Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
it('honors expressSettings', () => {
const app = new Application();
const server = new TestRestServer(app, {
expressSettings: {
'x-powered-by': false,
env: 'production',
},
});
const expressApp = server.expressApp;
expect(expressApp.get('x-powered-by')).to.equal(false);
expect(expressApp.get('env')).to.equal('production');
// `extended` is the default setting by Express
expect(expressApp.get('query parser')).to.equal('extended');
expect(expressApp.get('not set')).to.equal(undefined);
});
it('honors "x-forwarded-host" headers', async () => {
const app = new Application();
app.component(RestComponent);
const server = await app.getServer(RestServer);
const response = await createClientForHandler(server.requestHandler)
.get('/explorer')
.set('x-forwarded-proto', 'http')
.set('x-forwarded-host', 'example.com:8080,my.example.com:9080');
await server.get(RestBindings.PORT);
const expectedUrl = new RegExp(
[
'http://explorer.loopback.io',
'\\?url=http://example.com:8080/openapi.json',
].join(''),
);
expect(response.get('Location')).match(expectedUrl);
});
async function givenAServer(
options: {rest: RestServerConfig} = {rest: {port: 0}},
) {
options.rest = givenHttpServerConfig(options.rest);
const app = new Application(options);
app.component(RestComponent);
return app.getServer(RestServer);
}
function givenRequestContext() {
app = new Application();
reqCtx = new Context(app);
reqCtx
.bind(SecurityBindings.USER)
.to({[securityId]: 'user-01', name: 'user-01'});
controller = new OrderController();
}
function givenApplication() {
return new Application();
}
});
function givenApplication() {
return new Application();
}
});
@inject(CoreBindings.APPLICATION_CONFIG)
config?: RestComponentConfig,
) {
super(application, config);
}
}
class CustomLogger implements Provider {
value() {
return (err: Error, statusCode: number, request: Request) => {
lastLog = `${request.url} ${statusCode} ${err.message}`;
};
}
}
const app = new Application();
app.component(CustomRestComponent);
const server = await app.getServer(RestServer);
const logError = await server.get(SequenceActions.LOG_ERROR);
const expressContext = stubExpressContext({url: '/'});
logError(new Error('test-error'), 400, expressContext.request);
expect(lastLog).to.equal('/ 400 test-error');
});
});
function givenApplicationAndAuthorizer() {
app = new Application();
app.component(AuthorizationComponent);
app.bind('casbin.enforcer').toDynamicValue(createEnforcer);
app
.bind('authorizationProviders.casbin-provider')
.toProvider(CasbinAuthorizationProvider)
.tag(AuthorizationTags.AUTHORIZER);
}