larvit/plainpages
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Consolidate related unit tests (todo §0): 59 → 42 cases, assertions preserved

Browse Source
This commit is contained in:
Lilleman auf Larv
2026-06-15 10:47:47 +02:00
parent 1fb6f23805
commit 2d43430405
6 changed files with 51 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/app.test.ts
View File

@@ -28,10 +28,15 @@ test("serves the home page as HTML", async () => {
assert.match(await res.text(), /Plainpages/);
});
test("serves static CSS", async () => {
const res = await fetch(base + "/public/css/style.css");
assert.equal(res.status, 200);
assert.match(res.headers.get("content-type") ?? "", /text\/css/);
test("serves a static file: GET sends body + content-type, HEAD sends headers only", async () => {
const get = await fetch(base + "/public/css/style.css");
assert.equal(get.status, 200);
assert.match(get.headers.get("content-type") ?? "", /text\/css/);
const head = await fetch(base + "/public/css/style.css", { method: "HEAD" });
assert.equal(head.status, 200);
assert.ok(Number(head.headers.get("content-length")) > 0);
assert.equal((await head.text()).length, 0);
});
// Production caches compiled templates; rendering must stay correct across repeated requests.
@@ -81,21 +86,9 @@ test("renders the 403 error page as HTML", async () => {
assert.match(html, /style\.css/);
});
test("blocks encoded path traversal out of /public/ with 403", async () => {
const res = await fetch(base + "/public/..%2f..%2fapp.ts");
assert.equal(res.status, 403);
});
test("rejects a control char (NUL) in a static path with 403", async () => {
const res = await fetch(base + "/public/%00");
assert.equal(res.status, 403);
});
test("HEAD on a static file sends headers but no body", async () => {
const res = await fetch(base + "/public/css/style.css", { method: "HEAD" });
assert.equal(res.status, 200);
assert.ok(Number(res.headers.get("content-length")) > 0);
assert.equal((await res.text()).length, 0);
test("rejects unsafe static request paths (encoded traversal, NUL) with 403", async () => {
assert.equal((await fetch(base + "/public/..%2f..%2fapp.ts")).status, 403);
assert.equal((await fetch(base + "/public/%00")).status, 403);
});
test("resolveStaticPath blocks traversal and control chars, allows nested files", () => {