Commit | Line | Data |
10f204e1 |
1 | use strict; |
2 | use warnings; |
3 | use Test::More tests=>15; |
4 | |
5 | use Catalyst; |
6 | use HTTP::Headers; |
7 | my $c = Catalyst->new( {} ); |
8 | $c->config(Debug => {param_filters => 'simple_str'}); |
9 | |
10 | isa_ok( $c, 'Catalyst' ); |
11 | my $params = $c->_apply_parameter_debug_filters( 'query', {} ); |
12 | is_deeply( $params, {}, 'empty param list' ); |
13 | my $filter_str = '[FILTERED]'; |
14 | |
15 | $params = $c->_apply_parameter_debug_filters( 'body', { simple_str => 1, other_str => 2 } ); |
16 | is( $params->{simple_str}, $filter_str, 'filtered simple_str' ); |
17 | is( $params->{other_str}, '2', "didn't filter other_str" ); |
18 | |
19 | $c->config( Debug => { param_filters => [qw(a b)] } ); |
20 | $params = $c->_apply_parameter_debug_filters( 'query', { a => 1, b => 2, c => 3 }, ); |
21 | |
22 | is_deeply( $params, { a => $filter_str, b => $filter_str, c => 3 }, 'list of simple param names' ); |
23 | |
24 | $c->config( Debug => { param_filters => qr/^foo/ } ); |
25 | $params = $c->_apply_parameter_debug_filters( 'query', { foo => 1, foobar => 2, c => 3 }, ); |
26 | is_deeply( $params, { foo => $filter_str, foobar => $filter_str, c => 3 }, 'single regex' ); |
27 | |
28 | $c->config(Debug => {param_filters => [qr/^foo/, qr/bar/, 'simple']}); |
29 | $params = $c->_apply_parameter_debug_filters( 'query', { foo => 1, foobar => 2, bar => 3, c => 3, simple => 4 }, ); |
30 | is_deeply( $params, { foo => $filter_str, foobar => $filter_str, bar => $filter_str, c => 3, simple => $filter_str }, 'array of regexes and a simple filter' ); |
31 | |
32 | $c->config( |
33 | Debug => { |
34 | param_filters => sub { return unless shift eq 'password'; return '*' x 8 } |
35 | } |
36 | ); |
37 | $params = $c->_apply_parameter_debug_filters( 'query', { password => 'secret', other => 'public' }, ); |
38 | is_deeply( $params, { other => 'public', password => '********' }, 'single CODE ref' ); |
39 | |
40 | $c->config( Debug => { param_filters => { body => qr// } } ); |
41 | $params = $c->_apply_parameter_debug_filters( 'query', { a=>1, b=>2 } ); |
42 | is_deeply( $params, { a=>1, b=>2 }, 'body filters do not modify query params' ); |
43 | $params = $c->_apply_parameter_debug_filters( 'body', { a=>1, b=>2 } ); |
44 | is_deeply( $params, { a => $filter_str, b => $filter_str }, 'all body params filtered' ); |
45 | |
46 | $c->config( Debug => { param_filters => undef } ); |
47 | $c->config( Debug => { param_filters => { all => [qw(foo bar)] } } ); |
48 | $params = $c->_apply_parameter_debug_filters( 'body', { foo=>1, bar=>2, baz=>3 } ); |
49 | is_deeply( $params, { foo => $filter_str, bar => $filter_str, baz => 3 }, 'using the "all" type filter on body params' ); |
50 | $params = $c->_apply_parameter_debug_filters( 'query', { foo=>1, bar=>2, baz=>3 } ); |
51 | is_deeply( $params, { foo => $filter_str, bar => $filter_str, baz => 3 }, 'using the "all" type filter on query params' ); |
52 | |
53 | my $headers = HTTP::Headers->new( |
54 | Content_type => 'text/html', |
55 | Set_Cookie => 'session_id=abc123; expires=Fri, 31-Dec-2010 23:59:59 GMT; path=/; domain=.example.org.', |
56 | Set_Cookie => 'something_else=xyz890; expires=Fri, 31-Dec-2010 23:59:59 GMT; path=/; domain=.example.org.', |
57 | ); |
58 | $c->config( |
59 | Debug => { |
60 | response_header_filters => sub { |
61 | my ( $n, $v ) = @_; |
62 | return unless $n eq 'Set-Cookie'; |
63 | $v =~ s/session_id=.*?;/session_id=SECRET/; |
64 | return $v; |
65 | }, |
66 | } |
67 | ); |
68 | my $filtered = $c->_apply_header_debug_filters(response => $headers); |
69 | is($filtered->header('Content-Type'), 'text/html', 'Content-Type header left alone'); |
70 | like($filtered->as_string, qr/session_id=SECRET/, 'Set-Cookie value filtered'); |
71 | like($filtered->as_string, qr/something_else=xyz890/, 'non-session_id cookie not filtered'); |