'; content_by_lua_block { if ngx.var.request_method == \"OPTIONS\" then ngx.say(\"Hello, world!\") end } }"
 
       # ? CORS settings
       USE_CORS: "no"
@@ -54,6 +57,14 @@ services:
     networks:
       - bw-docker
 
+  app1:
+    image: php:fpm
+    volumes:
+      - ./www/app1.example.com:/app
+    networks:
+      bw-services:
+        ipv4_address: 192.168.0.4
+
 networks:
   bw-universe:
     name: bw-universe

tests/core/cors/entrypoint.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+if [ $(id -u) -ne 0 ] ; then
+	echo "❌ Run me as root"
+	exit 1
+fi
+
+chown -R 33:101 /www
+find /www -type f -exec chmod 0655 {} \;
+find /www -type d -exec chmod 0755 {} \;

tests/core/cors/main.py

@@ -64,7 +64,7 @@ try:
         f"http{'s' if ssl else ''}://www.example.com",
         headers={
             "Host": "www.example.com",
-            "Origin": f"http{'s' if ssl else ''}://bwadm.example.com",
+            "Origin": f"http{'s' if ssl else ''}://app1.example.com",
         },
         verify=False,
     )
@@ -121,7 +121,7 @@ try:
         f"http{'s' if ssl else ''}://www.example.com/options",
         headers={
             "Host": "www.example.com",
-            "Origin": f"http{'s' if ssl else ''}://bwadm.example.com",
+            "Origin": f"http{'s' if ssl else ''}://app1.example.com",
         },
         verify=False,
     )
@@ -186,7 +186,6 @@ try:
 
     if any(
         [
-            cors_allow_origin != "*",
             cors_expose_headers != "Content-Length,Content-Range",
             cors_max_age != "86400",
             cors_allow_credentials == "true",
@@ -207,6 +206,11 @@ try:
         driver.delete_all_cookies()
         driver.maximize_window()
 
+        print("ℹ️ Navigating to http://app1.example.com ...", flush=True)
+        driver.get(f"http{'s' if ssl else ''}://app1.example.com")
+
+        sleep(1.5)
+
         print(
             f"ℹ️ Sending a javascript request to http{'s' if ssl else ''}://www.example.com ...",
             flush=True,

tests/core/cors/test.sh

@@ -3,7 +3,7 @@
 echo "🛰️ Building cors stack ..."
 
 # Starting stack
-docker compose pull bw-docker
+docker compose pull bw-docker app1
 if [ $? -ne 0 ] ; then
     echo "🛰️ Pull failed ❌"
     exit 1
@@ -47,17 +47,30 @@ cleanup_stack () {
 # Cleanup stack on exit
 trap cleanup_stack EXIT
 
-for test in "deactivated" "activated" "tweaked_settings"
+echo "🛰️ Initializing workspace ..."
+docker compose -f docker-compose.init.yml up --build
+if [ $? -ne 0 ] ; then
+    echo "🛰️ Build failed ❌"
+    exit 1
+elif [[ $(stat -L -c "%a %g %u" www/app1.example.com/index.php) != "655 101 33" ]] ; then
+    echo "🛰️ Init failed, permissions are not correct ❌"
+    exit 1
+fi
+
+for test in "deactivated" "activated" "allow_origin" "tweaked_settings"
 do
     if [ "$test" = "deactivated" ] ; then
         echo "🛰️ Running tests without cors ..."
     elif [ "$test" = "activated" ] ; then
         echo "🛰️ Running tests with cors ..."
         find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_CORS: "no"@USE_CORS: "yes"@' {} \;
+    elif [ "$test" = "allow_origin" ] ; then
+        echo "🛰️ Running tests with a specific origin allowed only ..."
+        find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_ALLOW_ORIGIN: "\*"@CORS_ALLOW_ORIGIN: "^http://app1\\\\.example\\\\.com$$"@' {} \;
     elif [ "$test" = "tweaked_settings" ] ; then
         echo "🛰️ Running tests with tweaked cors settings ..."
         find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "no"@GENERATE_SELF_SIGNED_SSL: "yes"@' {} \;
-        find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_ALLOW_ORIGIN: "\*"@CORS_ALLOW_ORIGIN: "^https://bwadm\\\\.example\\\\.com$$"@' {} \;
+        find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_ALLOW_ORIGIN: ".*"$@CORS_ALLOW_ORIGIN: "^https://app1\\\\.example\\\\.com$$"@' {} \;
         find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_EXPOSE_HEADERS: "Content-Length,Content-Range"@CORS_EXPOSE_HEADERS: "X-Test"@' {} \;
         find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_MAX_AGE: "86400"@CORS_MAX_AGE: "3600"@' {} \;
         find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_ALLOW_CREDENTIALS: "no"@CORS_ALLOW_CREDENTIALS: "yes"@' {} \;

tests/core/cors/www/app1.example.com/index.php

@@ -0,0 +1,3 @@
+<?php
+echo "Hello from app1 !";
+?>