| blob | 755bb1c1c6c26da31b51e735653cd4898f5921cf |
2 var express = require('..');
3 var request = require('supertest');
4 var utils = require('./support/utils');
6 describe('res', function(){
7 describe('.redirect(url)', function(){
8 it('should default to a 302 redirect', function(done){
9 var app = express();
11 app.use(function(req, res){
12 res.redirect('http://google.com');
13 });
15 request(app)
16 .get('/')
17 .expect('location', 'http://google.com')
18 .expect(302, done)
19 })
21 it('should encode "url"', function (done) {
22 var app = express()
24 app.use(function (req, res) {
25 res.redirect('https://google.com?q=\u2603 ยง10')
26 })
28 request(app)
29 .get('/')
30 .expect('Location', 'https://google.com?q=%E2%98%83%20%C2%A710')
31 .expect(302, done)
32 })
34 it('should not touch already-encoded sequences in "url"', function (done) {
35 var app = express()
37 app.use(function (req, res) {
38 res.redirect('https://google.com?q=%A710')
39 })
41 request(app)
42 .get('/')
43 .expect('Location', 'https://google.com?q=%A710')
44 .expect(302, done)
45 })
46 })
48 describe('.redirect(status, url)', function(){
49 it('should set the response status', function(done){
50 var app = express();
52 app.use(function(req, res){
53 res.redirect(303, 'http://google.com');
54 });
56 request(app)
57 .get('/')
58 .expect('Location', 'http://google.com')
59 .expect(303, done)
60 })
61 })
63 describe('.redirect(url, status)', function(){
64 it('should set the response status', function(done){
65 var app = express();
67 app.use(function(req, res){
68 res.redirect('http://google.com', 303);
69 });
71 request(app)
72 .get('/')
73 .expect('Location', 'http://google.com')
74 .expect(303, done)
75 })
76 })
78 describe('when the request method is HEAD', function(){
79 it('should ignore the body', function(done){
80 var app = express();
82 app.use(function(req, res){
83 res.redirect('http://google.com');
84 });
86 request(app)
87 .head('/')
88 .expect('Location', 'http://google.com')
89 .expect(302, '', done)
90 })
91 })
93 describe('when accepting html', function(){
94 it('should respond with html', function(done){
95 var app = express();
97 app.use(function(req, res){
98 res.redirect('http://google.com');
99 });
101 request(app)
102 .get('/')
103 .set('Accept', 'text/html')
104 .expect('Content-Type', /html/)
105 .expect('Location', 'http://google.com')
106 .expect(302, '<p>Found. Redirecting to <a href="http://google.com">http://google.com</a></p>', done)
107 })
109 it('should escape the url', function(done){
110 var app = express();
112 app.use(function(req, res){
113 res.redirect('<la\'me>');
114 });
116 request(app)
117 .get('/')
118 .set('Host', 'http://example.com')
119 .set('Accept', 'text/html')
120 .expect('Content-Type', /html/)
121 .expect('Location', '%3Cla\'me%3E')
122 .expect(302, '<p>Found. Redirecting to <a href="%3Cla'me%3E">%3Cla'me%3E</a></p>', done)
123 })
125 it('should include the redirect type', function(done){
126 var app = express();
128 app.use(function(req, res){
129 res.redirect(301, 'http://google.com');
130 });
132 request(app)
133 .get('/')
134 .set('Accept', 'text/html')
135 .expect('Content-Type', /html/)
136 .expect('Location', 'http://google.com')
137 .expect(301, '<p>Moved Permanently. Redirecting to <a href="http://google.com">http://google.com</a></p>', done);
138 })
139 })
141 describe('when accepting text', function(){
142 it('should respond with text', function(done){
143 var app = express();
145 app.use(function(req, res){
146 res.redirect('http://google.com');
147 });
149 request(app)
150 .get('/')
151 .set('Accept', 'text/plain, */*')
152 .expect('Content-Type', /plain/)
153 .expect('Location', 'http://google.com')
154 .expect(302, 'Found. Redirecting to http://google.com', done)
155 })
157 it('should encode the url', function(done){
158 var app = express();
160 app.use(function(req, res){
161 res.redirect('http://example.com/?param=<script>alert("hax");</script>');
162 });
164 request(app)
165 .get('/')
166 .set('Host', 'http://example.com')
167 .set('Accept', 'text/plain, */*')
168 .expect('Content-Type', /plain/)
169 .expect('Location', 'http://example.com/?param=%3Cscript%3Ealert(%22hax%22);%3C/script%3E')
170 .expect(302, 'Found. Redirecting to http://example.com/?param=%3Cscript%3Ealert(%22hax%22);%3C/script%3E', done)
171 })
173 it('should include the redirect type', function(done){
174 var app = express();
176 app.use(function(req, res){
177 res.redirect(301, 'http://google.com');
178 });
180 request(app)
181 .get('/')
182 .set('Accept', 'text/plain, */*')
183 .expect('Content-Type', /plain/)
184 .expect('Location', 'http://google.com')
185 .expect(301, 'Moved Permanently. Redirecting to http://google.com', done);
186 })
187 })
189 describe('when accepting neither text or html', function(){
190 it('should respond with an empty body', function(done){
191 var app = express();
193 app.use(function(req, res){
194 res.redirect('http://google.com');
195 });
197 request(app)
198 .get('/')
199 .set('Accept', 'application/octet-stream')
200 .expect('location', 'http://google.com')
201 .expect('content-length', '0')
202 .expect(utils.shouldNotHaveHeader('Content-Type'))
203 .expect(302, '', done)
204 })
205 })
206 })