Skip to content

Commit

Permalink
fix: .ic-assets.json configuration entries no longer overwrite the de…
Browse files Browse the repository at this point in the history 
…fault for allow_raw_access (#3635)

For for all entries in .ic-assets.json being treated as if they specify allow_raw_access: true if not explicitly set

Fixes: https://dfinity.atlassian.net/browse/SDK-1238
  • Loading branch information
@ericswanson-dfinity
ericswanson-dfinity authored Mar 4, 2024
1 parent 29bdcf0 commit b626fd4
Show file tree
Hide file tree
Showing 3 changed files with 239 additions and 15 deletions.
28 changes: 28 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,34 @@

# UNRELEASED

# fix: .ic-assets.json configuration entries no longer overwrite the default for `allow_raw_access`

Previously, any configuration element in .ic-assets.json functioned as if a setting of
`"allow_raw_access": true` were present in the json object.

For example, given the following configuration, all files would be configured
with `allow_raw_access` set to `true`, as if the second entry specified
`"allow_raw_access": true` (which is the default), even though it does not.

```json
[
{
"match": "**/*",
"allow_raw_access": false
},
{
"match": "**/*",
"headers": {
"X-Anything": "Something"
}
}
]
```

Now, given the same configuration, all files would be configured with `allow_raw_access` set to false, as expected.

Note that the default value of `allow_raw_access` is still `true`.

# 0.18.0

### fix!: removed the `dfx upgrade` command
Expand Down
63 changes: 53 additions & 10 deletions e2e/tests-dfx/assetscanister.bash
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1163,6 +1163,54 @@ CHERRIES" "$stdout"
# /.well-known/thing.json 1/1 (0 bytes)
}

@test "asset configuration via .ic-assets.json5 - default properties" {
install_asset assetscanister
rm src/e2e_project_frontend/assets/.ic-assets.json5
dfx_start
assert_command dfx deploy
assert_command dfx canister call e2e_project_frontend get_asset_properties '("/binary/noise.txt")'
assert_contains '(
record {
headers = null;
is_aliased = null;
allow_raw_access = opt true;
max_age = null;
},
)'
}

@test "asset configuration via .ic-assets.json5 - property override order does not matter" {
install_asset assetscanister
# Ensure that setting one property does not overwrite a different property set earlier
cat > src/e2e_project_frontend/assets/.ic-assets.json5 <<EOF
[
{
"match": "**/binary/**/*",
"allow_raw_access": false
},
{
"match": "**/*",
"headers": {
"X-Anything": "Something"
}
}
]
EOF
dfx_start
assert_command dfx deploy
assert_command dfx canister call e2e_project_frontend get_asset_properties '("/binary/noise.txt")'
assert_contains '(
record {
headers = opt vec { record { "X-Anything"; "Something" } };
is_aliased = null;
allow_raw_access = opt false;
max_age = null;
},
)'
}



@test "asset configuration via .ic-assets.json5 - nested dot directories" {
install_asset assetscanister

Expand Down Expand Up @@ -1490,38 +1538,33 @@ CHERRIES" "$stdout"
"match": "nevermatchme",
"cache": {
"max_age": 2000
},
"allow_raw_access": true
}
}'
assert_match 'WARN: 4 unmatched configurations in .*/src/e2e_project_frontend/assets/somedir/.ic-assets.json config file:'
assert_contains 'WARN: {
"match": "nevermatchme",
"headers": {},
"ignore": false,
"allow_raw_access": true
"ignore": false
}
WARN: {
"match": "nevermatchmetoo",
"headers": {},
"ignore": false,
"allow_raw_access": true
"ignore": false
}
WARN: {
"match": "non-matcher",
"headers": {
"x-header": "x-value"
},
"ignore": false,
"allow_raw_access": true
"ignore": false
}'
# splitting this up into two checks, because the order is different on macos vs ubuntu
assert_contains 'WARN: {
"match": "/thanks-for-not-stripping-forward-slash",
"headers": {
"x-header": "x-value"
},
"ignore": false,
"allow_raw_access": true
"ignore": false
}'
}

Expand Down
163 changes: 158 additions & 5 deletions src/canisters/frontend/ic-asset/src/asset/config.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,10 +34,6 @@ pub(crate) struct CacheConfig {
pub(crate) max_age: Option<u64>,
}

fn default_raw_access() -> Option<bool> {
Some(true)
}

/// A single configuration object, from `.ic-assets.json` config file
#[derive(Derivative, Clone, Serialize)]
#[derivative(Debug, PartialEq)]
Expand Down Expand Up @@ -348,7 +344,6 @@ mod rule_utils {
headers: Maybe<HeadersConfig>,
ignore: Option<bool>,
enable_aliasing: Option<bool>,
#[serde(default = "super::default_raw_access")]
allow_raw_access: Option<bool>,
}

Expand Down Expand Up @@ -427,6 +422,16 @@ mod rule_utils {
s.push_str(&format!(" - HTTP cache max-age: {}\n", max_age));
}
}
if let Some(allow_raw_access) = self.allow_raw_access {
s.push_str(&format!(
" - enable raw access: {}\n",
if allow_raw_access {
"enabled"
} else {
"disabled"
}
));
}
if let Some(aliasing) = self.enable_aliasing {
s.push_str(&format!(
" - URL path aliasing: {}\n",
Expand Down Expand Up @@ -936,4 +941,152 @@ mod with_tempdir {
},
);
}

#[test]
fn the_order_does_not_matter() {
let cfg = Some(HashMap::from([(
"".to_string(),
r#"[
{
"match": "**/deep/**/*",
"allow_raw_access": false,
"cache": {
"max_age": 22
},
"enable_aliasing": true,
"ignore": true
},
{
"match": "**/*",
"headers": {
"X-Frame-Options": "DENY"
}
}
]
"#
.to_string(),
)]));
let cfg2 = Some(HashMap::from([(
"".to_string(),
r#"[
{
"match": "**/*",
"headers": {
"X-Frame-Options": "DENY"
}
},
{
"match": "**/deep/**/*",
"allow_raw_access": false,
"cache": {
"max_age": 22
},
"enable_aliasing": true,
"ignore": true
}
]
"#
.to_string(),
)]));

let x = {
let assets_temp_dir = create_temporary_assets_directory(cfg, 0);
let assets_dir = assets_temp_dir.path().canonicalize().unwrap();
let mut assets_config = AssetSourceDirectoryConfiguration::load(&assets_dir).unwrap();
assets_config
.get_asset_config(assets_dir.join("nested/deep/the-next-thing.toml").as_path())
.unwrap()
};
let y = {
let assets_temp_dir = create_temporary_assets_directory(cfg2, 0);
let assets_dir = assets_temp_dir.path().canonicalize().unwrap();
let mut assets_config = AssetSourceDirectoryConfiguration::load(&assets_dir).unwrap();
assets_config
.get_asset_config(assets_dir.join("nested/deep/the-next-thing.toml").as_path())
.unwrap()
};

dbg!(&x, &y);
assert_eq!(x.allow_raw_access, Some(false));
assert_eq!(y.allow_raw_access, Some(false));
assert_eq!(x.enable_aliasing, Some(true));
assert_eq!(y.enable_aliasing, Some(true));
assert_eq!(x.ignore, Some(true));
assert_eq!(y.ignore, Some(true));
assert_eq!(x.cache.clone().unwrap().max_age, Some(22));
assert_eq!(y.cache.clone().unwrap().max_age, Some(22));

// same as above but with different values
let cfg = Some(HashMap::from([(
"".to_string(),
r#"[
{
"match": "**/deep/**/*",
"allow_raw_access": true,
"enable_aliasing": false,
"ignore": false,
"headers": {
"X-Frame-Options": "ALLOW"
}
},
{
"match": "**/*",
"cache": {
"max_age": 22
}
}
]
"#
.to_string(),
)]));
let cfg2 = Some(HashMap::from([(
"".to_string(),
r#"[
{
"match": "**/*",
"cache": {
"max_age": 22
}
},
{
"match": "**/deep/**/*",
"allow_raw_access": true,
"enable_aliasing": false,
"ignore": false,
"headers": {
"X-Frame-Options": "ALLOW"
}
}
]
"#
.to_string(),
)]));

let x = {
let assets_temp_dir = create_temporary_assets_directory(cfg, 0);
let assets_dir = assets_temp_dir.path().canonicalize().unwrap();
let mut assets_config = AssetSourceDirectoryConfiguration::load(&assets_dir).unwrap();
assets_config
.get_asset_config(assets_dir.join("nested/deep/the-next-thing.toml").as_path())
.unwrap()
};
let y = {
let assets_temp_dir = create_temporary_assets_directory(cfg2, 0);
let assets_dir = assets_temp_dir.path().canonicalize().unwrap();
let mut assets_config = AssetSourceDirectoryConfiguration::load(&assets_dir).unwrap();
assets_config
.get_asset_config(assets_dir.join("nested/deep/the-next-thing.toml").as_path())
.unwrap()
};

dbg!(&x, &y);
assert_eq!(x.allow_raw_access, Some(true));
assert_eq!(y.allow_raw_access, Some(true));
assert_eq!(x.enable_aliasing, Some(false));
assert_eq!(y.enable_aliasing, Some(false));
assert_eq!(x.ignore, Some(false));
assert_eq!(y.ignore, Some(false));
assert_eq!(x.cache.clone().unwrap().max_age, Some(22));
assert_eq!(y.cache.clone().unwrap().max_age, Some(22));
}
}

0 comments on commit b626fd4

Please sign in to comment.