mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Fix QA validation issues and add M7.1 security fixes (#318)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details

Browse Source 
Co-authored-by: Jason Woltje <jason@diversecanvas.com>
Co-committed-by: Jason Woltje <jason@diversecanvas.com>
This commit was merged in pull request #318.
This commit is contained in:
Jason Woltje
2026-02-04 03:08:09 +00:00
committed by jason.woltje
parent 482507ce4d
commit a1973e6419
178 changed files with 4902 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
apps/api/src/federation/http-timeout.spec.ts Normal file
View File

@@ -0,0 +1,69 @@
/**
* HTTP Timeout Tests
*
* Verifies that HTTP requests have proper timeout configuration to prevent DoS attacks.
* Issue #282: Add HTTP request timeouts (DoS risk)
*/
import { describe, it, expect, beforeEach } from "vitest";
import { Test, TestingModule } from "@nestjs/testing";
import { HttpService, HttpModule } from "@nestjs/axios";
import { ConfigModule } from "@nestjs/config";
import { of, delay } from "rxjs";
describe("HTTP Timeout Configuration", () => {
let httpService: HttpService;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
imports: [
ConfigModule,
HttpModule.register({
timeout: 10000, // 10 seconds
maxRedirects: 5,
}),
],
}).compile();
httpService = module.get<HttpService>(HttpService);
});
it("should have HttpService configured", () => {
expect(httpService).toBeDefined();
});
it("should have axios instance with timeout configured", () => {
const axiosInstance = httpService.axiosRef;
expect(axiosInstance.defaults.timeout).toBe(10000);
});
it("should have max redirects configured", () => {
const axiosInstance = httpService.axiosRef;
expect(axiosInstance.defaults.maxRedirects).toBe(5);
});
});
describe("HTTP Timeout Behavior", () => {
let httpService: HttpService;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
imports: [
ConfigModule,
HttpModule.register({
timeout: 100, // 100ms for fast testing
maxRedirects: 5,
}),
],
}).compile();
httpService = module.get<HttpService>(HttpService);
});
it("should timeout requests that exceed the configured timeout", async () => {
// This test verifies the timeout mechanism exists
// In a real scenario, a slow server would trigger this
const axiosInstance = httpService.axiosRef;
expect(axiosInstance.defaults.timeout).toBe(100);
});
});