Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: prevent outbound network requests #113

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 35 additions & 6 deletions .aegir.js
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
import http from 'node:http'
import fs from 'node:fs'

export default {
tsRepo: false,
dependencyCheck: {
Expand All @@ -20,14 +23,40 @@ export default {
}
},
test: {
before: (...args) => {
if (args[0].runner === 'node') {
return {
env: {
NODE_OPTIONS: '--loader=esmock'
}
before: async (...args) => {
// set up a server to serve the fixtures
const server = http.createServer((req, res) => {
const cidString = req.url.replace('/ipfs/', '').split('?')[0]
const mockBlock = fs.readFileSync(`./test/fixtures/${cidString}.raw.bin`, null)

res.writeHead(200, {
'access-control-allow-origin': '*', // allow CORS requests
'Content-Type': 'application/vnd.ipld.raw',
'Content-Length': mockBlock.length
})
res.end(mockBlock)
})
let gwUrl = process.env.IPFS_GATEWAY
if (!gwUrl) {
// no gateway specified, start the server
await new Promise((resolve, _reject) => {
server.listen(0, () => {
gwUrl = `http://localhost:${server.address().port}`
console.log(`server listening at ${gwUrl}`)
resolve()
})
SgtPooki marked this conversation as resolved.
Show resolved Hide resolved
})
}

return {
server,
env: {
IPFS_GATEWAY: gwUrl,
}
}
},
after: (_, before) => {
before.server.close()
}
}
}
8 changes: 7 additions & 1 deletion .eslintrc
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,11 @@
"parserOptions": {
"sourceType": "module",
"allowImportExportEverywhere": true
}
},
"ignorePatterns": [
"**/bin/load-fixtures.sh",
"**/dist/**",
"**/node_modules/**",
"**/test/fixtures/**"
],
}
9 changes: 9 additions & 0 deletions DEVELOPER-NOTES.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# Load fixtures

We need to load a fixture with the following command:

```bash
./bin/load-fixtures.sh bafyreif3tfdpr5n4jdrbielmcapwvbpcthepfkwq2vwonmlhirbjmotedi
```

then, we can do `npm run test:node -- -g 'lookup via HTTP Gateway'` to run a test that will tell us of any subsequent fixtures we need to load, and replace the CID in the above command with the CID that the test hangs on, and repeat.
8 changes: 8 additions & 0 deletions bin/load-fixtures.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#!/usr/bin/env bash

function main() {
local CID="$1"
curl -H "Accept: application/vnd.ipld.raw" "https://ipfs.io/ipfs/$CID?format=raw" > test/fixtures/$CID.raw.bin
}

main "$@"
37 changes: 8 additions & 29 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@
"chai-as-promised": "^7.1.1",
"cross-fetch": "^3.1.5",
"csv-parse": "^5.3.0",
"esmock": "^2.0.6",
"esmock": "^2.6.0",
"gauge": "^4.0.4",
"ip": "^2.0.0",
"it-concat": "^2.0.0",
Expand Down
3 changes: 2 additions & 1 deletion test/.eslintrc
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
{
"rules": {
"no-undef": 0
}
},
"ignorePatterns": ["**/fixtures/**"],
}
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
56 changes: 43 additions & 13 deletions test/lookupMultiple.node.spec.js
Original file line number Diff line number Diff line change
@@ -1,30 +1,60 @@
import { decode as dagCborDecode } from '@ipld/dag-cbor'
import esmock from 'esmock'
import { expect } from 'chai'
import { MAX_LOOKUP_RETRIES } from '../src/constants.js'
import fetch from 'cross-fetch'
import esmock from 'esmock'

describe('[Runner Node]: lookup via HTTP Gateway supporting application/vnd.ipld.raw responses', function () {
const ipfsGW = process?.env?.IPFS_GATEWAY || 'https://ipfs.io'

let rewiredGeoIp
let failedCalls = 0

beforeEach(async () => {
failedCalls = 0
})
afterEach(() => {
rewiredGeoIp = null
})

it('looks up multiple times before failing', async () => {
let decodeCallCount = 0
const rewiredGeoIp = await esmock('../src/index.js', {}, {
'@ipld/dag-cbor': {
decode: (...args) => {
decodeCallCount += 1
if (decodeCallCount === 1) {
throw new Error('Decode Failed')
rewiredGeoIp = await esmock('../src/index.js', {}, {
'cross-fetch': {
default: (gwUrl, options) => {
failedCalls++
throw new Error('mock failure')
}
}
})

try {
await rewiredGeoIp.lookup(ipfsGW, '66.6.44.45') // use a different IP to avoid the cache
// should not reach here
expect.fail('should have thrown')
} catch (err) {
expect(err).to.have.property('message').to.contain('unable to fetch raw block for CID')
} finally {
expect(failedCalls).to.equal(MAX_LOOKUP_RETRIES)
}
})

it('returns successfully if MAX_LOOKUP_RETRIES is not reached', async () => {
rewiredGeoIp = await esmock('../src/index.js', {}, {
'cross-fetch': {
default: (gwUrl, options) => {
if (failedCalls < MAX_LOOKUP_RETRIES - 1) {
failedCalls++
throw new Error('mock failure')
}
return dagCborDecode(...args)
return fetch(gwUrl, options)
}
}
})

const result = await rewiredGeoIp.lookup(ipfsGW, '66.6.44.4')
expect(decodeCallCount).to.be.greaterThan(1)
const result = await rewiredGeoIp.lookup(ipfsGW, '66.6.44.44') // use a different IP to avoid the cache
expect(failedCalls).to.be.greaterThan(1)
expect(
result
).to.be.eql({
formatted: 'Ashburn, VA, USA, Earth',
country_name: 'USA',
country_code: 'US',
region_code: 'VA',
Expand Down