#13120

pending completion

Build # #13120

Build Type

push

circleci

Committed by

Vinnl

Commit Message

Separate page for scan results

Run Details

282 of 1619 branches covered (17.42%)

Branch coverage included in aggregate %.

28 of 28 new or added lines in 5 files covered. (100.0%)

959 of 4370 relevant lines covered (21.95%)

1.83 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/src/controllers/requestBreachScan.js

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

import { getMessage } from '../utils/fluent.js'
import { UserInputError } from '../utils/error.js'
import { getSha1 } from '../utils/fxa.js'
import { getBreachesForEmail } from '../utils/hibp.js'

async function requestBreachScan (req, res, next) {
  if (req.method !== 'POST' || typeof req.body?.email !== 'string') {
    return next()
  }

  // TODO could share this validation logic with add-email API?
  const email = req.body.email
  // Use the same regex as HTML5 email input type
  // https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/email#basic_validation
  const emailRegex = /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/

  if (!email || !emailRegex.test(email)) {
    throw new UserInputError(getMessage('user-add-invalid-email'))
  }

  try {
    const allBreaches = req.app.locals.breaches
    const breaches = await getBreachesForEmail(getSha1(email), allBreaches, false)

    return res.json({ success: true, breaches })
  } catch (ex) {
    return res.status(500).send({ success: false })
  }
}

export { requestBreachScan }

1	/* This Source Code Form is subject to the terms of the Mozilla Public
2	* License, v. 2.0. If a copy of the MPL was not distributed with this
3	* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4
5	import { getMessage } from '../utils/fluent.js'
6	import { UserInputError } from '../utils/error.js'
7	import { getSha1 } from '../utils/fxa.js'
8	import { getBreachesForEmail } from '../utils/hibp.js'
9
10	async function requestBreachScan (req, res, next) {
11	if (req.method !== 'POST' \|\| typeof req.body?.email !== 'string') {	×
12	return next()	×
13	}
14
15	// TODO could share this validation logic with add-email API?
16	const email = req.body.email	×
17	// Use the same regex as HTML5 email input type
18	// https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/email#basic_validation
19	const emailRegex = /^[a-zA-Z0-9.!#$%&'+/=?^_`{\|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)$/	×
20
21	if (!email \|\| !emailRegex.test(email)) {	×
22	throw new UserInputError(getMessage('user-add-invalid-email'))	×
23	}
24
25	try {	×
26	const allBreaches = req.app.locals.breaches	×
27	const breaches = await getBreachesForEmail(getSha1(email), allBreaches, false)	×
28
29	return res.json({ success: true, breaches })	×
30	} catch (ex) {
31	return res.status(500).send({ success: false })	×
32	}
33	}
34
35	export { requestBreachScan }

mozilla / blurts-server / #13120

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous