s402 0.2.0 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +15 -1
- package/README.md +26 -0
- package/dist/compat.d.mts +14 -0
- package/dist/compat.mjs +15 -0
- package/dist/errors.d.mts +26 -0
- package/dist/errors.mjs +26 -0
- package/dist/http.d.mts +86 -4
- package/dist/http.mjs +110 -5
- package/dist/index.d.mts +86 -4
- package/dist/index.mjs +94 -6
- package/dist/receipts.mjs +49 -11
- package/package.json +18 -12
- package/test/conformance/README.md +172 -0
- package/test/conformance/vectors/body-transport.json +142 -0
- package/test/conformance/vectors/compat-normalize.json +259 -0
- package/test/conformance/vectors/payload-decode.json +110 -0
- package/test/conformance/vectors/payload-encode.json +127 -0
- package/test/conformance/vectors/receipt-format.json +668 -0
- package/test/conformance/vectors/receipt-parse.json +450 -0
- package/test/conformance/vectors/requirements-decode.json +377 -0
- package/test/conformance/vectors/requirements-encode.json +338 -0
- package/test/conformance/vectors/roundtrip.json +156 -0
- package/test/conformance/vectors/settle-decode.json +76 -0
- package/test/conformance/vectors/settle-encode.json +65 -0
- package/test/conformance/vectors/validation-reject.json +317 -0
|
@@ -0,0 +1,317 @@
|
|
|
1
|
+
[
|
|
2
|
+
{
|
|
3
|
+
"description": "Rejects missing s402Version",
|
|
4
|
+
"input": {
|
|
5
|
+
"header": "eyJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMifQ=="
|
|
6
|
+
},
|
|
7
|
+
"shouldReject": true,
|
|
8
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
9
|
+
},
|
|
10
|
+
{
|
|
11
|
+
"description": "Rejects missing accepts array",
|
|
12
|
+
"input": {
|
|
13
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJuZXR3b3JrIjoic3VpOm1haW5uZXQiLCJhc3NldCI6IlNVSSIsImFtb3VudCI6IjEwMDAiLCJwYXlUbyI6IjB4YWJjIn0="
|
|
14
|
+
},
|
|
15
|
+
"shouldReject": true,
|
|
16
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
17
|
+
},
|
|
18
|
+
{
|
|
19
|
+
"description": "Rejects missing network",
|
|
20
|
+
"input": {
|
|
21
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMifQ=="
|
|
22
|
+
},
|
|
23
|
+
"shouldReject": true,
|
|
24
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
25
|
+
},
|
|
26
|
+
{
|
|
27
|
+
"description": "Rejects missing asset",
|
|
28
|
+
"input": {
|
|
29
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFtb3VudCI6IjEwMDAiLCJwYXlUbyI6IjB4YWJjIn0="
|
|
30
|
+
},
|
|
31
|
+
"shouldReject": true,
|
|
32
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
33
|
+
},
|
|
34
|
+
{
|
|
35
|
+
"description": "Rejects missing amount",
|
|
36
|
+
"input": {
|
|
37
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwicGF5VG8iOiIweGFiYyJ9"
|
|
38
|
+
},
|
|
39
|
+
"shouldReject": true,
|
|
40
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
41
|
+
},
|
|
42
|
+
{
|
|
43
|
+
"description": "Rejects missing payTo",
|
|
44
|
+
"input": {
|
|
45
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCJ9"
|
|
46
|
+
},
|
|
47
|
+
"shouldReject": true,
|
|
48
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
49
|
+
},
|
|
50
|
+
{
|
|
51
|
+
"description": "Rejects negative amount",
|
|
52
|
+
"input": {
|
|
53
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiLTEwMCIsInBheVRvIjoiMHhhYmMifQ=="
|
|
54
|
+
},
|
|
55
|
+
"shouldReject": true,
|
|
56
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
57
|
+
},
|
|
58
|
+
{
|
|
59
|
+
"description": "Rejects non-numeric amount",
|
|
60
|
+
"input": {
|
|
61
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50Ijoibm90X2FfbnVtYmVyIiwicGF5VG8iOiIweGFiYyJ9"
|
|
62
|
+
},
|
|
63
|
+
"shouldReject": true,
|
|
64
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
65
|
+
},
|
|
66
|
+
{
|
|
67
|
+
"description": "Rejects leading zeros in amount (except \"0\")",
|
|
68
|
+
"input": {
|
|
69
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMDA3IiwicGF5VG8iOiIweGFiYyJ9"
|
|
70
|
+
},
|
|
71
|
+
"shouldReject": true,
|
|
72
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
73
|
+
},
|
|
74
|
+
{
|
|
75
|
+
"description": "Rejects floating point amount",
|
|
76
|
+
"input": {
|
|
77
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMS41IiwicGF5VG8iOiIweGFiYyJ9"
|
|
78
|
+
},
|
|
79
|
+
"shouldReject": true,
|
|
80
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
81
|
+
},
|
|
82
|
+
{
|
|
83
|
+
"description": "Rejects payTo with control characters",
|
|
84
|
+
"input": {
|
|
85
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmNcdTAwMDBkZWYifQ=="
|
|
86
|
+
},
|
|
87
|
+
"shouldReject": true,
|
|
88
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
89
|
+
},
|
|
90
|
+
{
|
|
91
|
+
"description": "Rejects protocolFeeAddress with control characters",
|
|
92
|
+
"input": {
|
|
93
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMiLCJwcm90b2NvbEZlZUFkZHJlc3MiOiIweGZlZVxuXHJpbmplY3Rpb24ifQ=="
|
|
94
|
+
},
|
|
95
|
+
"shouldReject": true,
|
|
96
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
97
|
+
},
|
|
98
|
+
{
|
|
99
|
+
"description": "Rejects empty payTo",
|
|
100
|
+
"input": {
|
|
101
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiIn0="
|
|
102
|
+
},
|
|
103
|
+
"shouldReject": true,
|
|
104
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
105
|
+
},
|
|
106
|
+
{
|
|
107
|
+
"description": "Rejects prepaid providerPubkey without disputeWindowMs",
|
|
108
|
+
"input": {
|
|
109
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbInByZXBhaWQiXSwibmV0d29yayI6InN1aTptYWlubmV0IiwiYXNzZXQiOiJTVUkiLCJhbW91bnQiOiIxMDAwIiwicGF5VG8iOiIweGFiYyIsInByZXBhaWQiOnsicmF0ZVBlckNhbGwiOiIxMDAiLCJtaW5EZXBvc2l0IjoiMTAwMDAiLCJ3aXRoZHJhd2FsRGVsYXlNcyI6IjM2MDAwMDAiLCJwcm92aWRlclB1YmtleSI6ImFiYzEyMyJ9fQ=="
|
|
110
|
+
},
|
|
111
|
+
"shouldReject": true,
|
|
112
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
113
|
+
},
|
|
114
|
+
{
|
|
115
|
+
"description": "Rejects prepaid disputeWindowMs without providerPubkey",
|
|
116
|
+
"input": {
|
|
117
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbInByZXBhaWQiXSwibmV0d29yayI6InN1aTptYWlubmV0IiwiYXNzZXQiOiJTVUkiLCJhbW91bnQiOiIxMDAwIiwicGF5VG8iOiIweGFiYyIsInByZXBhaWQiOnsicmF0ZVBlckNhbGwiOiIxMDAiLCJtaW5EZXBvc2l0IjoiMTAwMDAiLCJ3aXRoZHJhd2FsRGVsYXlNcyI6IjM2MDAwMDAiLCJkaXNwdXRlV2luZG93TXMiOiI4NjQwMDAwMCJ9fQ=="
|
|
118
|
+
},
|
|
119
|
+
"shouldReject": true,
|
|
120
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
121
|
+
},
|
|
122
|
+
{
|
|
123
|
+
"description": "Rejects negative expiresAt",
|
|
124
|
+
"input": {
|
|
125
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMiLCJleHBpcmVzQXQiOi0xfQ=="
|
|
126
|
+
},
|
|
127
|
+
"shouldReject": true,
|
|
128
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
129
|
+
},
|
|
130
|
+
{
|
|
131
|
+
"description": "Rejects empty accepts array",
|
|
132
|
+
"input": {
|
|
133
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbXSwibmV0d29yayI6InN1aTptYWlubmV0IiwiYXNzZXQiOiJTVUkiLCJhbW91bnQiOiIxMDAwIiwicGF5VG8iOiIweGFiYyJ9"
|
|
134
|
+
},
|
|
135
|
+
"shouldReject": true,
|
|
136
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
137
|
+
},
|
|
138
|
+
{
|
|
139
|
+
"description": "Rejects unsupported s402Version \"2\"",
|
|
140
|
+
"input": {
|
|
141
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjIiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMifQ=="
|
|
142
|
+
},
|
|
143
|
+
"shouldReject": true,
|
|
144
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
145
|
+
},
|
|
146
|
+
{
|
|
147
|
+
"description": "Rejects numeric s402Version (must be string \"1\")",
|
|
148
|
+
"input": {
|
|
149
|
+
"header": "eyJzNDAyVmVyc2lvbiI6MSwiYWNjZXB0cyI6WyJleGFjdCJdLCJuZXR3b3JrIjoic3VpOm1haW5uZXQiLCJhc3NldCI6IlNVSSIsImFtb3VudCI6IjEwMDAiLCJwYXlUbyI6IjB4YWJjIn0="
|
|
150
|
+
},
|
|
151
|
+
"shouldReject": true,
|
|
152
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
153
|
+
},
|
|
154
|
+
{
|
|
155
|
+
"description": "Rejects protocolFeeBps exceeding 10000",
|
|
156
|
+
"input": {
|
|
157
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMiLCJwcm90b2NvbEZlZUJwcyI6MTAwMDF9"
|
|
158
|
+
},
|
|
159
|
+
"shouldReject": true,
|
|
160
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
161
|
+
},
|
|
162
|
+
{
|
|
163
|
+
"description": "Rejects negative protocolFeeBps",
|
|
164
|
+
"input": {
|
|
165
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMiLCJwcm90b2NvbEZlZUJwcyI6LTF9"
|
|
166
|
+
},
|
|
167
|
+
"shouldReject": true,
|
|
168
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
169
|
+
},
|
|
170
|
+
{
|
|
171
|
+
"description": "Rejects non-integer protocolFeeBps",
|
|
172
|
+
"input": {
|
|
173
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMiLCJwcm90b2NvbEZlZUJwcyI6NTAuNX0="
|
|
174
|
+
},
|
|
175
|
+
"shouldReject": true,
|
|
176
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
177
|
+
},
|
|
178
|
+
{
|
|
179
|
+
"description": "Rejects amount exceeding u64 max",
|
|
180
|
+
"input": {
|
|
181
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTg0NDY3NDQwNzM3MDk1NTE2MTYiLCJwYXlUbyI6IjB4YWJjIn0="
|
|
182
|
+
},
|
|
183
|
+
"shouldReject": true,
|
|
184
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
185
|
+
},
|
|
186
|
+
{
|
|
187
|
+
"description": "Rejects invalid base64 header",
|
|
188
|
+
"input": {
|
|
189
|
+
"header": "!!!not+valid+base64!!!"
|
|
190
|
+
},
|
|
191
|
+
"shouldReject": true,
|
|
192
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
193
|
+
},
|
|
194
|
+
{
|
|
195
|
+
"description": "Rejects empty string header",
|
|
196
|
+
"input": {
|
|
197
|
+
"header": ""
|
|
198
|
+
},
|
|
199
|
+
"shouldReject": true,
|
|
200
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
201
|
+
},
|
|
202
|
+
{
|
|
203
|
+
"description": "Rejects base64 decoding to non-JSON",
|
|
204
|
+
"input": {
|
|
205
|
+
"header": "dGhpcyBpcyBub3QganNvbiBhdCBhbGw="
|
|
206
|
+
},
|
|
207
|
+
"shouldReject": true,
|
|
208
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
209
|
+
},
|
|
210
|
+
{
|
|
211
|
+
"description": "Rejects facilitatorUrl with file:// scheme (SSRF)",
|
|
212
|
+
"input": {
|
|
213
|
+
"header": "{\"x402Version\":1,\"scheme\":\"exact\",\"network\":\"sui:mainnet\",\"asset\":\"SUI\",\"amount\":\"1000\",\"payTo\":\"0xabc\",\"facilitatorUrl\":\"file:///etc/passwd\"}",
|
|
214
|
+
"decodeAs": "compat"
|
|
215
|
+
},
|
|
216
|
+
"shouldReject": true,
|
|
217
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
218
|
+
},
|
|
219
|
+
{
|
|
220
|
+
"description": "Rejects facilitatorUrl with javascript: scheme (SSRF)",
|
|
221
|
+
"input": {
|
|
222
|
+
"header": "{\"x402Version\":1,\"scheme\":\"exact\",\"network\":\"sui:mainnet\",\"asset\":\"SUI\",\"amount\":\"1000\",\"payTo\":\"0xabc\",\"facilitatorUrl\":\"javascript:alert(1)\"}",
|
|
223
|
+
"decodeAs": "compat"
|
|
224
|
+
},
|
|
225
|
+
"shouldReject": true,
|
|
226
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
227
|
+
},
|
|
228
|
+
{
|
|
229
|
+
"description": "Rejects invalid scheme name in payload",
|
|
230
|
+
"input": {
|
|
231
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJzY2hlbWUiOiJub25leGlzdGVudF9zY2hlbWUiLCJwYXlsb2FkIjp7InRyYW5zYWN0aW9uIjoiZEhnPSIsInNpZ25hdHVyZSI6ImMybG4ifX0=",
|
|
232
|
+
"decodeAs": "payload"
|
|
233
|
+
},
|
|
234
|
+
"shouldReject": true,
|
|
235
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
236
|
+
},
|
|
237
|
+
{
|
|
238
|
+
"description": "Rejects receipt with too few fields",
|
|
239
|
+
"input": {
|
|
240
|
+
"header": "v2:AAAA:1:1700000000000"
|
|
241
|
+
},
|
|
242
|
+
"shouldReject": true,
|
|
243
|
+
"expectedErrorCode": "RECEIPT_PARSE_ERROR"
|
|
244
|
+
},
|
|
245
|
+
{
|
|
246
|
+
"description": "Rejects receipt with non-numeric callNumber",
|
|
247
|
+
"input": {
|
|
248
|
+
"header": "v2:AAAA:abc:1700000000000:BBBB"
|
|
249
|
+
},
|
|
250
|
+
"shouldReject": true,
|
|
251
|
+
"expectedErrorCode": "RECEIPT_PARSE_ERROR"
|
|
252
|
+
},
|
|
253
|
+
{
|
|
254
|
+
"description": "Rejects receipt with unknown version prefix",
|
|
255
|
+
"input": {
|
|
256
|
+
"header": "v9:AAAA:1:1700000000000:BBBB"
|
|
257
|
+
},
|
|
258
|
+
"shouldReject": true,
|
|
259
|
+
"expectedErrorCode": "RECEIPT_PARSE_ERROR"
|
|
260
|
+
},
|
|
261
|
+
{
|
|
262
|
+
"description": "Rejects receipt with callNumber 0 (must be positive)",
|
|
263
|
+
"input": {
|
|
264
|
+
"header": "v2:q6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urqw==:0:1700000000000:zc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc0="
|
|
265
|
+
},
|
|
266
|
+
"shouldReject": true,
|
|
267
|
+
"expectedErrorCode": "RECEIPT_PARSE_ERROR"
|
|
268
|
+
},
|
|
269
|
+
{
|
|
270
|
+
"description": "Rejects receipt with timestampMs 0 (must be positive)",
|
|
271
|
+
"input": {
|
|
272
|
+
"header": "v2:q6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urq6urqw==:1:0:zc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc0="
|
|
273
|
+
},
|
|
274
|
+
"shouldReject": true,
|
|
275
|
+
"expectedErrorCode": "RECEIPT_PARSE_ERROR"
|
|
276
|
+
},
|
|
277
|
+
{
|
|
278
|
+
"description": "Rejects network with control characters",
|
|
279
|
+
"input": {
|
|
280
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldFx1MDAwMCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMifQ=="
|
|
281
|
+
},
|
|
282
|
+
"shouldReject": true,
|
|
283
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
284
|
+
},
|
|
285
|
+
{
|
|
286
|
+
"description": "Rejects asset with control characters",
|
|
287
|
+
"input": {
|
|
288
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiMHgyOjpzdWlcbjo6U1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMifQ=="
|
|
289
|
+
},
|
|
290
|
+
"shouldReject": true,
|
|
291
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
292
|
+
},
|
|
293
|
+
{
|
|
294
|
+
"description": "Rejects facilitatorUrl with control characters (CRLF injection)",
|
|
295
|
+
"input": {
|
|
296
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbImV4YWN0Il0sIm5ldHdvcmsiOiJzdWk6bWFpbm5ldCIsImFzc2V0IjoiU1VJIiwiYW1vdW50IjoiMTAwMCIsInBheVRvIjoiMHhhYmMiLCJmYWNpbGl0YXRvclVybCI6Imh0dHBzOi8vZXhhbXBsZS5jb20vc2V0dGxlXHJcblgtSW5qZWN0ZWQ6IGV2aWwifQ=="
|
|
297
|
+
},
|
|
298
|
+
"shouldReject": true,
|
|
299
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
300
|
+
},
|
|
301
|
+
{
|
|
302
|
+
"description": "Rejects prepaid withdrawalDelayMs below 60000 (1 min minimum)",
|
|
303
|
+
"input": {
|
|
304
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbInByZXBhaWQiXSwibmV0d29yayI6InN1aTptYWlubmV0IiwiYXNzZXQiOiJTVUkiLCJhbW91bnQiOiIxMDAwIiwicGF5VG8iOiIweGFiYyIsInByZXBhaWQiOnsicmF0ZVBlckNhbGwiOiIxMDAiLCJtaW5EZXBvc2l0IjoiMTAwMDAiLCJ3aXRoZHJhd2FsRGVsYXlNcyI6IjU5OTk5In19"
|
|
305
|
+
},
|
|
306
|
+
"shouldReject": true,
|
|
307
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
308
|
+
},
|
|
309
|
+
{
|
|
310
|
+
"description": "Rejects prepaid withdrawalDelayMs above 604800000 (7 day maximum)",
|
|
311
|
+
"input": {
|
|
312
|
+
"header": "eyJzNDAyVmVyc2lvbiI6IjEiLCJhY2NlcHRzIjpbInByZXBhaWQiXSwibmV0d29yayI6InN1aTptYWlubmV0IiwiYXNzZXQiOiJTVUkiLCJhbW91bnQiOiIxMDAwIiwicGF5VG8iOiIweGFiYyIsInByZXBhaWQiOnsicmF0ZVBlckNhbGwiOiIxMDAiLCJtaW5EZXBvc2l0IjoiMTAwMDAiLCJ3aXRoZHJhd2FsRGVsYXlNcyI6IjYwNDgwMDAwMSJ9fQ=="
|
|
313
|
+
},
|
|
314
|
+
"shouldReject": true,
|
|
315
|
+
"expectedErrorCode": "INVALID_PAYLOAD"
|
|
316
|
+
}
|
|
317
|
+
]
|