gooneyryan/hermes-webui
1
0
Fork 0
mirror of https://github.com/nesquena/hermes-webui.git synced 2026-05-28 04:30:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
b62f9dbbf8e270018bddd384c8d6bdedbb2ea083
hermes-webui/tests/test_subpath_frontend_routes.py
T
Michael Lam e9d7d5e427 fix: keep frontend routes under subpath mounts
2026-05-04 00:06:58 -07:00

62 lines
2.3 KiB
Python
Raw Blame History

"""Regression tests for frontend routing under subpath mounts like /hermes/."""
from pathlib import Path
ROOT = Path(__file__).resolve().parents[1]
def read(path: str) -> str:
return (ROOT / path).read_text(encoding="utf-8")
def test_workspace_api_401_redirect_uses_relative_login_path():
src = read("static/workspace.js")
assert "res.status===401" in src
assert "window.location.href='login?next='" in src, (
"workspace api() must redirect to relative login?next= so /hermes/ "
"does not escape to the personal site root /login."
)
assert "window.location.href='/login?next='" not in src
def test_ui_401_redirect_helper_uses_relative_login_path():
src = read("static/ui.js")
assert "function _redirectIfUnauth" in src
assert "window.location.href='login?next='" in src, (
"UI auth-expiry redirect must stay under the current subpath mount."
)
assert "window.location.href='/login?next='" not in src
def test_server_auth_redirect_uses_relative_login_path_with_encoded_next():
src = read("api/auth.py")
assert "handler.send_header('Location', 'login?next=' + _next)" in src
assert "handler.send_header('Location', '/login?next='" not in src
assert "safe='/'" in src, "the relative redirect must keep the existing next= encoding fix"
def test_direct_frontend_fetches_are_relative_to_current_mount():
for path in ("static/boot.js", "static/sessions.js", "static/ui.js"):
src = read(path)
assert "fetch('/api/" not in src, (
f"{path} must not fetch root /api/* because /hermes/ is subpath mounted."
)
assert 'fetch("/api/' not in src
assert "fetch('/health'" not in read("static/ui.js")
assert "new URL('health'" in read("static/ui.js")
def test_direct_frontend_event_sources_are_relative_to_current_mount():
src = read("static/messages.js")
assert "EventSource('/api/" not in src
assert 'EventSource("/api/' not in src
for endpoint in ("api/approval/stream", "api/clarify/stream", "api/chat/stream"):
assert endpoint in src
assert "new URL(" in src
def test_static_vendor_import_is_relative_to_current_mount():
src = read("static/index.html")
assert "import * as smd from 'static/vendor/smd.min.js'" in src
assert "import * as smd from '/static/vendor/smd.min.js'" not in src
Reference in New Issue View Git Blame Copy Permalink