tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-08-04 16:48:37 +00:00
Code Releases Activity

Add a config option to block "expensive" pages for anonymous users (#34024) (#34071)

Browse Source 
Backport #34024 since there are too many AI crawlers. The new code is
covered by tests and it does nothing if users don't set it.
This commit is contained in:
wxiaoguang
2025-03-30 14:16:32 +08:00
committed by GitHub
parent 5a9b3bfa50
commit 15e93a751c
21 changed files with 228 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/integration/api_org_test.go
View File

@@ -148,9 +148,9 @@ func TestAPIOrgEditBadVisibility(t *testing.T) {
func TestAPIOrgDeny(t *testing.T) {
onGiteaRun(t, func(*testing.T, *url.URL) {
setting.Service.RequireSignInView = true
setting.Service.RequireSignInViewStrict = true
defer func() {
setting.Service.RequireSignInView = false
setting.Service.RequireSignInViewStrict = false
}()
orgName := "user1_org"

2
tests/integration/api_packages_container_test.go
View File

@@ -111,7 +111,7 @@ func TestPackageContainer(t *testing.T) {
AddTokenAuth(anonymousToken)
MakeRequest(t, req, http.StatusOK)
defer test.MockVariableValue(&setting.Service.RequireSignInView, true)()
defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()
req = NewRequest(t, "GET", fmt.Sprintf("%sv2", setting.AppURL))
MakeRequest(t, req, http.StatusUnauthorized)

7
tests/integration/api_packages_generic_test.go
View File

@@ -15,6 +15,7 @@ import (
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
@@ -131,11 +132,7 @@ func TestPackageGeneric(t *testing.T) {
t.Run("RequireSignInView", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
setting.Service.RequireSignInView = true
defer func() {
setting.Service.RequireSignInView = false
}()
defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()
req = NewRequest(t, "GET", url+"/dummy.bin")
MakeRequest(t, req, http.StatusUnauthorized)

2
tests/integration/git_smart_http_test.go
View File

@@ -74,7 +74,7 @@ func testGitSmartHTTP(t *testing.T, u *url.URL) {
}
func testRenamedRepoRedirect(t *testing.T) {
defer test.MockVariableValue(&setting.Service.RequireSignInView, true)()
defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()
// git client requires to get a 301 redirect response before 401 unauthorized response
req := NewRequest(t, "GET", "/user2/oldrepo1/info/refs")

31
tests/integration/signin_test.go
View File

@@ -15,11 +15,13 @@ import (
"code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/modules/translation"
"code.gitea.io/gitea/modules/web"
"code.gitea.io/gitea/routers"
"code.gitea.io/gitea/services/context"
"code.gitea.io/gitea/tests"
"github.com/markbates/goth"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func testLoginFailed(t *testing.T, username, password, message string) {
@@ -158,3 +160,32 @@ func TestEnablePasswordSignInFormAndEnablePasskeyAuth(t *testing.T) {
NewHTMLParser(t, resp.Body).AssertElement(t, ".signin-passkey", true)
})
}
func TestRequireSignInView(t *testing.T) {
defer tests.PrepareTestEnv(t)()
t.Run("NoRequireSignInView", func(t *testing.T) {
require.False(t, setting.Service.RequireSignInViewStrict)
require.False(t, setting.Service.BlockAnonymousAccessExpensive)
req := NewRequest(t, "GET", "/user2/repo1/src/branch/master")
MakeRequest(t, req, http.StatusOK)
})
t.Run("RequireSignInView", func(t *testing.T) {
defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()
defer test.MockVariableValue(&testWebRoutes, routers.NormalRoutes())()
req := NewRequest(t, "GET", "/user2/repo1/src/branch/master")
resp := MakeRequest(t, req, http.StatusSeeOther)
assert.Equal(t, "/user/login", resp.Header().Get("Location"))
})
t.Run("BlockAnonymousAccessExpensive", func(t *testing.T) {
defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, false)()
defer test.MockVariableValue(&setting.Service.BlockAnonymousAccessExpensive, true)()
defer test.MockVariableValue(&testWebRoutes, routers.NormalRoutes())()
req := NewRequest(t, "GET", "/user2/repo1")
MakeRequest(t, req, http.StatusOK)
req = NewRequest(t, "GET", "/user2/repo1/src/branch/master")
resp := MakeRequest(t, req, http.StatusSeeOther)
assert.Equal(t, "/user/login", resp.Header().Get("Location"))
})
}