diff --git a/relay-filter/src/csp.rs b/relay-filter/src/csp.rs index 57b2712db3..c7cbe49b1f 100644 --- a/relay-filter/src/csp.rs +++ b/relay-filter/src/csp.rs @@ -232,6 +232,12 @@ mod tests { ("abc.com/something]:", None, Some("abc.com"), None), ("abc.co]m/[something:", None, Some("abc.co]m"), None), ("]abc.com:9000", None, Some("]abc.com"), Some("9000")), + ( + "https://api.example.com/foo/00000000-0000-0000-0000-000000000000?includes[]=user&includes[]=image&includes[]=author&includes[]=tag", + Some("https"), + Some("api.example.com"), + None, + ) ]; for (url, scheme, domain, port) in examples { @@ -265,6 +271,40 @@ mod tests { Some("[1fff:0:a88:85a3::ac1f]"), Some("8001"), ), + // invalid IPv6 for localhost since it's not inside brackets + ("::1", None, Some(":"), Some("1")), + ("[::1]", None, Some("[::1]"), None), + ( + "http://[fe80::862a:fdff:fe78:a2bf%13]", + Some("http"), + Some("[fe80::862a:fdff:fe78:a2bf%13]"), + None, + ), + // invalid addresses. although these results don't represent correct results, + // they are here to make sure the application won't crash. + ("192.168.1.1.1", None, Some("192.168.1.1.1"), None), + ("192.168.1.300", None, Some("192.168.1.300"), None), + ( + "[2001:0db8:85a3:::8a2e:0370:7334]", + None, + Some("[2001:0db8:85a3:::8a2e:0370:7334]"), + None, + ), + ("[fe80::1::]", None, Some("[fe80::1::]"), None), + ("fe80::1::", None, Some("fe80::1:"), Some("")), + ( + "[2001:0db8:85a3:xyz::8a2e:0370:7334]", + None, + Some("[2001:0db8:85a3:xyz::8a2e:0370:7334]"), + None, + ), + ( + "2001:0db8:85a3:xyz::8a2e:0370:7334", + None, + Some("2001:0db8:85a3:xyz::8a2e:0370"), + Some("7334"), + ), + ("192.168.0.1/24", None, Some("192.168.0.1"), None), ]; for (url, scheme, domain, port) in examples {