File: test_whitenoise.py

package info (click to toggle)
python-whitenoise 6.8.2-1
links: PTS, VCS
area: main
in suites: forky, sid, trixie
size: 472 kB
sloc: python: 2,040; makefile: 132; javascript: 10
file content (383 lines) | stat: -rw-r--r-- 12,684 bytes
from __future__ import annotations

import os
import re
import shutil
import stat
import sys
import tempfile
import warnings
from contextlib import closing
from urllib.parse import urljoin
from wsgiref.headers import Headers
from wsgiref.simple_server import demo_app

import pytest

from tests.utils import AppServer
from tests.utils import Files
from whitenoise import WhiteNoise
from whitenoise.responders import StaticFile


@pytest.fixture(scope="module")
def files():
    return Files(
        "assets",
        js="subdir/javascript.js",
        gzip="compressed.css",
        gzipped="compressed.css.gz",
        custom_mime="custom-mime.foobar",
        index="with-index/index.html",
    )


@pytest.fixture(params=[True, False], scope="module")
def application(request, files):
    # When run all test the application with autorefresh enabled and disabled
    # When testing autorefresh mode we first initialise the application with an
    # empty temporary directory and then copy in the files afterwards so we can
    # test that files added after initialisation are picked up correctly
    if request.param:
        tmp = tempfile.mkdtemp()
        app = _init_application(tmp, autorefresh=True)
        copytree(files.directory, tmp)
        yield app
        shutil.rmtree(tmp)
    else:
        yield _init_application(files.directory)


def _init_application(directory, **kwargs):
    def custom_headers(headers, path, url):
        if url.endswith(".css"):
            headers["X-Is-Css-File"] = "True"

    return WhiteNoise(
        demo_app,
        root=directory,
        max_age=1000,
        mimetypes={".foobar": "application/x-foo-bar"},
        add_headers_function=custom_headers,
        index_file=True,
        **kwargs,
    )


@pytest.fixture(scope="module")
def server(application):
    app_server = AppServer(application)
    with closing(app_server):
        yield app_server


def assert_is_default_response(response):
    assert "Hello world!" in response.text


def test_get_file(server, files):
    response = server.get(files.js_url)
    assert response.content == files.js_content
    assert re.search(r"text/javascript\b", response.headers["Content-Type"])
    assert re.search(r'.*\bcharset="utf-8"', response.headers["Content-Type"])


def test_get_not_accept_gzip(server, files):
    response = server.get(files.gzip_url, headers={"Accept-Encoding": ""})
    assert response.content == files.gzip_content
    assert "Content-Encoding" not in response.headers
    assert response.headers["Vary"] == "Accept-Encoding"


def test_get_accept_star(server, files):
    response = server.get(files.gzip_url, headers={"Accept-Encoding": "*"})
    assert response.content == files.gzip_content
    assert "Content-Encoding" not in response.headers
    assert response.headers["Vary"] == "Accept-Encoding"


def test_get_accept_missing(server, files):
    response = server.get(
        files.gzip_url,
        # Using None is required to override requests’ default Accept-Encoding
        headers={"Accept-Encoding": None},
    )
    assert response.content == files.gzip_content
    assert "Content-Encoding" not in response.headers
    assert response.headers["Vary"] == "Accept-Encoding"


def test_get_accept_gzip(server, files):
    response = server.get(files.gzip_url)
    assert response.content == files.gzip_content
    assert response.headers["Content-Encoding"] == "gzip"
    assert response.headers["Vary"] == "Accept-Encoding"


def test_cannot_directly_request_gzipped_file(server, files):
    response = server.get(files.gzip_url + ".gz")
    assert_is_default_response(response)


def test_not_modified_exact(server, files):
    response = server.get(files.js_url)
    last_mod = response.headers["Last-Modified"]
    response = server.get(files.js_url, headers={"If-Modified-Since": last_mod})
    assert response.status_code == 304


def test_not_modified_future(server, files):
    last_mod = "Fri, 11 Apr 2100 11:47:06 GMT"
    response = server.get(files.js_url, headers={"If-Modified-Since": last_mod})
    assert response.status_code == 304


def test_modified(server, files):
    last_mod = "Fri, 11 Apr 2001 11:47:06 GMT"
    response = server.get(files.js_url, headers={"If-Modified-Since": last_mod})
    assert response.status_code == 200


def test_modified_mangled_date_firefox_91_0b3(server, files):
    last_mod = "Fri, 16 Jul 2021 09:09:1626426577S GMT"
    response = server.get(files.js_url, headers={"If-Modified-Since": last_mod})
    assert response.status_code == 200


def test_etag_matches(server, files):
    response = server.get(files.js_url)
    etag = response.headers["ETag"]
    response = server.get(files.js_url, headers={"If-None-Match": etag})
    assert response.status_code == 304


def test_etag_doesnt_match(server, files):
    etag = '"594bd1d1-36"'
    response = server.get(files.js_url, headers={"If-None-Match": etag})
    assert response.status_code == 200


def test_etag_overrules_modified_since(server, files):
    """
    Browsers send both headers so it's important that the ETag takes precedence
    over the last modified time, so that deploy-rollbacks are handled correctly.
    """
    headers = {
        "If-None-Match": '"594bd1d1-36"',
        "If-Modified-Since": "Fri, 11 Apr 2100 11:47:06 GMT",
    }
    response = server.get(files.js_url, headers=headers)
    assert response.status_code == 200


def test_max_age(server, files):
    response = server.get(files.js_url)
    assert response.headers["Cache-Control"], "max-age=1000 == public"


def test_other_requests_passed_through(server):
    response = server.get("/%s/not/static" % AppServer.PREFIX)
    assert_is_default_response(response)


def test_non_ascii_requests_safely_ignored(server):
    response = server.get(f"/{AppServer.PREFIX}/test\u263A")
    assert_is_default_response(response)


def test_add_under_prefix(server, files, application):
    prefix = "/prefix"
    application.add_files(files.directory, prefix=prefix)
    response = server.get(f"/{AppServer.PREFIX}{prefix}/{files.js_path}")
    assert response.content == files.js_content


def test_response_has_allow_origin_header(server, files):
    response = server.get(files.js_url)
    assert response.headers.get("Access-Control-Allow-Origin") == "*"


def test_response_has_correct_content_length_header(server, files):
    response = server.get(files.js_url)
    length = int(response.headers["Content-Length"])
    assert length == len(files.js_content)


def test_gzip_response_has_correct_content_length_header(server, files):
    response = server.get(files.gzip_url)
    length = int(response.headers["Content-Length"])
    assert length == len(files.gzipped_content)


def test_post_request_returns_405(server, files):
    response = server.request("post", files.js_url)
    assert response.status_code == 405


def test_head_request_has_no_body(server, files):
    response = server.request("head", files.js_url)
    assert response.status_code == 200
    assert not response.content


def test_custom_mimetype(server, files):
    response = server.get(files.custom_mime_url)
    assert re.search(r"application/x-foo-bar\b", response.headers["Content-Type"])


def test_custom_headers(server, files):
    response = server.get(files.gzip_url)
    assert response.headers["x-is-css-file"] == "True"


def test_index_file_served_at_directory_path(server, files):
    directory_url = files.index_url.rpartition("/")[0] + "/"
    response = server.get(directory_url)
    assert response.content == files.index_content


def test_index_file_path_redirected(server, files):
    directory_url = files.index_url.rpartition("/")[0] + "/"
    response = server.get(files.index_url, allow_redirects=False)
    location = urljoin(files.index_url, response.headers["Location"])
    assert response.status_code == 302
    assert location == directory_url


def test_directory_path_without_trailing_slash_redirected(server, files):
    directory_url = files.index_url.rpartition("/")[0] + "/"
    no_slash_url = directory_url.rstrip("/")
    response = server.get(no_slash_url, allow_redirects=False)
    location = urljoin(no_slash_url, response.headers["Location"])
    assert response.status_code == 302
    assert location == directory_url


def test_request_initial_bytes(server, files):
    response = server.get(files.js_url, headers={"Range": "bytes=0-13"})
    assert response.content == files.js_content[0:14]


def test_request_trailing_bytes(server, files):
    response = server.get(files.js_url, headers={"Range": "bytes=-3"})
    assert response.content == files.js_content[-3:]


def test_request_middle_bytes(server, files):
    response = server.get(files.js_url, headers={"Range": "bytes=21-30"})
    assert response.content == files.js_content[21:31]


def test_overlong_ranges_truncated(server, files):
    response = server.get(files.js_url, headers={"Range": "bytes=21-100000"})
    assert response.content == files.js_content[21:]


def test_overlong_trailing_ranges_return_entire_file(server, files):
    response = server.get(files.js_url, headers={"Range": "bytes=-100000"})
    assert response.content == files.js_content


def test_out_of_range_error(server, files):
    response = server.get(files.js_url, headers={"Range": "bytes=10000-11000"})
    assert response.status_code == 416
    assert response.headers["Content-Range"] == "bytes */%s" % len(files.js_content)


def test_warn_about_missing_directories(application):
    # This is the one minor behavioural difference when autorefresh is
    # enabled: we don't warn about missing directories as these can be
    # created after the application is started
    if application.autorefresh:
        pytest.skip()
    with warnings.catch_warnings(record=True) as warning_list:
        application.add_files("/dev/null/nosuchdir\u2713")
    assert len(warning_list) == 1


def test_handles_missing_path_info_key(application):
    response = application(environ={}, start_response=lambda *args: None)
    assert response


def test_cant_read_absolute_paths_on_windows(server):
    response = server.get(rf"/{AppServer.PREFIX}/C:/Windows/System.ini")
    assert_is_default_response(response)


def test_no_error_on_very_long_filename(server):
    response = server.get("/blah" * 1000)
    assert response.status_code != 500


def copytree(src, dst):
    for name in os.listdir(src):
        src_path = os.path.join(src, name)
        dst_path = os.path.join(dst, name)
        if os.path.isdir(src_path):
            shutil.copytree(src_path, dst_path)
        else:
            shutil.copy2(src_path, dst_path)


def test_immutable_file_test_accepts_regex():
    instance = WhiteNoise(None, immutable_file_test=r"\.test$")
    assert instance.immutable_file_test("", "/myfile.test")
    assert not instance.immutable_file_test("", "file.test.txt")


@pytest.mark.skipif(sys.version_info < (3, 4), reason="Pathlib was added in Python 3.4")
def test_directory_path_can_be_pathlib_instance():
    from pathlib import Path

    root = Path(Files("root").directory)
    # Check we can construct instance without it blowing up
    WhiteNoise(None, root=root, autorefresh=True)


def fake_stat_entry(
    st_mode: int = stat.S_IFREG, st_size: int = 1024, st_mtime: int = 0
) -> os.stat_result:
    return os.stat_result(
        (
            st_mode,
            0,  # st_ino
            0,  # st_dev
            0,  # st_nlink
            0,  # st_uid
            0,  # st_gid
            st_size,
            0,  # st_atime
            st_mtime,
            0,  # st_ctime
        )
    )


def test_last_modified_not_set_when_mtime_is_zero():
    stat_cache = {__file__: fake_stat_entry()}
    responder = StaticFile(__file__, [], stat_cache=stat_cache)
    response = responder.get_response("GET", {})
    response.file.close()
    headers_dict = Headers(response.headers)
    assert "Last-Modified" not in headers_dict
    assert "ETag" not in headers_dict


def test_file_size_matches_range_with_range_header():
    stat_cache = {__file__: fake_stat_entry()}
    responder = StaticFile(__file__, [], stat_cache=stat_cache)
    response = responder.get_response("GET", {"HTTP_RANGE": "bytes=0-13"})
    file_size = len(response.file.read())
    assert file_size == 14


def test_chunked_file_size_matches_range_with_range_header():
    stat_cache = {__file__: fake_stat_entry()}
    responder = StaticFile(__file__, [], stat_cache=stat_cache)
    response = responder.get_response("GET", {"HTTP_RANGE": "bytes=0-13"})
    file_size = 0
    assert response.file is not None
    while response.file.read(1):
        file_size += 1
    assert file_size == 14