test/req.hostname.js

   1
   2 var express = require('../')
   3   , request = require('supertest')
   4
   5 describe('req', function(){
   6   describe('.hostname', function(){
   7     it('should return the Host when present', function(done){
   8       var app = express();
   9
  10       app.use(function(req, res){
  11         res.end(req.hostname);
  12       });
  13
  14       request(app)
  15       .post('/')
  16       .set('Host', 'example.com')
  17       .expect('example.com', done);
  18     })
  19
  20     it('should strip port number', function(done){
  21       var app = express();
  22
  23       app.use(function(req, res){
  24         res.end(req.hostname);
  25       });
  26
  27       request(app)
  28       .post('/')
  29       .set('Host', 'example.com:3000')
  30       .expect('example.com', done);
  31     })
  32
  33     it('should return undefined otherwise', function(done){
  34       var app = express();
  35
  36       app.use(function(req, res){
  37         req.headers.host = null;
  38         res.end(String(req.hostname));
  39       });
  40
  41       request(app)
  42       .post('/')
  43       .expect('undefined', done);
  44     })
  45
  46     it('should work with IPv6 Host', function(done){
  47       var app = express();
  48
  49       app.use(function(req, res){
  50         res.end(req.hostname);
  51       });
  52
  53       request(app)
  54       .post('/')
  55       .set('Host', '[::1]')
  56       .expect('[::1]', done);
  57     })
  58
  59     it('should work with IPv6 Host and port', function(done){
  60       var app = express();
  61
  62       app.use(function(req, res){
  63         res.end(req.hostname);
  64       });
  65
  66       request(app)
  67       .post('/')
  68       .set('Host', '[::1]:3000')
  69       .expect('[::1]', done);
  70     })
  71
  72     describe('when "trust proxy" is enabled', function(){
  73       it('should respect X-Forwarded-Host', function(done){
  74         var app = express();
  75
  76         app.enable('trust proxy');
  77
  78         app.use(function(req, res){
  79           res.end(req.hostname);
  80         });
  81
  82         request(app)
  83         .get('/')
  84         .set('Host', 'localhost')
  85         .set('X-Forwarded-Host', 'example.com:3000')
  86         .expect('example.com', done);
  87       })
  88
  89       it('should ignore X-Forwarded-Host if socket addr not trusted', function(done){
  90         var app = express();
  91
  92         app.set('trust proxy', '10.0.0.1');
  93
  94         app.use(function(req, res){
  95           res.end(req.hostname);
  96         });
  97
  98         request(app)
  99         .get('/')
 100         .set('Host', 'localhost')
 101         .set('X-Forwarded-Host', 'example.com')
 102         .expect('localhost', done);
 103       })
 104
 105       it('should default to Host', function(done){
 106         var app = express();
 107
 108         app.enable('trust proxy');
 109
 110         app.use(function(req, res){
 111           res.end(req.hostname);
 112         });
 113
 114         request(app)
 115         .get('/')
 116         .set('Host', 'example.com')
 117         .expect('example.com', done);
 118       })
 119     })
 120
 121     describe('when "trust proxy" is disabled', function(){
 122       it('should ignore X-Forwarded-Host', function(done){
 123         var app = express();
 124
 125         app.use(function(req, res){
 126           res.end(req.hostname);
 127         });
 128
 129         request(app)
 130         .get('/')
 131         .set('Host', 'localhost')
 132         .set('X-Forwarded-Host', 'evil')
 133         .expect('localhost', done);
 134       })
 135     })
 136   })
 137 })