kunthawat/emdash-patch-imageupload
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0f8d815d3f8c773055ba2d2bb640ecac3b6ab903
emdash-patch-imageupload/packages/core/tests/unit/plugins/page-contribution-sandbox.test.ts
kunthawat 2d1be52177 Emdash source with visual editor image upload fix 
Fixes:
1. media.ts: wrap placeholder generation in try-catch
2. toolbar.ts: check r.ok, display error message in popover
2026-05-03 10:44:54 +07:00

72 lines
2.6 KiB
TypeScript
Raw Blame History

import { describe, it, expect } from "vitest";
/**
* Tests for the sandbox boundary enforcement of page contribution hooks.
*
* page:metadata is sandbox-safe.
* page:fragments is trusted-only but valid in manifests (enforcement happens
* at runtime via capability checks and at bundle time via CLI warnings).
*
* The enforcement happens at multiple layers:
* 1. Manifest schema: HOOK_NAMES includes both page:metadata and page:fragments
* 2. Capability enforcement: page:fragments requires page:inject capability
* 3. Bundle CLI: warns when page:fragments is declared in a sandbox-targeted plugin
* 4. Fragment collector: never invokes sandboxed plugins for page:fragments
*/
describe("page contribution sandbox boundary", () => {
describe("manifest schema validation", () => {
it("should accept page:metadata in manifests", async () => {
const { pluginManifestSchema } = await import("../../../src/plugins/manifest-schema.js");
const manifest = {
id: "test-plugin",
version: "1.0.0",
capabilities: [],
allowedHosts: [],
storage: {},
hooks: [{ name: "page:metadata" }],
routes: [],
admin: { pages: [], widgets: [] },
};
const result = pluginManifestSchema.safeParse(manifest);
expect(result.success).toBe(true);
});
it("should accept page:fragments in manifests (enforcement is at runtime)", async () => {
const { pluginManifestSchema } = await import("../../../src/plugins/manifest-schema.js");
const manifest = {
id: "test-plugin",
version: "1.0.0",
capabilities: [],
allowedHosts: [],
storage: {},
hooks: [{ name: "page:fragments" }],
routes: [],
admin: { pages: [], widgets: [] },
};
// Manifest validation accepts page:fragments — trusted-only enforcement
// happens via capability checks (requires page:inject) and the bundle CLI
// warns when this hook is used in a sandbox-targeted plugin.
const result = pluginManifestSchema.safeParse(manifest);
expect(result.success).toBe(true);
});
});
describe("fragment collector defense-in-depth", () => {
it("resolveFragments only processes contributions it receives", async () => {
// The fragment collector in page/fragments.ts is a pure function that
// processes whatever contributions are passed to it. The defense-in-depth
// is that the runtime never passes sandboxed plugin contributions to it.
// This test verifies the pure function works correctly.
const { resolveFragments } = await import("../../../src/page/fragments.js");
const result = resolveFragments([], "head");
expect(result).toEqual([]);
});
});
});
Reference in New Issue View Git Blame Copy Permalink