tests: add a test to verify the general fake direction protection works in all cases

This commit is contained in:
William Pitcock 2018-11-17 20:31:20 +00:00
parent dc1d8e13b4
commit 55640c4804
3 changed files with 28 additions and 0 deletions

View file

@ -0,0 +1,13 @@
{
"@context": "https://www.w3.org/ns/activitystreams",
"attributedTo": "http://mastodon.example.org/users/admin",
"attachment": [],
"content": "<p>this post was not actually written by Haelwenn</p>",
"id": "http://mastodon.example.org/users/admin/activities/1234",
"published": "2018-09-01T22:15:00Z",
"tag": [],
"to": [
"https://www.w3.org/ns/activitystreams#Public"
],
"type": "Note"
}

View file

@ -56,6 +56,14 @@ def get("https://info.pleroma.site/activity3.json", _, _) do
}}
end
def get("https://info.pleroma.site/activity4.json", _, _) do
{:ok,
%Response{
status_code: 200,
body: File.read!("test/fixtures/httpoison_mock/https__info.pleroma.site_activity4.json")
}}
end
def get("https://info.pleroma.site/actor.json", _, _) do
{:ok,
%Response{

View file

@ -967,5 +967,12 @@ test "users cannot be collided through fake direction spoofing attempts" do
{:error, _} = User.get_or_fetch_by_ap_id("https://n1u.moe/users/rye")
end
test "all objects with fake directions are rejected by the object fetcher" do
{:error, _} =
ActivityPub.fetch_and_contain_remote_object_from_id(
"https://info.pleroma.site/activity4.json"
)
end
end
end