Update tests

Author: ascorbic

packages/cache-handlers/src/read.ts

@@ -62,11 +62,24 @@ export async function readFromCache(
 			const now = Date.now();
 			if (!isNaN(expiresAt) && now >= expiresAt) {
 				let swrSeconds: number | undefined;
-				const cc = cachedResponse.headers.get("cache-control");
-				if (cc) {
-					const directives = parseCacheControl(cc);
-					if (typeof directives["stale-while-revalidate"] === "number") {
-						swrSeconds = directives["stale-while-revalidate"] as number;
+				
+				// Check cdn-cache-control first (takes precedence)
+				const cdnCc = cachedResponse.headers.get("cdn-cache-control");
+				if (cdnCc) {
+					const cdnDirectives = parseCacheControl(cdnCc);
+					if (typeof cdnDirectives["stale-while-revalidate"] === "number") {
+						swrSeconds = cdnDirectives["stale-while-revalidate"] as number;
+					}
+				}
+				
+				// Fallback to regular cache-control if not found in cdn-cache-control
+				if (swrSeconds === undefined) {
+					const cc = cachedResponse.headers.get("cache-control");
+					if (cc) {
+						const directives = parseCacheControl(cc);
+						if (typeof directives["stale-while-revalidate"] === "number") {
+							swrSeconds = directives["stale-while-revalidate"] as number;
+						}
 					}
 				}
 				if (swrSeconds && now < expiresAt + swrSeconds * 1000) {

packages/cache-handlers/test/deno/conditional.test.ts

@@ -1,12 +1,7 @@
 import { assert, assertEquals, assertExists } from "jsr:@std/assert";
 import {
-	compareETags,
 	create304Response,
 	generateETag,
-	getDefaultConditionalConfig,
-	parseETag,
-	parseHttpDate,
-	parseIfNoneMatch,
 	validateConditionalRequest,
 } from "../../src/conditional.ts";
 import { createCacheHandler } from "../../src/handlers.ts";
@@ -24,73 +19,6 @@ Deno.test("Conditional Requests - ETag generation", async () => {
 	assert(etag.endsWith('"'));
 });
 
-Deno.test("Conditional Requests - ETag parsing", () => {
-	// Strong ETag
-	const strongETag = parseETag('"abc123"');
-	assertEquals(strongETag.value, "abc123");
-	assertEquals(strongETag.weak, false);
-
-	// Weak ETag
-	const weakETag = parseETag('W/"abc123"');
-	assertEquals(weakETag.value, "abc123");
-	assert(weakETag.weak);
-
-	// Empty ETag
-	const emptyETag = parseETag("");
-	assertEquals(emptyETag.value, "");
-	assertEquals(emptyETag.weak, false);
-});
-
-Deno.test("Conditional Requests - ETag comparison", () => {
-	const etag1 = '"abc123"';
-	const etag2 = '"abc123"';
-	const etag3 = '"def456"';
-	const weakETag = 'W/"abc123"';
-
-	// Strong comparison - exact match
-	assertEquals(compareETags(etag1, etag2), true);
-	assertEquals(compareETags(etag1, etag3), false);
-
-	// Strong comparison - weak ETag should not match
-	assertEquals(compareETags(etag1, weakETag, false), false);
-
-	// Weak comparison - should match even with weak ETag
-	assertEquals(compareETags(etag1, weakETag, true), true);
-});
-
-Deno.test("Conditional Requests - If-None-Match parsing", () => {
-	// Single ETag
-	const single = parseIfNoneMatch('"abc123"');
-	assert(Array.isArray(single));
-	assertEquals((single as string[]).length, 1);
-	assertEquals((single as string[])[0], '"abc123"');
-
-	// Multiple ETags
-	const multiple = parseIfNoneMatch('"abc123", "def456", W/"ghi789"');
-	assert(Array.isArray(multiple));
-	assertEquals((multiple as string[]).length, 3);
-
-	// Wildcard
-	const wildcard = parseIfNoneMatch("*");
-	assertEquals(wildcard, "*");
-
-	// Empty
-	const empty = parseIfNoneMatch("");
-	assert(Array.isArray(empty));
-	assertEquals((empty as string[]).length, 0);
-});
-
-Deno.test("Conditional Requests - HTTP date parsing", () => {
-	const validDate = parseHttpDate("Wed, 21 Oct 2015 07:28:00 GMT");
-	assertExists(validDate);
-	assert(validDate instanceof Date);
-
-	const invalidDate = parseHttpDate("invalid date");
-	assertEquals(invalidDate, null);
-
-	const emptyDate = parseHttpDate("");
-	assertEquals(emptyDate, null);
-});
 
 Deno.test("Conditional Requests - validateConditionalRequest with ETag", () => {
 	const request = new Request("https://example.com/test", {
@@ -176,9 +104,8 @@ Deno.test("Conditional Requests - 304 response creation", () => {
 	assertEquals(response304.headers.get("x-custom"), null);
 });
 
-// New unified handler integration tests
 
-Deno.test("Conditional Requests - unified handler If-None-Match", async () => {
+Deno.test("Conditional Requests - unified handler returns 304 for matching ETag", async () => {
 	await caches.delete("conditional-test");
 	const cacheName = "conditional-test";
 	const cache = await caches.open(cacheName);
@@ -202,12 +129,13 @@ Deno.test("Conditional Requests - unified handler If-None-Match", async () => {
 		{ handler: () => Promise.resolve(new Response("fresh")) },
 	);
 	assertExists(result);
-	assertEquals([200, 304].includes(result.status), true);
-	await result.clone().text();
+	assertEquals(result.status, 304);
+	assertEquals(result.body, null);
+	assertEquals(result.headers.get("etag"), '"test-etag-123"');
 	await caches.delete("conditional-test");
 });
 
-Deno.test("Conditional Requests - unified handler If-Modified-Since", async () => {
+Deno.test("Conditional Requests - unified handler returns 304 for matching Last-Modified", async () => {
 	await caches.delete("conditional-test-date");
 	const cacheName = "conditional-test-date";
 	const cache = await caches.open(cacheName);
@@ -232,8 +160,10 @@ Deno.test("Conditional Requests - unified handler If-Modified-Since", async () =
 		{ handler: () => Promise.resolve(new Response("fresh")) },
 	);
 	assertExists(result);
-	assertEquals([200, 304].includes(result.status), true);
-	await result.clone().text();
+	assertEquals(result.status, 304);
+	assertEquals(result.body, null);
+	assertEquals(result.headers.get("last-modified"), lastModified);
+	assertEquals(result.headers.get("content-type"), "application/json");
 	await caches.delete(cacheName);
 });
 
@@ -264,13 +194,6 @@ Deno.test("Conditional Requests - unified handler ETag generation", async () =>
 	await caches.delete(cacheName);
 });
 
-Deno.test("Conditional Requests - Default configuration", () => {
-	const config = getDefaultConditionalConfig();
-
-	assert(config.etag);
-	assert(config.lastModified);
-	assert(config.weakValidation);
-});
 
 Deno.test("Conditional Requests - disabled returns full response", async () => {
 	await caches.delete("conditional-disabled-test");

packages/cache-handlers/test/deno/handlers.test.ts

@@ -2,7 +2,6 @@ import { assert, assertEquals, assertExists } from "jsr:@std/assert";
 import { createCacheHandler } from "../../src/handlers.ts";
 import { assertSpyCalls, spy } from "jsr:@std/testing/mock";
 
-// Unified handler tests replacing legacy read/write/middleware handlers
 
 Deno.test("cache miss invokes handler and caches response", async () => {
 	await caches.delete("test-miss");

packages/cache-handlers/test/deno/security.test.ts

@@ -7,6 +7,7 @@ import {
 	parseResponseHeaders,
 } from "../../src/utils.ts";
 import { invalidateByTag } from "../../src/invalidation.ts";
+import { createCacheHandler } from "../../src/handlers.ts";
 
 Deno.test("Security - Header injection via cache tags", () => {
 	// Test that cache tags with newlines/CRLF are properly handled
@@ -59,7 +60,7 @@ Deno.test("Security - Cache pollution via tag injection", async () => {
 	// Simple test: just verify that malicious tags don't cause prototype pollution
 	const maliciousResponse = new Response("data", {
 		headers: {
-			"cache-control": "max-age=3600, public",
+			"cache-control": "s-maxage=3600, public",
 			"cache-tag": "user:123, __proto__:polluted, admin:true",
 		},
 	});
@@ -103,7 +104,7 @@ Deno.test("Security - Cache key collision attack", () => {
 		query: [],
 	});
 
-	// Document the actual behaviour - collision vulnerability is now fixed with :: separators
+	// Keys use :: separators to prevent collisions
 	assertEquals(key1, "https://example.com/api/users|admin:true");
 	assertEquals(key2, "https://example.com/api/users::h=admin:true");
 
@@ -131,7 +132,7 @@ Deno.test("Security - Metadata size bomb", async () => {
 	const hugeTags = Array.from({ length: 101 }, (_, i) => `tag:${i}`);
 	const response = new Response("test data", {
 		headers: {
-			"cache-control": "max-age=3600, public",
+			"cache-control": "s-maxage=3600, public",
 			"cache-tag": hugeTags.join(", "),
 		},
 	});
@@ -158,3 +159,88 @@ Deno.test("Security - Metadata size bomb", async () => {
 	}
 	await caches.delete("test");
 });
+
+Deno.test("Security - Integration: cache tags work correctly for invalidation", async () => {
+	await caches.delete("security-integration");
+	const handle = createCacheHandler({
+		cacheName: "security-integration",
+	});
+	
+	// Test that cache-tag headers enable proper cache invalidation
+	const response = new Response("tagged content", {
+		headers: {
+			"cache-control": "s-maxage=3600, public",
+			"cache-tag": "user:123, sensitive:data",
+			"content-type": "application/json",
+		},
+	});
+	Object.defineProperty(response, "url", {
+		value: "https://example.com/api/secure",
+		writable: false,
+	});
+	
+	const request = new Request("https://example.com/api/secure");
+	const result = await handle(request, {
+		handler: () => Promise.resolve(response),
+	});
+	
+	// Verify response is cached and tags are preserved
+	assertEquals(await result.text(), "tagged content");
+	assertEquals(result.headers.get("content-type"), "application/json");
+	assertEquals(result.headers.get("cache-tag"), "user:123, sensitive:data");
+	
+	// Verify content is cached
+	const cache = await caches.open("security-integration");
+	const cached = await cache.match(request);
+	assertEquals(cached !== undefined, true);
+	if (cached) {
+		await cached.text(); // Clean up the resource
+	}
+	
+	// Verify invalidation by tag works
+	const deletedCount = await invalidateByTag("user:123", { cacheName: "security-integration" });
+	assertEquals(deletedCount, 1);
+	
+	// Verify content is gone after invalidation
+	const afterInvalidation = await cache.match(request);
+	assertEquals(afterInvalidation, undefined);
+	
+	await caches.delete("security-integration");
+});
+
+Deno.test("Security - Integration: CDN cache control prevents cache poisoning", async () => {
+	await caches.delete("security-cdn");
+	const handle = createCacheHandler({
+		cacheName: "security-cdn",
+	});
+	
+	// Simulate response with cdn-cache-control that should override regular cache-control
+	const response = new Response("sensitive data", {
+		headers: {
+			"cache-control": "s-maxage=86400, public", // Long cache
+			"cdn-cache-control": "private, no-cache", // Should prevent caching
+			"content-type": "application/json",
+		},
+	});
+	Object.defineProperty(response, "url", {
+		value: "https://example.com/api/sensitive",
+		writable: false,
+	});
+	
+	const request = new Request("https://example.com/api/sensitive");
+	const result = await handle(request, {
+		handler: () => Promise.resolve(response),
+	});
+	
+	// Verify response is served
+	assertEquals(await result.text(), "sensitive data");
+	// Verify cdn-cache-control header is filtered from response
+	assertEquals(result.headers.get("cdn-cache-control"), null);
+	
+	// Verify content was not cached due to cdn-cache-control: private
+	const cache = await caches.open("security-cdn");
+	const cached = await cache.match(request);
+	assertEquals(cached, undefined);
+	
+	await caches.delete("security-cdn");
+});

packages/cache-handlers/test/node/conditional.test.ts

@@ -1,56 +1,11 @@
 import { describe, expect, test, vi } from "vitest";
 import {
-	compareETags,
 	create304Response,
-	generateETag,
-	parseETag,
 	validateConditionalRequest,
 } from "../../src/conditional.ts";
 import { createCacheHandler } from "../../src/handlers.ts";
 
 describe("Conditional Requests - Node.js with undici", () => {
-	describe("ETag utilities", () => {
-		test("generates valid ETags", async () => {
-			const response = new Response("test content", {
-				headers: { "content-type": "text/plain" },
-			});
-
-			const etag = await generateETag(response);
-
-			expect(etag).toBeTruthy();
-			expect(typeof etag).toBe("string");
-			expect(etag.startsWith('"')).toBe(true);
-			expect(etag.endsWith('"')).toBe(true);
-		});
-
-		test("parses ETags correctly", () => {
-			// Strong ETag
-			const strongETag = parseETag('"abc123"');
-			expect(strongETag.value).toBe("abc123");
-			expect(strongETag.weak).toBe(false);
-
-			// Weak ETag
-			const weakETag = parseETag('W/"abc123"');
-			expect(weakETag.value).toBe("abc123");
-			expect(weakETag.weak).toBe(true);
-		});
-
-		test("compares ETags correctly", () => {
-			const etag1 = '"abc123"';
-			const etag2 = '"abc123"';
-			const etag3 = '"def456"';
-			const weakETag = 'W/"abc123"';
-
-			// Strong comparison
-			expect(compareETags(etag1, etag2)).toBe(true);
-			expect(compareETags(etag1, etag3)).toBe(false);
-			expect(compareETags(etag1, weakETag, false)).toBe(false);
-
-			// Weak comparison
-			expect(compareETags(etag1, weakETag, true)).toBe(true);
-		});
-	});
-
 	describe("Conditional validation", () => {
 		test("validates ETag conditional requests", () => {
 			const request = new Request("https://example.com/test", {

packages/cache-handlers/test/node/ttl-normalization.test.ts

@@ -68,7 +68,7 @@ describe("TTL Normalization", () => {
 		expect(handler).toHaveBeenCalledTimes(1);
 		expect(await response.text()).toBe("cdn-max-age data");
 		expect(response.headers.has("cache-tag")).toBe(true);
-		expect(response.headers.has("cdn-cache-control")).toBe(false); // Should be removed
+		expect(response.headers.has("cdn-cache-control")).toBe(false); // CDN headers filtered from response
 
 		// Second request should be cached
 		const cachedResponse = await handle(request, { handler });
@@ -111,10 +111,10 @@ describe("TTL Normalization", () => {
 
 		const response = await handle(request, { handler });
 
-		// Check that used directives are removed but others remain
+		// Check that CDN directives are filtered but browser directives remain
 		const cacheControl = response.headers.get("cache-control");
-		expect(cacheControl).not.toContain("s-maxage"); // Should be removed
-		expect(cacheControl).not.toContain("stale-while-revalidate"); // Should be removed
+		expect(cacheControl).not.toContain("s-maxage"); // CDN directive filtered out
+		expect(cacheControl).not.toContain("stale-while-revalidate"); // CDN directive filtered out
 		expect(cacheControl).toContain("max-age=7200"); // Should remain (for browsers)
 		expect(cacheControl).toContain("public"); // Should remain
 	});