tests: update tests for Node.js security behavior change

expressjs · Feb 11, 2016 · d4a7bcc · d4a7bcc
1 parent ed25264
commit d4a7bcc
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 41 deletions.
diff --git a/test/json.js b/test/json.js
@@ -67,14 +67,17 @@ describe('bodyParser.json()', function(){
   })
 
   it('should 400 when invalid content-length', function(done){
-    var server = createServer({ limit: '1kb' })
-
-    var test = request(server).post('/')
-    test.set('Content-Type', 'application/json')
-    test.set('Content-Length', '20')
-    test.set('Transfer-Encoding', 'chunked')
-    test.write('{"str":')
-    test.expect(400, /content length/, done)
+    var jsonParser = bodyParser.json()
+    var server = createServer(function (req, res, next) {
+      req.headers['content-length'] = '20' // bad length
+      jsonParser(req, res, next)
+    })
+
+    request(server)
+    .post('/')
+    .set('Content-Type', 'application/json')
+    .send('{"str":')
+    .expect(400, /content length/, done)
   })
 
   it('should handle duplicated middleware', function (done) {
@@ -473,16 +476,6 @@ describe('bodyParser.json()', function(){
       test.expect(200, '{"name":"论"}', done)
     })
 
-    it('should check content-length correctly', function(done){
-      var test = request(server).post('/')
-      test.set('Content-Encoding', 'gzip')
-      test.set('Content-Length', '49')
-      test.set('Content-Type', 'application/json')
-      test.set('Transfer-Encoding', 'chunked')
-      test.write(new Buffer('1f8b080000000000000bab56ca4bcc4d55b2527ab16e97522d00515be1cc0e000000', 'hex'))
-      test.expect(200, '{"name":"论"}', done)
-    })
-
     it('should 415 on unknown encoding', function(done){
       var test = request(server).post('/')
       test.set('Content-Encoding', 'nulls')

diff --git a/test/raw.js b/test/raw.js
@@ -20,14 +20,17 @@ describe('bodyParser.raw()', function(){
   })
 
   it('should 400 when invalid content-length', function(done){
-    var server = createServer({ limit: '1kb' })
-
-    var test = request(server).post('/')
-    test.set('Content-Type', 'application/octet-stream')
-    test.set('Content-Length', '20')
-    test.set('Transfer-Encoding', 'chunked')
-    test.write('stuff')
-    test.expect(400, /content length/, done)
+    var rawParser = bodyParser.raw()
+    var server = createServer(function (req, res, next) {
+      req.headers['content-length'] = '20' // bad length
+      rawParser(req, res, next)
+    })
+
+    request(server)
+    .post('/')
+    .set('Content-Type', 'application/octet-stream')
+    .send('stuff')
+    .expect(400, /content length/, done)
   })
 
   it('should handle Content-Length: 0', function(done){

diff --git a/test/text.js b/test/text.js
@@ -20,14 +20,17 @@ describe('bodyParser.text()', function(){
   })
 
   it('should 400 when invalid content-length', function(done){
-    var server = createServer({ limit: '1kb' })
+    var textParser = bodyParser.text()
+    var server = createServer(function (req, res, next) {
+      req.headers['content-length'] = '20' // bad length
+      textParser(req, res, next)
+    })
 
-    var test = request(server).post('/')
-    test.set('Content-Type', 'text/plain')
-    test.set('Content-Length', '20')
-    test.set('Transfer-Encoding', 'chunked')
-    test.write('user')
-    test.expect(400, /content length/, done)
+    request(server)
+    .post('/')
+    .set('Content-Type', 'text/plain')
+    .send('user')
+    .expect(400, /content length/, done)
   })
 
   it('should handle Content-Length: 0', function(done){

diff --git a/test/urlencoded.js b/test/urlencoded.js
@@ -20,14 +20,17 @@ describe('bodyParser.urlencoded()', function(){
   })
 
   it('should 400 when invalid content-length', function(done){
-    var server = createServer({ limit: '1kb' })
+    var urlencodedParser = bodyParser.urlencoded()
+    var server = createServer(function (req, res, next) {
+      req.headers['content-length'] = '20' // bad length
+      urlencodedParser(req, res, next)
+    })
 
-    var test = request(server).post('/')
-    test.set('Content-Type', 'application/x-www-form-urlencoded')
-    test.set('Content-Length', '20')
-    test.set('Transfer-Encoding', 'chunked')
-    test.write('str=')
-    test.expect(400, /content length/, done)
+    request(server)
+    .post('/')
+    .set('Content-Type', 'application/x-www-form-urlencoded')
+    .send('str=')
+    .expect(400, /content length/, done)
   })
 
   it('should handle Content-Length: 0', function(done){
@@ -651,7 +654,9 @@ function createManyParams(count) {
 }
 
 function createServer(opts){
-  var _bodyParser = bodyParser.urlencoded(opts)
+  var _bodyParser = typeof opts !== 'function'
+    ? bodyParser.urlencoded(opts)
+    : opts
 
   return http.createServer(function(req, res){
     _bodyParser(req, res, function(err){