mirror of
https://github.com/freeCodeCamp/freeCodeCamp.git
synced 2025-12-31 15:03:21 -05:00
50 lines
1.5 KiB
TypeScript
50 lines
1.5 KiB
TypeScript
import Ajv from 'ajv';
|
|
import secureSchema from 'ajv/lib/refs/json-schema-secure.json';
|
|
|
|
import { schemas } from './schemas';
|
|
|
|
// it's not strict, but that's okay - we're not using it to validate data
|
|
const ajv = new Ajv({ strictTypes: false });
|
|
const isSchemaSecure = ajv.compile(secureSchema);
|
|
|
|
// These schemas will fail the tests, so can only be checked by hand.
|
|
const ignoredSchemas = ['getSessionUser'];
|
|
|
|
describe('Schemas do not use obviously dangerous validation', () => {
|
|
Object.entries(schemas)
|
|
.filter(([schema]) => !ignoredSchemas.includes(schema))
|
|
.forEach(([name, schema]) => {
|
|
describe(`schema ${name} is okay`, () => {
|
|
if ('body' in schema) {
|
|
test('body is secure', () => {
|
|
expect(isSchemaSecure(schema.body)).toBeTruthy();
|
|
});
|
|
}
|
|
|
|
if ('querystring' in schema) {
|
|
test('querystring is secure', () => {
|
|
expect(isSchemaSecure(schema.querystring)).toBeTruthy();
|
|
});
|
|
}
|
|
|
|
if ('params' in schema) {
|
|
test('params is secure', () => {
|
|
expect(isSchemaSecure(schema.params)).toBeTruthy();
|
|
});
|
|
}
|
|
|
|
if ('headers' in schema) {
|
|
test('headers is secure', () => {
|
|
expect(isSchemaSecure(schema.headers)).toBeTruthy();
|
|
});
|
|
}
|
|
|
|
Object.entries(schema.response).forEach(([code, codeSchema]) => {
|
|
test(`response ${code} is secure`, () => {
|
|
expect(isSchemaSecure(codeSchema)).toBeTruthy();
|
|
});
|
|
});
|
|
});
|
|
});
|
|
});
|