Skip to content

Commit

Permalink
add more tests and trim http scheme
Browse files Browse the repository at this point in the history
  • Loading branch information
dduzgun-security committed Jan 13, 2025
1 parent 168f391 commit d7564df
Show file tree
Hide file tree
Showing 4 changed files with 93 additions and 4 deletions.
4 changes: 3 additions & 1 deletion detect_gcs.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,9 @@ func (d *GCSDetector) Detect(src, _ string) (string, bool, error) {
}

if strings.HasSuffix(parsedURL.Host, ".googleapis.com") {
return d.detectHTTP(strings.ReplaceAll(src, "https://", ""))
src = strings.TrimPrefix(src, "https://")
src = strings.TrimPrefix(src, "http://")
return d.detectHTTP(src)
}

return "", false, nil
Expand Down
22 changes: 20 additions & 2 deletions detect_gcs_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,21 +60,39 @@ func TestGCSDetector_MalformedDetectHTTP(t *testing.T) {
"",
"gcs::https://www.googleapis.com/storage/v1/my-bucket/foo/bar",
},
{
"valid url with https scheme",
"https://www.googleapis.com/storage/v1/my-bucket/foo/bar",
"",
"gcs::https://www.googleapis.com/storage/v1/my-bucket/foo/bar",
},
{
"valid url with http scheme",
"http://www.googleapis.com/storage/v1/my-bucket/foo/bar",
"",
"gcs::https://www.googleapis.com/storage/v1/my-bucket/foo/bar",
},
{
"empty url",
"",
"",
"",
},
{
"not valid url length",
"not valid url",
"storage/v1/my-bucket/foo/bar",
"error parsing GCS URL",
"",
},
{
"not valid url domain",
"www.googleapis.com.invalid/storage/v1/",
"URL is not a valid GCS URL",
"",
},
{
"not valid url length",
"www.invalid.com/storage/v1",
"http://www.googleapis.com/storage",
"URL is not a valid GCS URL",
"",
},
Expand Down
4 changes: 3 additions & 1 deletion detect_s3.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,9 @@ func (d *S3Detector) Detect(src, _ string) (string, bool, error) {
}

if strings.HasSuffix(parsedURL.Host, ".amazonaws.com") {
return d.detectHTTP(strings.ReplaceAll(src, "https://", ""))
src = strings.TrimPrefix(src, "https://")
src = strings.TrimPrefix(src, "http://")
return d.detectHTTP(src)
}

return "", false, nil
Expand Down
67 changes: 67 additions & 0 deletions detect_s3_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -90,3 +90,70 @@ func TestS3Detector(t *testing.T) {
}
}
}

func TestS3Detector_MalformedDetectHTTP(t *testing.T) {
cases := []struct {
Name string
Input string
Expected string
Output string
}{
{
"valid url",
"s3.amazonaws.com/bucket/foo/bar",
"",
"s3::https://s3.amazonaws.com/bucket/foo/bar",
},
{
"valid url with https scheme",
"https://s3.amazonaws.com/bucket/foo/bar",
"",
"s3::https://s3.amazonaws.com/bucket/foo/bar",
},
{
"valid url with http scheme",
"http://s3.amazonaws.com/bucket/foo/bar",
"",
"s3::https://s3.amazonaws.com/bucket/foo/bar",
},
{
"empty url",
"",
"",
"",
},
{
"not valid url",
"bucket/foo/bar",
"error parsing S3 URL",
"",
},
{
"not valid url domain",
"s3.amazonaws.com.invalid/bucket/foo/bar",
"error parsing S3 URL",
"",
},
{
"not valid url lenght",
"http://s3.amazonaws.com",
"URL is not a valid S3 URL",
"",
},
}

pwd := "/pwd"
f := new(S3Detector)
for _, tc := range cases {
output, _, err := f.Detect(tc.Input, pwd)
if err != nil {
if err.Error() != tc.Expected {
t.Fatalf("expected error %s, got %s for %s", tc.Expected, err.Error(), tc.Name)
}
}

if output != tc.Output {
t.Fatalf("expected %s, got %s for %s", tc.Output, output, tc.Name)
}
}
}

0 comments on commit d7564df

Please sign in to comment.