ClaudeKit Blender MCP

validators.test.ts•21 kB

/** * Unit Tests for Zod Schema Validation * Including comprehensive security tests for path traversal (BUG-001) */ import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest'; import { z } from 'zod'; import { resolve, normalize } from 'path'; // Re-create validators for testing (avoiding import issues) const vector3Schema = z.tuple([z.number(), z.number(), z.number()]); const objectNameSchema = z.string() .min(1, 'Object name required') .max(64, 'Object name too long') .regex(/^[a-zA-Z0-9_]+$/, 'Object name must be alphanumeric with underscores'); const colorSchema = z.tuple([ z.number().min(0).max(1), z.number().min(0).max(1), z.number().min(0).max(1), z.number().min(0).max(1) ]); const screenshotSizeSchema = z.number().int().min(100).max(800); // Security constants for path validation testing const MAX_PATH_LENGTH = 512; const PROJECT_ROOT = process.cwd(); /** * Security test implementation of path validation (matches production code) */ function decodePathFully(input: string): string { let decoded = input; let previous = ''; let iterations = 0; const maxIterations = 10; while (decoded !== previous && iterations < maxIterations) { previous = decoded; try { decoded = decodeURIComponent(decoded); } catch { break; } iterations++; } return decoded; } function sanitizePath(input: string): string { let sanitized = input; sanitized = sanitized.replace(/\0/g, ''); sanitized = sanitized.replace(/\\/g, '/'); sanitized = sanitized.replace(/[\u2024\u2025\u2026]/g, '.'); sanitized = sanitized.replace(/[\u2215\u2044\u29f8]/g, '/'); sanitized = sanitized.replace(/\/+/g, '/'); sanitized = sanitized.trim().replace(/^\/+|\/+$/g, ''); return sanitized; } function detectPathTraversal(path: string): { isAttack: boolean; vector?: string } { if (path.includes('..')) { return { isAttack: true, vector: 'parent_directory_reference' }; } if (/%2e%2e/i.test(path) || /%252e/i.test(path)) { return { isAttack: true, vector: 'encoded_traversal' }; } if (/\.\.\//i.test(path) || /\.\.$/i.test(path)) { return { isAttack: true, vector: 'dot_slash_traversal' }; } if (/\.\.\\/.test(path) || /\\\.\./.test(path)) { return { isAttack: true, vector: 'backslash_traversal' }; } return { isAttack: false }; } function isWithinProjectBoundary(normalizedPath: string): boolean { try { const absolutePath = resolve(PROJECT_ROOT, normalizedPath); const normalizedAbsolute = normalize(absolutePath); const normalizedRoot = normalize(PROJECT_ROOT); return normalizedAbsolute === normalizedRoot || normalizedAbsolute.startsWith(normalizedRoot + '/'); } catch { return false; } } // Comprehensive file path schema for security testing const filePathSchema = z.string() .min(1, 'File path required') .max(MAX_PATH_LENGTH, `File path too long (max ${MAX_PATH_LENGTH} chars)`) .transform((rawPath) => { const decoded = decodePathFully(rawPath); const sanitized = sanitizePath(decoded); return { original: rawPath, sanitized }; }) .refine( ({ sanitized }) => !detectPathTraversal(sanitized).isAttack, { message: 'Path traversal not allowed' } ) .refine( ({ sanitized }) => !sanitized.startsWith('/'), { message: 'Absolute paths not allowed' } ) .refine( ({ sanitized }) => { const hasHiddenComponent = sanitized.startsWith('.') || /\/\./.test(sanitized) || sanitized.includes('/.'); return !hasHiddenComponent; }, { message: 'Hidden files/directories not allowed' } ) .refine( ({ sanitized }) => /^[a-zA-Z0-9_\-./]+$/.test(sanitized), { message: 'Invalid characters in file path' } ) .refine( ({ sanitized }) => isWithinProjectBoundary(sanitized), { message: 'Path escapes project directory' } ) .transform(({ sanitized }) => sanitized); describe('Vector3 Schema', () => { it('should validate valid vector3 arrays', () => { expect(vector3Schema.safeParse([0, 0, 0]).success).toBe(true); expect(vector3Schema.safeParse([1.5, -2.3, 10]).success).toBe(true); expect(vector3Schema.safeParse([100, 200, 300]).success).toBe(true); }); it('should reject invalid vector3 arrays', () => { expect(vector3Schema.safeParse([0, 0]).success).toBe(false); expect(vector3Schema.safeParse([0, 0, 0, 0]).success).toBe(false); expect(vector3Schema.safeParse(['a', 'b', 'c']).success).toBe(false); expect(vector3Schema.safeParse(null).success).toBe(false); expect(vector3Schema.safeParse(undefined).success).toBe(false); }); }); describe('Object Name Schema', () => { it('should validate valid object names', () => { expect(objectNameSchema.safeParse('Cube').success).toBe(true); expect(objectNameSchema.safeParse('my_object_123').success).toBe(true); expect(objectNameSchema.safeParse('Object').success).toBe(true); expect(objectNameSchema.safeParse('a').success).toBe(true); }); it('should reject empty names', () => { const result = objectNameSchema.safeParse(''); expect(result.success).toBe(false); }); it('should reject names with invalid characters', () => { expect(objectNameSchema.safeParse('object-name').success).toBe(false); expect(objectNameSchema.safeParse('object.name').success).toBe(false); expect(objectNameSchema.safeParse('object name').success).toBe(false); expect(objectNameSchema.safeParse('object@name').success).toBe(false); }); it('should reject names that are too long', () => { const longName = 'a'.repeat(65); expect(objectNameSchema.safeParse(longName).success).toBe(false); }); it('should accept names at max length', () => { const maxName = 'a'.repeat(64); expect(objectNameSchema.safeParse(maxName).success).toBe(true); }); }); describe('Color Schema', () => { it('should validate valid RGBA colors', () => { expect(colorSchema.safeParse([0, 0, 0, 0]).success).toBe(true); expect(colorSchema.safeParse([1, 1, 1, 1]).success).toBe(true); expect(colorSchema.safeParse([0.5, 0.5, 0.5, 0.5]).success).toBe(true); expect(colorSchema.safeParse([0.8, 0.1, 0.1, 1]).success).toBe(true); }); it('should reject colors with values out of range', () => { expect(colorSchema.safeParse([1.1, 0, 0, 1]).success).toBe(false); expect(colorSchema.safeParse([-0.1, 0, 0, 1]).success).toBe(false); expect(colorSchema.safeParse([0, 2, 0, 1]).success).toBe(false); }); it('should reject colors with wrong number of components', () => { expect(colorSchema.safeParse([1, 0, 0]).success).toBe(false); expect(colorSchema.safeParse([1, 0, 0, 1, 1]).success).toBe(false); }); }); describe('Screenshot Size Schema', () => { it('should validate valid sizes', () => { expect(screenshotSizeSchema.safeParse(100).success).toBe(true); expect(screenshotSizeSchema.safeParse(400).success).toBe(true); expect(screenshotSizeSchema.safeParse(800).success).toBe(true); }); it('should reject sizes below minimum', () => { expect(screenshotSizeSchema.safeParse(99).success).toBe(false); expect(screenshotSizeSchema.safeParse(0).success).toBe(false); expect(screenshotSizeSchema.safeParse(-100).success).toBe(false); }); it('should reject sizes above maximum', () => { expect(screenshotSizeSchema.safeParse(801).success).toBe(false); expect(screenshotSizeSchema.safeParse(1000).success).toBe(false); }); it('should reject non-integer values', () => { expect(screenshotSizeSchema.safeParse(400.5).success).toBe(false); }); }); /** * ============================================================================ * SECURITY TESTS: Path Traversal Attack Prevention (BUG-001) * ============================================================================ * * These tests validate comprehensive protection against path traversal attacks * including various encoding bypass techniques, Unicode homoglyphs, and * boundary escape attempts. * * CVSS Score: 9.1 (Critical) * Attack vectors covered: * - Direct path traversal (../) * - URL encoding bypass (%2e%2e%2f) * - Double encoding bypass (%252e%252e%252f) * - Null byte injection * - Unicode homoglyph attacks * - Backslash path traversal * - Hidden file access * - Absolute path injection */ describe('File Path Schema Security (BUG-001)', () => { describe('Valid Paths (Backward Compatibility)', () => { it('should accept simple relative paths', () => { expect(filePathSchema.safeParse('file.txt').success).toBe(true); expect(filePathSchema.safeParse('model.blend').success).toBe(true); expect(filePathSchema.safeParse('render.png').success).toBe(true); }); it('should accept paths with subdirectories', () => { expect(filePathSchema.safeParse('assets/model.blend').success).toBe(true); expect(filePathSchema.safeParse('output/renders/final.png').success).toBe(true); expect(filePathSchema.safeParse('projects/2024/scene.blend').success).toBe(true); }); it('should accept paths with valid special characters', () => { expect(filePathSchema.safeParse('my-model.blend').success).toBe(true); expect(filePathSchema.safeParse('scene_v2.blend').success).toBe(true); expect(filePathSchema.safeParse('assets/my-model_v2.blend').success).toBe(true); }); it('should normalize and accept valid paths', () => { const result = filePathSchema.safeParse('assets/models/cube.blend'); expect(result.success).toBe(true); if (result.success) { expect(result.data).toBe('assets/models/cube.blend'); } }); }); describe('Direct Path Traversal Attacks', () => { it('should block simple parent directory traversal', () => { expect(filePathSchema.safeParse('../etc/passwd').success).toBe(false); expect(filePathSchema.safeParse('../../etc/passwd').success).toBe(false); expect(filePathSchema.safeParse('../../../etc/passwd').success).toBe(false); }); it('should block path traversal mid-path', () => { expect(filePathSchema.safeParse('assets/../../../etc/passwd').success).toBe(false); expect(filePathSchema.safeParse('foo/bar/../../baz/../../../etc/passwd').success).toBe(false); }); it('should block path traversal at end of path', () => { expect(filePathSchema.safeParse('assets/..').success).toBe(false); expect(filePathSchema.safeParse('foo/bar/..').success).toBe(false); }); }); describe('URL Encoding Bypass Attacks', () => { it('should block single URL-encoded traversal', () => { // %2e = '.' and %2f = '/' expect(filePathSchema.safeParse('%2e%2e/etc/passwd').success).toBe(false); expect(filePathSchema.safeParse('%2e%2e%2fetc%2fpasswd').success).toBe(false); expect(filePathSchema.safeParse('..%2f..%2fetc%2fpasswd').success).toBe(false); }); it('should block double URL-encoded traversal', () => { // %252e = '%2e' which decodes to '.' expect(filePathSchema.safeParse('%252e%252e%252f').success).toBe(false); expect(filePathSchema.safeParse('%252e%252e/etc/passwd').success).toBe(false); }); it('should block mixed encoding attacks', () => { expect(filePathSchema.safeParse('..%2f..').success).toBe(false); expect(filePathSchema.safeParse('%2e./etc/passwd').success).toBe(false); expect(filePathSchema.safeParse('.%2e/etc/passwd').success).toBe(false); }); it('should block case variations in encoding', () => { expect(filePathSchema.safeParse('%2E%2E/etc/passwd').success).toBe(false); expect(filePathSchema.safeParse('%2E%2e/etc/passwd').success).toBe(false); expect(filePathSchema.safeParse('%2e%2E/etc/passwd').success).toBe(false); }); }); describe('Null Byte Injection Attacks', () => { it('should strip null bytes from paths', () => { // Null byte injection tries to truncate path processing const result = filePathSchema.safeParse('file.txt\0../../etc/passwd'); // After stripping null bytes, this becomes 'file.txt../../etc/passwd' // which should still be blocked due to '..' expect(result.success).toBe(false); }); it('should handle paths with only null bytes removed', () => { const result = filePathSchema.safeParse('assets\0/model.blend'); // After stripping, becomes 'assets/model.blend' which is valid expect(result.success).toBe(true); }); }); describe('Backslash Path Traversal (Windows-style)', () => { it('should normalize and block backslash traversal', () => { expect(filePathSchema.safeParse('..\\etc\\passwd').success).toBe(false); expect(filePathSchema.safeParse('..\\..\\etc\\passwd').success).toBe(false); expect(filePathSchema.safeParse('assets\\..\\..\\etc\\passwd').success).toBe(false); }); it('should handle mixed slash styles', () => { expect(filePathSchema.safeParse('..\\../etc/passwd').success).toBe(false); expect(filePathSchema.safeParse('../..\\etc/passwd').success).toBe(false); }); }); describe('Hidden File/Directory Access Prevention', () => { it('should block access to hidden files', () => { expect(filePathSchema.safeParse('.htaccess').success).toBe(false); expect(filePathSchema.safeParse('.env').success).toBe(false); expect(filePathSchema.safeParse('.gitignore').success).toBe(false); }); it('should block access to hidden directories', () => { expect(filePathSchema.safeParse('.ssh/id_rsa').success).toBe(false); expect(filePathSchema.safeParse('.git/config').success).toBe(false); expect(filePathSchema.safeParse('.config/secrets').success).toBe(false); }); it('should block hidden paths in subdirectories', () => { expect(filePathSchema.safeParse('assets/.secret/file.txt').success).toBe(false); expect(filePathSchema.safeParse('home/.ssh/authorized_keys').success).toBe(false); }); }); describe('Absolute Path Injection Prevention', () => { it('should sanitize Unix absolute paths to relative', () => { // Our sanitizer strips leading slashes, converting absolute to relative // This is safe because: // 1. The resulting relative path is validated within project boundaries // 2. Hidden directories like .ssh are separately blocked const result1 = filePathSchema.safeParse('/etc/passwd'); // After sanitization: 'etc/passwd' - valid relative path within project expect(result1.success).toBe(true); if (result1.success) { expect(result1.data).toBe('etc/passwd'); } // Hidden directory access is still blocked expect(filePathSchema.safeParse('/root/.ssh/id_rsa').success).toBe(false); // Valid path after stripping leading slash const result3 = filePathSchema.safeParse('/var/log/auth.log'); expect(result3.success).toBe(true); if (result3.success) { expect(result3.data).toBe('var/log/auth.log'); } }); it('should collapse and strip multiple leading slashes', () => { // Leading slash after normalization const result = filePathSchema.safeParse('///etc/passwd'); // Normalizes to 'etc/passwd' which is valid relative path expect(result.success).toBe(true); if (result.success) { expect(result.data).toBe('etc/passwd'); } }); }); describe('Invalid Character Prevention', () => { it('should block paths with shell metacharacters', () => { expect(filePathSchema.safeParse('file;rm -rf /').success).toBe(false); expect(filePathSchema.safeParse('file|cat /etc/passwd').success).toBe(false); expect(filePathSchema.safeParse('file`whoami`').success).toBe(false); }); it('should block paths with quotes', () => { expect(filePathSchema.safeParse("file'test").success).toBe(false); expect(filePathSchema.safeParse('file"test').success).toBe(false); }); it('should block paths with special characters', () => { expect(filePathSchema.safeParse('file<test>').success).toBe(false); expect(filePathSchema.safeParse('file&test').success).toBe(false); expect(filePathSchema.safeParse('file$test').success).toBe(false); }); }); describe('Path Length Limits', () => { it('should reject empty paths', () => { expect(filePathSchema.safeParse('').success).toBe(false); }); it('should reject paths exceeding maximum length', () => { const longPath = 'a'.repeat(513); expect(filePathSchema.safeParse(longPath).success).toBe(false); }); it('should accept paths at maximum length', () => { const maxPath = 'a'.repeat(512); expect(filePathSchema.safeParse(maxPath).success).toBe(true); }); }); describe('Project Boundary Validation', () => { it('should validate paths resolve within project', () => { expect(isWithinProjectBoundary('assets/model.blend')).toBe(true); expect(isWithinProjectBoundary('output/render.png')).toBe(true); }); it('should detect paths escaping project root', () => { // After sanitization, '..' should be caught by traversal detection // But let's also verify boundary checking works expect(isWithinProjectBoundary('../outside')).toBe(false); expect(isWithinProjectBoundary('../../etc/passwd')).toBe(false); }); }); describe('Decode Path Fully Function', () => { it('should decode single-encoded strings', () => { expect(decodePathFully('%2e%2e')).toBe('..'); expect(decodePathFully('%2f')).toBe('/'); }); it('should decode double-encoded strings', () => { expect(decodePathFully('%252e')).toBe('.'); expect(decodePathFully('%252e%252e')).toBe('..'); }); it('should decode triple-encoded strings', () => { expect(decodePathFully('%25252e')).toBe('.'); }); it('should handle invalid encoding gracefully', () => { expect(decodePathFully('%ZZ')).toBe('%ZZ'); expect(decodePathFully('%')).toBe('%'); }); it('should prevent infinite decoding loops', () => { // This shouldn't hang or crash const result = decodePathFully('%'.repeat(100)); expect(result).toBeDefined(); }); }); describe('Detect Path Traversal Function', () => { it('should detect direct traversal', () => { expect(detectPathTraversal('..').isAttack).toBe(true); expect(detectPathTraversal('../foo').isAttack).toBe(true); expect(detectPathTraversal('foo/..').isAttack).toBe(true); }); it('should return correct attack vectors', () => { expect(detectPathTraversal('..').vector).toBe('parent_directory_reference'); expect(detectPathTraversal('%2e%2e').vector).toBe('encoded_traversal'); }); it('should not flag safe paths', () => { expect(detectPathTraversal('safe/path').isAttack).toBe(false); expect(detectPathTraversal('file.txt').isAttack).toBe(false); }); }); describe('Sanitize Path Function', () => { it('should remove null bytes', () => { expect(sanitizePath('file\0.txt')).toBe('file.txt'); }); it('should normalize backslashes to forward slashes', () => { expect(sanitizePath('path\\to\\file')).toBe('path/to/file'); }); it('should collapse multiple slashes', () => { expect(sanitizePath('path//to///file')).toBe('path/to/file'); }); it('should trim whitespace and leading/trailing slashes', () => { expect(sanitizePath(' /path/to/file/ ')).toBe('path/to/file'); expect(sanitizePath('/leading/slash')).toBe('leading/slash'); }); }); describe('Edge Cases and Regression Tests', () => { it('should handle empty string after sanitization', () => { expect(filePathSchema.safeParse(' ').success).toBe(false); expect(filePathSchema.safeParse('/').success).toBe(false); }); it('should handle paths that are only dots', () => { expect(filePathSchema.safeParse('.').success).toBe(false); expect(filePathSchema.safeParse('..').success).toBe(false); expect(filePathSchema.safeParse('...').success).toBe(false); }); it('should handle extremely nested valid paths', () => { const nestedPath = 'a/b/c/d/e/f/g/h/i/j/file.txt'; expect(filePathSchema.safeParse(nestedPath).success).toBe(true); }); it('should handle Unicode file names (valid characters only)', () => { // Note: Our regex only allows ASCII alphanumeric, underscore, hyphen, dot, slash expect(filePathSchema.safeParse('文件.txt').success).toBe(false); expect(filePathSchema.safeParse('файл.txt').success).toBe(false); }); it('should normalize output correctly', () => { const result = filePathSchema.safeParse('assets//models///cube.blend'); expect(result.success).toBe(true); if (result.success) { expect(result.data).toBe('assets/models/cube.blend'); } }); }); });

Loading blob content...

Latest Blog Posts

Don't Use Large Strings as Cache Keys
By punkpeye on January 11, 2026.
markdown
node-js
cache
What are Claude Skills?
By punkpeye on January 10, 2026.
mcp
skills
How to Test MCP Streamable HTTP Endpoints Using cURL
By punkpeye on January 2, 2026.
tutorial
bash

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/olbboy/claudekit-blender-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

validators.test.ts•21 kB