SecureBitChat/securebit-chat
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
15173a927805fe76ac01774db1007c82e2a26e39
securebit-chat/tests/secure-chat-features.test.mjs
T

76 lines
3.3 KiB
JavaScript
Raw Normal View History

release: v4.8.14 secure chat tools (code blocks, view-once, disappearing, unsend, panic)
2026-06-18 20:37:50 -04:00
import assert from 'node:assert/strict';
// No DOM needed: we mock the incoming-chat sanitizer so DOMPurify/window are
// not required, and exercise the transport/meta plumbing directly.
globalThis.window = globalThis.window || {};
const { EnhancedSecureWebRTCManager } = await import('../src/network/EnhancedSecureWebRTCManager.js');
const P = EnhancedSecureWebRTCManager.prototype;
const T = EnhancedSecureWebRTCManager.MESSAGE_TYPES;
// ── _sanitizeMessageMeta: whitelist + bounds ────────────────────────────────
{
const ok = P._sanitizeMessageMeta.call({}, { mid: 'm_1-a', once: true, ttl: 300, code: true });
assert.deepEqual(ok, { mid: 'm_1-a', code: true, once: true, ttl: 300 });
// Junk and out-of-range values are stripped; with no valid keys -> null.
assert.equal(P._sanitizeMessageMeta.call({}, { foo: 1 }), null);
assert.equal(P._sanitizeMessageMeta.call({}, null), null);
assert.equal(P._sanitizeMessageMeta.call({}, { ttl: 999999 }), null); // above 24h cap
assert.equal(P._sanitizeMessageMeta.call({}, { ttl: 1 }), null); // below 5s floor
assert.equal(P._sanitizeMessageMeta.call({}, { once: 'yes' }), null); // must be exactly true
assert.deepEqual(P._sanitizeMessageMeta.call({}, { mid: 'bad id!@#' }), { mid: 'badid' }); // sanitized
}
// ── deliverMessageToUI forwards sanitized meta to onMessage ──────────────────
{
const calls = [];
const manager = {
_debugMode: false,
_secureLog() {},
_sanitizeIncomingChatMessage: (m) => m, // bypass DOMPurify in test
_sanitizeMessageMeta: P._sanitizeMessageMeta,
onMessage: (message, type, meta) => calls.push({ message, type, meta })
};
P.deliverMessageToUI.call(manager, 'hello', 'received', { once: true, ttl: 30, mid: 'm1', junk: 9 });
assert.equal(calls.length, 1);
assert.equal(calls[0].message, 'hello');
assert.equal(calls[0].type, 'received');
assert.deepEqual(calls[0].meta, { mid: 'm1', once: true, ttl: 30 });
// No meta -> onMessage gets undefined (backward compatible).
calls.length = 0;
P.deliverMessageToUI.call(manager, 'plain', 'received');
assert.equal(calls[0].meta, undefined);
}
// ── processMessage routes message_delete to onMessageDelete ──────────────────
{
const deleted = [];
const manager = {
_secureLog() {},
onMessageDelete: (id) => deleted.push(id)
};
await P.processMessage.call(
manager,
JSON.stringify({ type: T.MESSAGE_DELETE, data: { messageId: 'm_42' } })
);
assert.deepEqual(deleted, ['m_42']);
}
// ── sendMessageDelete emits a well-formed control message ────────────────────
{
const sent = [];
const manager = { sendSystemMessage: (m) => { sent.push(m); return true; } };
const result = P.sendMessageDelete.call(manager, 'm_99');
assert.equal(result, true);
assert.deepEqual(sent, [{ type: T.MESSAGE_DELETE, messageId: 'm_99' }]);
// Invalid ids are rejected without emitting anything.
sent.length = 0;
assert.equal(P.sendMessageDelete.call(manager, ''), false);
assert.equal(sent.length, 0);
}
console.log('Secure chat features tests passed');
Reference in New Issue Copy Permalink