From 0eabdc6aca44f2da41ed553b2dac94d198269834 Mon Sep 17 00:00:00 2001 From: "Kamat, Trivikram" <16024985+trivikr@users.noreply.github.com> Date: Tue, 9 Jul 2024 21:56:07 +0000 Subject: [PATCH 1/3] test(client-s3): dot segment in URI Label --- .../test/unit/dotSegmentInUriLabel.spec.ts | 72 +++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts diff --git a/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts b/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts new file mode 100644 index 000000000000..3456c2674ab7 --- /dev/null +++ b/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts @@ -0,0 +1,72 @@ +/// +import { HttpHandler, HttpRequest, HttpResponse } from "@smithy/protocol-http"; +import { HttpHandlerOptions } from "@smithy/types"; +import { S3 } from "../../src/S3"; +import chai from "chai"; +import chaiAsPromised from "chai-as-promised"; + +chai.use(chaiAsPromised); +const { expect } = chai; + +/** + * Throws an expected exception that contains the serialized request. + */ +class EXPECTED_REQUEST_SERIALIZATION_ERROR extends Error { + constructor(readonly request: HttpRequest) { + super(); + } +} + +class RequestSerializationTestHandler implements HttpHandler { + async handle(request: HttpRequest, options?: HttpHandlerOptions): Promise<{ response: HttpResponse }> { + throw new EXPECTED_REQUEST_SERIALIZATION_ERROR(request); + } + updateHttpClientConfig(key: never, value: never): void {} + httpHandlerConfigs() { + return {}; + } +} + +describe("Dot Segment in URI Label", () => { + it("S3PreservesLeadingDotSegmentInUriLabel", async () => { + const client = new S3({ + requestHandler: new RequestSerializationTestHandler(), + }); + + try { + await client.getObject({ + Bucket: "mybucket", + Key: "../key.txt", + }); + fail("Expected an EXPECTED_REQUEST_SERIALIZATION_ERROR to be thrown"); + } catch (err) { + if (!(err instanceof EXPECTED_REQUEST_SERIALIZATION_ERROR)) { + fail(err); + } + const r = err.request; + expect(r.method).to.eql("GET"); + expect(r.path).to.eql("/../key.txt"); + } + }); + + it("S3PreservesEmbeddedDotSegmentInUriLabel", async () => { + const client = new S3({ + requestHandler: new RequestSerializationTestHandler(), + }); + + try { + await client.getObject({ + Bucket: "mybucket", + Key: "foo/../key.txt", + }); + fail("Expected an EXPECTED_REQUEST_SERIALIZATION_ERROR to be thrown"); + } catch (err) { + if (!(err instanceof EXPECTED_REQUEST_SERIALIZATION_ERROR)) { + fail(err); + } + const r = err.request; + expect(r.method).to.eql("GET"); + expect(r.path).to.eql("/foo/../key.txt"); + } + }); +}); From 14ca1ec4897cfbf7886e711aacf78f72610eac67 Mon Sep 17 00:00:00 2001 From: "Kamat, Trivikram" <16024985+trivikr@users.noreply.github.com> Date: Wed, 10 Jul 2024 16:44:56 +0000 Subject: [PATCH 2/3] chore: rename EXPECTED_REQUEST_SERIALIZATION_ERROR to ExpectedRequestSerializationError --- clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts b/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts index 3456c2674ab7..bd1d1597ed6b 100644 --- a/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts +++ b/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts @@ -11,7 +11,7 @@ const { expect } = chai; /** * Throws an expected exception that contains the serialized request. */ -class EXPECTED_REQUEST_SERIALIZATION_ERROR extends Error { +class ExpectedRequestSerializationError extends Error { constructor(readonly request: HttpRequest) { super(); } @@ -19,7 +19,7 @@ class EXPECTED_REQUEST_SERIALIZATION_ERROR extends Error { class RequestSerializationTestHandler implements HttpHandler { async handle(request: HttpRequest, options?: HttpHandlerOptions): Promise<{ response: HttpResponse }> { - throw new EXPECTED_REQUEST_SERIALIZATION_ERROR(request); + throw new ExpectedRequestSerializationError(request); } updateHttpClientConfig(key: never, value: never): void {} httpHandlerConfigs() { @@ -40,7 +40,7 @@ describe("Dot Segment in URI Label", () => { }); fail("Expected an EXPECTED_REQUEST_SERIALIZATION_ERROR to be thrown"); } catch (err) { - if (!(err instanceof EXPECTED_REQUEST_SERIALIZATION_ERROR)) { + if (!(err instanceof ExpectedRequestSerializationError)) { fail(err); } const r = err.request; @@ -61,7 +61,7 @@ describe("Dot Segment in URI Label", () => { }); fail("Expected an EXPECTED_REQUEST_SERIALIZATION_ERROR to be thrown"); } catch (err) { - if (!(err instanceof EXPECTED_REQUEST_SERIALIZATION_ERROR)) { + if (!(err instanceof ExpectedRequestSerializationError)) { fail(err); } const r = err.request; From feb6a80235f56c426790844fce218e99f605757d Mon Sep 17 00:00:00 2001 From: "Kamat, Trivikram" <16024985+trivikr@users.noreply.github.com> Date: Wed, 10 Jul 2024 16:54:37 +0000 Subject: [PATCH 3/3] test: added mock credentials to avoid credential chain execution --- .../test/unit/dotSegmentInUriLabel.spec.ts | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts b/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts index bd1d1597ed6b..e34075bc35ba 100644 --- a/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts +++ b/clients/client-s3/test/unit/dotSegmentInUriLabel.spec.ts @@ -28,11 +28,12 @@ class RequestSerializationTestHandler implements HttpHandler { } describe("Dot Segment in URI Label", () => { - it("S3PreservesLeadingDotSegmentInUriLabel", async () => { - const client = new S3({ - requestHandler: new RequestSerializationTestHandler(), - }); + const client = new S3({ + credentials: { accessKeyId: "mockAccessKeyId", secretAccessKey: "mockSecretAccessKey" }, + requestHandler: new RequestSerializationTestHandler(), + }); + it("S3PreservesLeadingDotSegmentInUriLabel", async () => { try { await client.getObject({ Bucket: "mybucket", @@ -50,10 +51,6 @@ describe("Dot Segment in URI Label", () => { }); it("S3PreservesEmbeddedDotSegmentInUriLabel", async () => { - const client = new S3({ - requestHandler: new RequestSerializationTestHandler(), - }); - try { await client.getObject({ Bucket: "mybucket",