Update cors plugin tests
This commit is contained in:
parent
3b459b0e20
commit
c39dd78aec
|
@ -0,0 +1,10 @@
|
|||
FROM alpine
|
||||
|
||||
WORKDIR /opt/init
|
||||
|
||||
COPY entrypoint.sh .
|
||||
|
||||
RUN apk add --no-cache bash && \
|
||||
chmod +x entrypoint.sh
|
||||
|
||||
ENTRYPOINT [ "./entrypoint.sh" ]
|
|
@ -0,0 +1,9 @@
|
|||
version: "3.5"
|
||||
|
||||
services:
|
||||
init:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile.init
|
||||
volumes:
|
||||
- ./www:/www
|
|
@ -15,6 +15,7 @@ services:
|
|||
CORS_ALLOW_HEADERS: "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range"
|
||||
extra_hosts:
|
||||
- "www.example.com:192.168.0.2"
|
||||
- "app1.example.com:192.168.0.2"
|
||||
networks:
|
||||
bw-services:
|
||||
ipv4_address: 192.168.0.3
|
||||
|
|
|
@ -7,17 +7,20 @@ services:
|
|||
labels:
|
||||
- "bunkerweb.INSTANCE"
|
||||
volumes:
|
||||
- ./index.html:/var/www/html/index.html
|
||||
- ./www:/var/www/html
|
||||
environment:
|
||||
SERVER_NAME: "www.example.com app1.example.com"
|
||||
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
|
||||
MULTISITE: "yes"
|
||||
HTTP_PORT: "80"
|
||||
HTTPS_PORT: "443"
|
||||
USE_BUNKERNET: "no"
|
||||
USE_BLACKLIST: "no"
|
||||
REMOTE_PHP: "app1"
|
||||
REMOTE_PHP_PATH: "/app"
|
||||
LOG_LEVEL: "info"
|
||||
GENERATE_SELF_SIGNED_SSL: "no"
|
||||
ALLOWED_METHODS: "GET|POST|HEAD|OPTIONS"
|
||||
CUSTOM_CONF_SEVER_HTTP_main: "location /options { default_type 'text/plain'; content_by_lua_block { if ngx.var.request_method == \"OPTIONS\" then ngx.say(\"Hello, world!\") end } }"
|
||||
|
||||
# ? CORS settings
|
||||
USE_CORS: "no"
|
||||
|
@ -54,6 +57,14 @@ services:
|
|||
networks:
|
||||
- bw-docker
|
||||
|
||||
app1:
|
||||
image: php:fpm
|
||||
volumes:
|
||||
- ./www/app1.example.com:/app
|
||||
networks:
|
||||
bw-services:
|
||||
ipv4_address: 192.168.0.4
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
name: bw-universe
|
||||
|
|
|
@ -0,0 +1,10 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ $(id -u) -ne 0 ] ; then
|
||||
echo "❌ Run me as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
chown -R 33:101 /www
|
||||
find /www -type f -exec chmod 0655 {} \;
|
||||
find /www -type d -exec chmod 0755 {} \;
|
|
@ -64,7 +64,7 @@ try:
|
|||
f"http{'s' if ssl else ''}://www.example.com",
|
||||
headers={
|
||||
"Host": "www.example.com",
|
||||
"Origin": f"http{'s' if ssl else ''}://bwadm.example.com",
|
||||
"Origin": f"http{'s' if ssl else ''}://app1.example.com",
|
||||
},
|
||||
verify=False,
|
||||
)
|
||||
|
@ -121,7 +121,7 @@ try:
|
|||
f"http{'s' if ssl else ''}://www.example.com/options",
|
||||
headers={
|
||||
"Host": "www.example.com",
|
||||
"Origin": f"http{'s' if ssl else ''}://bwadm.example.com",
|
||||
"Origin": f"http{'s' if ssl else ''}://app1.example.com",
|
||||
},
|
||||
verify=False,
|
||||
)
|
||||
|
@ -186,7 +186,6 @@ try:
|
|||
|
||||
if any(
|
||||
[
|
||||
cors_allow_origin != "*",
|
||||
cors_expose_headers != "Content-Length,Content-Range",
|
||||
cors_max_age != "86400",
|
||||
cors_allow_credentials == "true",
|
||||
|
@ -207,6 +206,11 @@ try:
|
|||
driver.delete_all_cookies()
|
||||
driver.maximize_window()
|
||||
|
||||
print("ℹ️ Navigating to http://app1.example.com ...", flush=True)
|
||||
driver.get(f"http{'s' if ssl else ''}://app1.example.com")
|
||||
|
||||
sleep(1.5)
|
||||
|
||||
print(
|
||||
f"ℹ️ Sending a javascript request to http{'s' if ssl else ''}://www.example.com ...",
|
||||
flush=True,
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
echo "🛰️ Building cors stack ..."
|
||||
|
||||
# Starting stack
|
||||
docker compose pull bw-docker
|
||||
docker compose pull bw-docker app1
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "🛰️ Pull failed ❌"
|
||||
exit 1
|
||||
|
@ -47,17 +47,30 @@ cleanup_stack () {
|
|||
# Cleanup stack on exit
|
||||
trap cleanup_stack EXIT
|
||||
|
||||
for test in "deactivated" "activated" "tweaked_settings"
|
||||
echo "🛰️ Initializing workspace ..."
|
||||
docker compose -f docker-compose.init.yml up --build
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "🛰️ Build failed ❌"
|
||||
exit 1
|
||||
elif [[ $(stat -L -c "%a %g %u" www/app1.example.com/index.php) != "655 101 33" ]] ; then
|
||||
echo "🛰️ Init failed, permissions are not correct ❌"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
for test in "deactivated" "activated" "allow_origin" "tweaked_settings"
|
||||
do
|
||||
if [ "$test" = "deactivated" ] ; then
|
||||
echo "🛰️ Running tests without cors ..."
|
||||
elif [ "$test" = "activated" ] ; then
|
||||
echo "🛰️ Running tests with cors ..."
|
||||
find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_CORS: "no"@USE_CORS: "yes"@' {} \;
|
||||
elif [ "$test" = "allow_origin" ] ; then
|
||||
echo "🛰️ Running tests with a specific origin allowed only ..."
|
||||
find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_ALLOW_ORIGIN: "\*"@CORS_ALLOW_ORIGIN: "^http://app1\\\\.example\\\\.com$$"@' {} \;
|
||||
elif [ "$test" = "tweaked_settings" ] ; then
|
||||
echo "🛰️ Running tests with tweaked cors settings ..."
|
||||
find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "no"@GENERATE_SELF_SIGNED_SSL: "yes"@' {} \;
|
||||
find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_ALLOW_ORIGIN: "\*"@CORS_ALLOW_ORIGIN: "^https://bwadm\\\\.example\\\\.com$$"@' {} \;
|
||||
find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_ALLOW_ORIGIN: ".*"$@CORS_ALLOW_ORIGIN: "^https://app1\\\\.example\\\\.com$$"@' {} \;
|
||||
find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_EXPOSE_HEADERS: "Content-Length,Content-Range"@CORS_EXPOSE_HEADERS: "X-Test"@' {} \;
|
||||
find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_MAX_AGE: "86400"@CORS_MAX_AGE: "3600"@' {} \;
|
||||
find . -type f -name 'docker-compose.*' -exec sed -i 's@CORS_ALLOW_CREDENTIALS: "no"@CORS_ALLOW_CREDENTIALS: "yes"@' {} \;
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
<?php
|
||||
echo "Hello from app1 !";
|
||||
?>
|
Loading…
Reference in New Issue