mirror of
https://github.com/mealie-recipes/mealie.git
synced 2026-07-10 09:40:16 -04:00
82 lines
2.1 KiB
TypeScript
82 lines
2.1 KiB
TypeScript
import { describe, expect, test, vi, beforeEach, afterEach } from "vitest";
|
|
import { getTokenCookieOptions } from "./use-token-cookie";
|
|
|
|
function setLocation(protocol: string) {
|
|
Object.defineProperty(window, "location", {
|
|
value: { ...window.location, protocol },
|
|
configurable: true,
|
|
writable: true,
|
|
});
|
|
}
|
|
|
|
function setFramed(framed: boolean) {
|
|
Object.defineProperty(window, "top", {
|
|
value: framed ? ({} as Window) : window,
|
|
configurable: true,
|
|
});
|
|
}
|
|
|
|
function stubNuxtApp(production: boolean) {
|
|
vi.stubGlobal("useNuxtApp", () => ({
|
|
$appInfo: { production, tokenTime: 48 },
|
|
}));
|
|
}
|
|
|
|
describe("getTokenCookieOptions", () => {
|
|
beforeEach(() => {
|
|
setFramed(false);
|
|
});
|
|
|
|
afterEach(() => {
|
|
vi.unstubAllGlobals();
|
|
});
|
|
|
|
test("top-level https connection gets a lax, non-partitioned cookie", () => {
|
|
stubNuxtApp(true);
|
|
setLocation("https:");
|
|
setFramed(false);
|
|
|
|
const options = getTokenCookieOptions();
|
|
|
|
expect(options.secure).toBe(true);
|
|
expect(options.sameSite).toBe("lax");
|
|
expect(options.partitioned).toBe(false);
|
|
});
|
|
|
|
test("iframe-embedded https connection gets a none, partitioned cookie", () => {
|
|
stubNuxtApp(true);
|
|
setLocation("https:");
|
|
setFramed(true);
|
|
|
|
const options = getTokenCookieOptions();
|
|
|
|
expect(options.secure).toBe(true);
|
|
expect(options.sameSite).toBe("none");
|
|
expect(options.partitioned).toBe(true);
|
|
});
|
|
|
|
test("insecure (http) connection stays lax and non-partitioned even when framed", () => {
|
|
stubNuxtApp(true);
|
|
setLocation("http:");
|
|
setFramed(true);
|
|
|
|
const options = getTokenCookieOptions();
|
|
|
|
expect(options.secure).toBe(false);
|
|
expect(options.sameSite).toBe("lax");
|
|
expect(options.partitioned).toBe(false);
|
|
});
|
|
|
|
test("non-production build stays lax and non-partitioned even when framed over https", () => {
|
|
stubNuxtApp(false);
|
|
setLocation("https:");
|
|
setFramed(true);
|
|
|
|
const options = getTokenCookieOptions();
|
|
|
|
expect(options.secure).toBe(false);
|
|
expect(options.sameSite).toBe("lax");
|
|
expect(options.partitioned).toBe(false);
|
|
});
|
|
});
|