Fix javacript runs

This commit is contained in:
Adria Navarro 2024-02-09 10:33:09 +01:00
parent 2cde033783
commit 7aee57eb6a
1 changed files with 148 additions and 127 deletions

View File

@ -1,149 +1,170 @@
const { processStringSync, encodeJSBinding } = require("../src/index.js") const vm = require("vm")
const {
processStringSync,
encodeJSBinding,
setJSRunner,
} = require("../src/index.js")
const { UUID_REGEX } = require("./constants") const { UUID_REGEX } = require("./constants")
const processJS = (js, context) => { const processJS = (js, context) => {
return processStringSync(encodeJSBinding(js), context) return processStringSync(encodeJSBinding(js), context)
} }
describe("Test the JavaScript helper", () => { describe("Javascript", () => {
it("should execute a simple expression", () => { beforeAll(() => {
const output = processJS(`return 1 + 2`) setJSRunner((js, context) => {
expect(output).toBe(3) context = {
}) ...context,
alert: undefined,
it("should be able to use primitive bindings", () => { setInterval: undefined,
const output = processJS(`return $("foo")`, { setTimeout: undefined,
foo: "bar", }
vm.createContext(context)
return vm.runInNewContext(js, context, { timeout: 1000 })
}) })
expect(output).toBe("bar")
}) })
it("should be able to use an object binding", () => { describe("Test the JavaScript helper", () => {
const output = processJS(`return $("foo").bar`, { it("should execute a simple expression", () => {
foo: { const output = processJS(`return 1 + 2`)
bar: "baz", expect(output).toBe(3)
},
}) })
expect(output).toBe("baz")
})
it("should be able to use a complex object binding", () => { it("should be able to use primitive bindings", () => {
const output = processJS(`return $("foo").bar[0].baz`, { const output = processJS(`return $("foo")`, {
foo: { foo: "bar",
bar: [ })
{ expect(output).toBe("bar")
baz: "shazbat",
},
],
},
}) })
expect(output).toBe("shazbat")
})
it("should be able to use a deep binding", () => { it("should be able to use an object binding", () => {
const output = processJS(`return $("foo.bar.baz")`, { const output = processJS(`return $("foo").bar`, {
foo: { foo: {
bar: {
baz: "shazbat",
},
},
})
expect(output).toBe("shazbat")
})
it("should be able to return an object", () => {
const output = processJS(`return $("foo")`, {
foo: {
bar: {
baz: "shazbat",
},
},
})
expect(output.bar.baz).toBe("shazbat")
})
it("should be able to return an array", () => {
const output = processJS(`return $("foo")`, {
foo: ["a", "b", "c"],
})
expect(output[2]).toBe("c")
})
it("should be able to return null", () => {
const output = processJS(`return $("foo")`, {
foo: null,
})
expect(output).toBe(null)
})
it("should be able to return undefined", () => {
const output = processJS(`return $("foo")`, {
foo: undefined,
})
expect(output).toBe(undefined)
})
it("should be able to return 0", () => {
const output = processJS(`return $("foo")`, {
foo: 0,
})
expect(output).toBe(0)
})
it("should be able to return an empty string", () => {
const output = processJS(`return $("foo")`, {
foo: "",
})
expect(output).toBe("")
})
it("should be able to use a deep array binding", () => {
const output = processJS(`return $("foo.0.bar")`, {
foo: [
{
bar: "baz", bar: "baz",
}, },
], })
expect(output).toBe("baz")
})
it("should be able to use a complex object binding", () => {
const output = processJS(`return $("foo").bar[0].baz`, {
foo: {
bar: [
{
baz: "shazbat",
},
],
},
})
expect(output).toBe("shazbat")
})
it("should be able to use a deep binding", () => {
const output = processJS(`return $("foo.bar.baz")`, {
foo: {
bar: {
baz: "shazbat",
},
},
})
expect(output).toBe("shazbat")
})
it("should be able to return an object", () => {
const output = processJS(`return $("foo")`, {
foo: {
bar: {
baz: "shazbat",
},
},
})
expect(output.bar.baz).toBe("shazbat")
})
it("should be able to return an array", () => {
const output = processJS(`return $("foo")`, {
foo: ["a", "b", "c"],
})
expect(output[2]).toBe("c")
})
it("should be able to return null", () => {
const output = processJS(`return $("foo")`, {
foo: null,
})
expect(output).toBe(null)
})
it("should be able to return undefined", () => {
const output = processJS(`return $("foo")`, {
foo: undefined,
})
expect(output).toBe(undefined)
})
it("should be able to return 0", () => {
const output = processJS(`return $("foo")`, {
foo: 0,
})
expect(output).toBe(0)
})
it("should be able to return an empty string", () => {
const output = processJS(`return $("foo")`, {
foo: "",
})
expect(output).toBe("")
})
it("should be able to use a deep array binding", () => {
const output = processJS(`return $("foo.0.bar")`, {
foo: [
{
bar: "baz",
},
],
})
expect(output).toBe("baz")
})
it("should handle errors", () => {
const output = processJS(`throw "Error"`)
expect(output).toBe("Error while executing JS")
})
it("should timeout after one second", () => {
const output = processJS(`while (true) {}`)
expect(output).toBe("Timed out while executing JS")
})
it("should prevent access to the process global", () => {
const output = processJS(`return process`)
expect(output).toBe("Error while executing JS")
})
it("should prevent sandbox escape", () => {
const output = processJS(
`return this.constructor.constructor("return process")()`
)
expect(output).toBe("Error while executing JS")
}) })
expect(output).toBe("baz")
}) })
it("should handle errors", () => { describe("check JS helpers", () => {
const output = processJS(`throw "Error"`) it("should error if using the format helper. not helpers.", () => {
expect(output).toBe("Error while executing JS") const output = processJS(`return helper.toInt(4.3)`)
}) expect(output).toBe("Error while executing JS")
})
it("should timeout after one second", () => { it("should be able to use toInt", () => {
const output = processJS(`while (true) {}`) const output = processJS(`return helpers.toInt(4.3)`)
expect(output).toBe("Timed out while executing JS") expect(output).toBe(4)
}) })
it("should prevent access to the process global", () => { it("should be able to use uuid", () => {
const output = processJS(`return process`) const output = processJS(`return helpers.uuid()`)
expect(output).toBe("Error while executing JS") expect(output).toMatch(UUID_REGEX)
}) })
it("should prevent sandbox escape", () => {
const output = processJS(
`return this.constructor.constructor("return process")()`
)
expect(output).toBe("Error while executing JS")
})
})
describe("check JS helpers", () => {
it("should error if using the format helper. not helpers.", () => {
const output = processJS(`return helper.toInt(4.3)`)
expect(output).toBe("Error while executing JS")
})
it("should be able to use toInt", () => {
const output = processJS(`return helpers.toInt(4.3)`)
expect(output).toBe(4)
})
it("should be able to use uuid", () => {
const output = processJS(`return helpers.uuid()`)
expect(output).toMatch(UUID_REGEX)
}) })
}) })