File 0003-6.8-core.http-Cleanup-catch-all-route-for-paths-with.patch of Package kibana
From cd61ef7aa2675578c581da2a9c0e455d67237797 Mon Sep 17 00:00:00 2001
From: Luke Elmers <luke.elmers@elastic.co>
Date: Tue, 20 Apr 2021 14:57:08 -0600
Subject: [PATCH 3/3] [6.8] [core.http] Cleanup catch-all route for paths with
trailing slashes. (#96889) (#97056)
Conflicts:
src/server/http/index.js
(cherry picked from commit 720bc4cc0c0fd388e72066626716663c15880003)
---
src/server/http/index.js | 2 +-
.../http/integration_tests/index.test.js | 56 +++++++++++++++++++
2 files changed, 57 insertions(+), 1 deletion(-)
create mode 100644 src/server/http/integration_tests/index.test.js
diff --git a/src/server/http/index.js b/src/server/http/index.js
index d63cd339aa7..933940b88b8 100644
--- a/src/server/http/index.js
+++ b/src/server/http/index.js
@@ -145,7 +145,7 @@
path: '/{p*}',
handler: function handler(req, reply) {
var path = req.path;
- if (path === '/' || path.charAt(path.length - 1) !== '/') {
+ if (path === '/' || path.charAt(path.length - 1) !== '/' || path.charAt(0) === '/') {
return reply(Boom.notFound());
}
var pathPrefix = config.get('server.basePath') ? config.get('server.basePath') + '/' : '';
diff --git a/src/server/http/integration_tests/index.test.js b/src/server/http/integration_tests/index.test.js
new file mode 100644
index 00000000000..48d76eb311c
--- /dev/null
+++ b/src/server/http/integration_tests/index.test.js
@@ -0,0 +1,56 @@
+/*
+ * Licensed to Elasticsearch B.V. under one or more contributor
+ * license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright
+ * ownership. Elasticsearch B.V. licenses this file to you under
+ * the Apache License, Version 2.0 (the "License"); you may
+ * not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import * as kbnTestServer from '../../../test_utils/kbn_server';
+
+describe('Core app routes', () => {
+ let root;
+
+ beforeAll(async () => {
+ root = kbnTestServer.createRoot({
+ plugins: { initialize: false },
+ server: {
+ basePath: '/base-path',
+ },
+ });
+
+ await root.start();
+ }, 30000);
+
+ afterAll(async function () {
+ await root.shutdown();
+ });
+
+ describe('`/{path*}` route', () => {
+ it('does not redirect if the path starts with `//`', async () => {
+ await kbnTestServer.request.get(root, '//some-path/').expect(404);
+ });
+
+ it('does not redirect if the path does not end with `/`', async () => {
+ await kbnTestServer.request.get(root, '/some-path').expect(404);
+ });
+ });
+
+ describe('`/` route', () => {
+ it('prevails on the `/{path*}` route', async () => {
+ const response = await kbnTestServer.request.get(root, '/').expect(302);
+ expect(response.get('location')).toEqual('/base-path/app/kibana');
+ });
+ });
+});
--
2.30.2
