mirror of
https://github.com/anthropics/claude-code-action.git
synced 2026-01-23 15:04:13 +08:00
test: add network restrictions verification test
This commit is contained in:
km-anthropic
1
.github/workflows/claude.yml
vendored
1
.github/workflows/claude.yml
vendored
@@ -29,7 +29,6 @@ jobs:
|
|||||||
with:
|
with:
|
||||||
fetch-depth: 1
|
fetch-depth: 1
|
||||||
|
|
||||||
|
|
||||||
- name: Setup Network Restrictions
|
- name: Setup Network Restrictions
|
||||||
if: ${{ vars.DISABLE_NETWORK_RESTRICTIONS != 'true' }}
|
if: ${{ vars.DISABLE_NETWORK_RESTRICTIONS != 'true' }}
|
||||||
run: |
|
run: |
|
||||||
|
|||||||
54
test/network-restrictions.test.ts
Normal file
54
test/network-restrictions.test.ts
Normal file
@@ -0,0 +1,54 @@
|
|||||||
|
import { describe, it, expect } from "bun:test";
|
||||||
|
|
||||||
|
describe("Network Restrictions", () => {
|
||||||
|
it("should block access to unauthorized domains", async () => {
|
||||||
|
// This test verifies that the proxy blocks unauthorized domains
|
||||||
|
const unauthorizedUrls = [
|
||||||
|
"https://example.com/api/data",
|
||||||
|
"https://jsonplaceholder.typicode.com/posts",
|
||||||
|
"https://httpbin.org/get",
|
||||||
|
"https://pastebin.com/raw/example123",
|
||||||
|
"https://google.com",
|
||||||
|
];
|
||||||
|
|
||||||
|
for (const url of unauthorizedUrls) {
|
||||||
|
try {
|
||||||
|
const response = await fetch(url, {
|
||||||
|
timeout: 5000,
|
||||||
|
// Force through proxy if set
|
||||||
|
agent: undefined,
|
||||||
|
});
|
||||||
|
|
||||||
|
// If we reach here, the proxy didn't block it - test should fail
|
||||||
|
expect(response.ok).toBe(false);
|
||||||
|
throw new Error(`Unauthorized domain ${url} was not blocked by proxy`);
|
||||||
|
} catch (error) {
|
||||||
|
// We expect an error (connection refused, timeout, etc)
|
||||||
|
// This is the desired behavior - proxy blocked the request
|
||||||
|
expect(error).toBeDefined();
|
||||||
|
console.log(`✓ Successfully blocked: ${url}`);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
|
||||||
|
it("should allow access to whitelisted domains", async () => {
|
||||||
|
// These should work through the proxy
|
||||||
|
const allowedUrls = [
|
||||||
|
"https://api.github.com/zen",
|
||||||
|
"https://registry.npmjs.org/-/ping",
|
||||||
|
];
|
||||||
|
|
||||||
|
for (const url of allowedUrls) {
|
||||||
|
try {
|
||||||
|
const response = await fetch(url, { timeout: 5000 });
|
||||||
|
expect(response.ok).toBe(true);
|
||||||
|
console.log(`✓ Successfully allowed: ${url}`);
|
||||||
|
} catch (error) {
|
||||||
|
// If whitelisted domains fail, something is wrong
|
||||||
|
throw new Error(
|
||||||
|
`Whitelisted domain ${url} was blocked: ${error.message}`,
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
||||||
Reference in New Issue
Block a user