GithubBackup/MyGoNavi
1
0
Fork 0
mirror of https://github.com/Syngnat/GoNavi.git synced 2026-06-03 04:59:46 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
19655643864e54248264ceed2bc2a405ae5b2dfd
MyGoNavi/internal/jvm/diagnostic_config_test.go
Syngnat ec2eefc9d2 🐛 fix(jvm): 加固诊断命令策略与输出脱敏 
在服务端阻断只读连接中的高风险和多行诊断命令,并对诊断事件与错误消息统一脱敏,避免凭证、Authorization 和 PEM 片段泄漏。
2026-04-28 09:42:41 +08:00

83 lines
2.5 KiB
Go
Raw Blame History

package jvm
import (
"testing"
"GoNavi-Wails/internal/connection"
)
func TestNormalizeDiagnosticConfigDefaultsToDisabledObserveOnly(t *testing.T) {
cfg, err := NormalizeDiagnosticConfig(connection.ConnectionConfig{
Type: "jvm",
Host: "orders.internal",
JVM: connection.JVMConfig{},
})
if err != nil {
t.Fatalf("NormalizeDiagnosticConfig returned error: %v", err)
}
if cfg.Enabled {
t.Fatalf("expected diagnostic mode disabled by default")
}
if cfg.Transport != DiagnosticTransportAgentBridge {
t.Fatalf("expected default transport %q, got %q", DiagnosticTransportAgentBridge, cfg.Transport)
}
if cfg.TimeoutSeconds != 15 {
t.Fatalf("expected default timeout 15 seconds, got %d", cfg.TimeoutSeconds)
}
if !cfg.AllowObserveCommands || cfg.AllowTraceCommands || cfg.AllowMutatingCommands {
t.Fatalf("unexpected default command policy: %#v", cfg)
}
}
func TestValidateDiagnosticCommandPolicyRejectsMultilineCommand(t *testing.T) {
cfg, err := NormalizeDiagnosticConfig(connection.ConnectionConfig{
Type: "jvm",
Host: "orders.internal",
JVM: connection.JVMConfig{
Diagnostic: connection.JVMDiagnosticConfig{
Enabled: true,
Transport: DiagnosticTransportAgentBridge,
BaseURL: "http://127.0.0.1:19091/gonavi/diag",
AllowObserveCommands: true,
AllowTraceCommands: true,
AllowMutatingCommands: true,
},
},
})
if err != nil {
t.Fatalf("NormalizeDiagnosticConfig returned error: %v", err)
}
for _, command := range []string{
"thread -n 1\nognl '@java.lang.System@setProperty(\"x\",\"y\")'",
"thread -n 1\rwatch com.foo.OrderService submitOrder '{params}'",
} {
if _, err := ValidateDiagnosticCommandPolicy(cfg, command); err == nil {
t.Fatalf("expected multiline command to be rejected: %q", command)
}
}
}
func TestClassifyDiagnosticCommandRejectsMutatingCommandWhenDisabled(t *testing.T) {
cfg, err := NormalizeDiagnosticConfig(connection.ConnectionConfig{
Type: "jvm",
Host: "orders.internal",
JVM: connection.JVMConfig{
Diagnostic: connection.JVMDiagnosticConfig{
Enabled: true,
Transport: DiagnosticTransportAgentBridge,
BaseURL: "http://127.0.0.1:19091/gonavi/diag",
AllowObserveCommands: true,
},
},
})
if err != nil {
t.Fatalf("NormalizeDiagnosticConfig returned error: %v", err)
}
_, err = ValidateDiagnosticCommandPolicy(cfg, "ognl '@java.lang.System@exit(0)'")
if err == nil {
t.Fatalf("expected mutating command to be rejected")
}
}
Reference in New Issue View Git Blame Copy Permalink