hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

ActivityPubController: Use valid signatures in Host header test

Browse source
This commit is contained in:
Phantasm 2026-05-13 12:10:10 +02:00
commit 4810d2536e
No known key found for this signature in database
GPG key ID: 2669E588BCC634C8
1 changed files with 8 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

15
test/pleroma/web/activity_pub/activity_pub_controller_test.exs
View file

@ -974,16 +974,17 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubControllerTest do
}
}
expect_signature_retry_from(alice)
conn = %{conn | req_headers: [{"host", "invalid.example.com"}]}
# Plug will complain when replacing raw host header with put_req_header.
# The Plug way is updating conn.host, but that isn't the raw header
# and that isn't used in the EnsureHostMatchesPlug, because it doesn't include the port.
conn =
conn
|> assign(:valid_signature, false)
|> assign_valid_signature_for_actor(alice)
|> delete_req_header("host")
|> put_req_header("content-type", "application/activity+json")
|> put_req_header("signature", "keyId=\"https://one.com/users/alice#main-key\"")
|> post("/inbox", data)
conn = %{conn | req_headers: conn.req_headers ++ [{"host", "invalid.example.com"}]}
conn = post(conn, "/inbox", data)
assert "Host header does not match this instance" == conn.resp_body
assert 400 == conn.status