github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-31 06:58:31 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: 413 for GET, HEAD or DELETE requests with payload.

Browse Source
This commit is contained in:
Guo Xiang Tan
2020-08-03 14:11:17 +08:00
parent 32af607b70
commit 105d560177
2 changed files with 18 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
spec/components/middleware/anonymous_cache_spec.rb
View File

@ -195,6 +195,16 @@ describe Middleware::AnonymousCache do
end
end
context 'invalid request payload' do
it 'returns 413 for GET request with payload' do
status, _, _ = middleware.call(env.tap do |environment|
environment[Rack::RACK_INPUT].write("test")
end)
expect(status).to eq(413)
end
end
context "crawler blocking" do
let :non_crawler do
{