From bdca6b5453b6422db4a1f0af2434da89a9446545 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 22 May 2024 11:54:27 -0400 Subject: [PATCH] change port bind and add a unittest (#10208) (#10211) --- .../unreleased/Security-20240522-094540.yaml | 6 +++++ core/dbt/task/docs/serve.py | 2 +- tests/unit/task/docs/__init__.py | 0 tests/unit/task/docs/test_serve.py | 23 +++++++++++++++++++ 4 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 .changes/unreleased/Security-20240522-094540.yaml create mode 100644 tests/unit/task/docs/__init__.py create mode 100644 tests/unit/task/docs/test_serve.py diff --git a/.changes/unreleased/Security-20240522-094540.yaml b/.changes/unreleased/Security-20240522-094540.yaml new file mode 100644 index 00000000000..b35f96dc084 --- /dev/null +++ b/.changes/unreleased/Security-20240522-094540.yaml @@ -0,0 +1,6 @@ +kind: Security +body: Explicitly bind to localhost in docs serve +time: 2024-05-22T09:45:40.748185-04:00 +custom: + Author: ChenyuLInx michelleark + Issue: "10209" diff --git a/core/dbt/task/docs/serve.py b/core/dbt/task/docs/serve.py index c3e6fda61fa..99f97700758 100644 --- a/core/dbt/task/docs/serve.py +++ b/core/dbt/task/docs/serve.py @@ -20,7 +20,7 @@ def run(self): if self.args.browser: webbrowser.open_new_tab(f"http://localhost:{port}") - with socketserver.TCPServer(("", port), SimpleHTTPRequestHandler) as httpd: + with socketserver.TCPServer(("127.0.0.1", port), SimpleHTTPRequestHandler) as httpd: click.echo(f"Serving docs at {port}") click.echo(f"To access from your browser, navigate to: http://localhost:{port}") click.echo("\n\n") diff --git a/tests/unit/task/docs/__init__.py b/tests/unit/task/docs/__init__.py new file mode 100644 index 00000000000..e69de29bb2d diff --git a/tests/unit/task/docs/test_serve.py b/tests/unit/task/docs/test_serve.py new file mode 100644 index 00000000000..cedb234a205 --- /dev/null +++ b/tests/unit/task/docs/test_serve.py @@ -0,0 +1,23 @@ +from http.server import SimpleHTTPRequestHandler +from unittest.mock import MagicMock, patch + +import pytest + +from dbt.task.docs.serve import ServeTask + + +@pytest.fixture +def serve_task(): + # Set up + task = ServeTask(config=MagicMock(), args=MagicMock()) + task.config.project_target_path = "." + task.args.port = 8000 + return task + + +def test_serve_bind_to_127(serve_task): + serve_task.args.browser = False + with patch("dbt.task.docs.serve.socketserver.TCPServer") as patched_TCPServer: + patched_TCPServer.return_value = MagicMock() + serve_task.run() + patched_TCPServer.assert_called_once_with(("127.0.0.1", 8000), SimpleHTTPRequestHandler)