epugh commented on code in PR #4243:
URL: https://github.com/apache/solr/pull/4243#discussion_r3000375765
##########
solr/packaging/build.gradle:
##########
@@ -282,6 +282,7 @@ task integrationTests(type: BatsTask) {
}
inputs.dir(distDir)
+ inputs.dir('test') // Track .bats test files and helper as inputs
Review Comment:
Thanks for this, there are times when I get weirdness, and maybe this fixes
that!
##########
solr/packaging/test/test_adminconsole_urls.bats:
##########
@@ -28,11 +28,46 @@ teardown() {
solr stop --all >/dev/null 2>&1
}
+
@test "assert able to launch solr admin console" {
run solr start
+ # Check HTTP status code
run curl -s -o /dev/null -w "%{http_code}"
http://localhost:${SOLR_PORT}/solr/
+ assert_output "200"
+
+ # Check Content-Type header is text/html
+ local content_type=$(curl -s -I http://localhost:${SOLR_PORT}/solr/ | grep
-i "Content-Type:" | tr -d '\r')
Review Comment:
Can this be a run and an assert include? Just to be more bats like and less
fancy bass?
##########
solr/packaging/test/test_adminconsole_urls.bats:
##########
@@ -28,11 +28,46 @@ teardown() {
solr stop --all >/dev/null 2>&1
}
+
@test "assert able to launch solr admin console" {
run solr start
+ # Check HTTP status code
run curl -s -o /dev/null -w "%{http_code}"
http://localhost:${SOLR_PORT}/solr/
+ assert_output "200"
+
+ # Check Content-Type header is text/html
+ local content_type=$(curl -s -I http://localhost:${SOLR_PORT}/solr/ | grep
-i "Content-Type:" | tr -d '\r')
+ [[ "$content_type" == *"text/html"* ]]
- # Check if the HTTP response code is 200 (OK)
+ # Check that response body contains HTML
+ local response_body=$(curl -s http://localhost:${SOLR_PORT}/solr/)
+ [[ "$response_body" == *"<html"* ]] || [[ "$response_body" == *"<!DOCTYPE"*
]]
+
+ # Check that a CSS file returns 200
+ run curl -s -o /dev/null -w "%{http_code}"
http://localhost:${SOLR_PORT}/solr/css/angular/chosen.css
assert_output "200"
+
+ # Check Content-Type header is text/css
+ local content_type=$(curl -s -I
http://localhost:${SOLR_PORT}/solr/css/angular/chosen.css | grep -i
"Content-Type:" | tr -d '\r')
+ [[ "$content_type" == *"text/css"* ]]
+
+ # Check that response body contains actual CSS content
+ local response_body=$(curl -s
http://localhost:${SOLR_PORT}/solr/css/angular/chosen.css)
+ [[ "$response_body" == *"{"* ]] && [[ "$response_body" == *"}"* ]]
+}
+
+@test "assert CSP header contains custom connect src URLs" {
+ # Set custom CSP connect-src URLs via system property
+ local
csp_urls="http://example1.com/token,https://example2.com/path/uri1,http://example3.com/oauth2/uri2";
+
+ run solr start -Dsolr.ui.headers.csp.connect-src.urls="${csp_urls}"
+
+ # Get the Content-Security-Policy header value
+ local csp_header=$(curl -s -I http://localhost:${SOLR_PORT}/solr/ | grep -i
"Content-Security-Policy:" | tr -d '\r')
+
+ # Check that the CSP header contains each of our custom URLs
+ [[ "$csp_header" == *"http://example1.com/token"* ]]
Review Comment:
These could use the standard bats? I like keeping to the bats conventions
as much as possible to reduce the learning when you read these!
##########
solr/webapp/web/WEB-INF/web.xml:
##########
@@ -24,81 +24,95 @@
<listener>
<listener-class>org.apache.solr.servlet.CoreContainerProvider</listener-class>
</listener>
- <!-- Any path (name) registered in solrconfig.xml will be sent to that
filter -->
- <filter>
- <filter-name>PathExclusionsFilter</filter-name>
- <filter-class>org.apache.solr.servlet.PathExclusionFilter</filter-class>
- <!--
- Exclude patterns is a list of directories that would be short-circuited by
this
- Filter. It includes all Admin UI related static content.
- NOTE: It is NOT a pattern but only matches the start of the HTTP
ServletPath.
- -->
- <init-param>
- <param-name>excludePatterns</param-name>
-
<param-value>/partials/.+,/libs/.+,/css/.+,/js/.+,/img/.+,/templates/.+,/ui/.*</param-value>
- </init-param>
- </filter>
-
- <filter-mapping>
- <filter-name>PathExclusionsFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
<filter>
<filter-name>SolrFilter</filter-name>
<filter-class>org.apache.solr.servlet.RequiredSolrRequestFilter</filter-class>
</filter>
-
<filter-mapping>
<filter-name>SolrFilter</filter-name>
- <url-pattern>/*</url-pattern>
+ <servlet-name>default</servlet-name>
</filter-mapping>
<filter>
<filter-name>RateLimitFilter</filter-name>
<filter-class>org.apache.solr.servlet.RateLimitFilter</filter-class>
</filter>
-
<filter-mapping>
<filter-name>RateLimitFilter</filter-name>
- <url-pattern>/*</url-pattern>
+ <servlet-name>default</servlet-name>
</filter-mapping>
<filter>
<filter-name>TracingFilter</filter-name>
<filter-class>org.apache.solr.servlet.TracingFilter</filter-class>
</filter>
-
<filter-mapping>
<filter-name>TracingFilter</filter-name>
- <url-pattern>/*</url-pattern>
+ <servlet-name>default</servlet-name>
</filter-mapping>
<filter>
<filter-name>AuthenticationFilter</filter-name>
<filter-class>org.apache.solr.servlet.AuthenticationFilter</filter-class>
</filter>
-
<filter-mapping>
<filter-name>AuthenticationFilter</filter-name>
- <url-pattern>/*</url-pattern>
+ <servlet-name>default</servlet-name>
</filter-mapping>
<servlet>
- <servlet-name>SolrServlet</servlet-name>
+ <servlet-name>default</servlet-name>
Review Comment:
I think I liked the simplicity of the pattern versus needing to know what
"default" is, but we should do whatever is the standard approxh for these!
##########
solr/packaging/test/test_adminconsole_urls.bats:
##########
@@ -28,11 +28,46 @@ teardown() {
solr stop --all >/dev/null 2>&1
}
+
@test "assert able to launch solr admin console" {
run solr start
+ # Check HTTP status code
run curl -s -o /dev/null -w "%{http_code}"
http://localhost:${SOLR_PORT}/solr/
+ assert_output "200"
+
+ # Check Content-Type header is text/html
+ local content_type=$(curl -s -I http://localhost:${SOLR_PORT}/solr/ | grep
-i "Content-Type:" | tr -d '\r')
+ [[ "$content_type" == *"text/html"* ]]
- # Check if the HTTP response code is 200 (OK)
+ # Check that response body contains HTML
+ local response_body=$(curl -s http://localhost:${SOLR_PORT}/solr/)
+ [[ "$response_body" == *"<html"* ]] || [[ "$response_body" == *"<!DOCTYPE"*
]]
Review Comment:
Likewise with the assert partial command?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
