Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Fix the Fraud tests #3171

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
steven-tey merged 3 commits into from
Nov 28, 2025
Merged

Fix the Fraud tests #3171

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
03c10f4
Remove DUB_TEST_IDENTITY_HEADER
devkiran Nov 28, 2025
3599f9d
Update fraud tests to use new E2E_FRAUD_PARTNER links structure
devkiran Nov 28, 2025
241b62c
Use a keyed map
devkiran Nov 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 0 additions & 13 deletions apps/web/lib/middleware/utils/get-identity-hash.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,24 +1,11 @@
import { LOCALHOST_IP, hashStringSHA256 } from "@dub/utils";
import { ipAddress } from "@vercel/functions";
import { userAgent } from "next/server";
import { DUB_TEST_IDENTITY_HEADER } from "tests/utils/resource";

/**
* Combine IP + UA to create a unique identifier for the user (for deduplication)
*/
export async function getIdentityHash(req: Request) {
// If provided, use this identity directly (for E2E)
if (
process.env.NODE_ENV === "development" ||
process.env.VERCEL_ENV === "preview"
) {
const testOverride = req.headers.get(DUB_TEST_IDENTITY_HEADER);

if (testOverride) {
return await hashStringSHA256(testOverride);
}
}

const ip = ipAddress(req) || LOCALHOST_IP;
const ua = userAgent(req);
return await hashStringSHA256(`${ip}-${ua.ua}`);
Expand Down
15 changes: 5 additions & 10 deletions apps/web/tests/fraud/index.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,8 @@
import { Customer, fraudEventGroupProps, TrackLeadResponse } from "@/lib/types";
import { FraudRuleType } from "@prisma/client";
import { randomCustomer, randomId, retry } from "tests/utils/helpers";
import { randomCustomer, retry } from "tests/utils/helpers";
import { HttpClient } from "tests/utils/http";
import {
DUB_TEST_IDENTITY_HEADER,
E2E_FRAUD_PARTNER,
E2E_FRAUD_REFERRAL_SOURCE_BANNED_DOMAIN,
E2E_TRACK_CLICK_HEADERS,
Expand All @@ -16,14 +15,13 @@ describe.concurrent("/fraud/**", async () => {
const { http } = await h.init();

test("FraudRuleType = customerEmailMatch", async () => {
const clickLink = E2E_FRAUD_PARTNER.link;
const clickLink = E2E_FRAUD_PARTNER.links.customerEmailMatch;

// Track a click
const clickResponse = await http.post<{ clickId: string }>({
path: "/track/click",
headers: {
...E2E_TRACK_CLICK_HEADERS,
[DUB_TEST_IDENTITY_HEADER]: randomId(10),
},
body: {
domain: clickLink.domain,
Expand Down Expand Up @@ -59,14 +57,13 @@ describe.concurrent("/fraud/**", async () => {
});

test("FraudRuleType = customerEmailSuspiciousDomain", async () => {
const clickLink = E2E_FRAUD_PARTNER.link;
const clickLink = E2E_FRAUD_PARTNER.links.customerEmailSuspiciousDomain;

// Track a click
const clickResponse = await http.post<{ clickId: string }>({
path: "/track/click",
headers: {
...E2E_TRACK_CLICK_HEADERS,
[DUB_TEST_IDENTITY_HEADER]: randomId(10),
},
body: {
domain: clickLink.domain,
Expand Down Expand Up @@ -99,15 +96,14 @@ describe.concurrent("/fraud/**", async () => {
});

test("FraudRuleType = referralSourceBanned", async () => {
const clickLink = E2E_FRAUD_PARTNER.link;
const clickLink = E2E_FRAUD_PARTNER.links.referralSourceBanned;

// Track a click
const clickResponse = await http.post<{ clickId: string }>({
path: "/track/click",
headers: {
...E2E_TRACK_CLICK_HEADERS,
referer: `https://${E2E_FRAUD_REFERRAL_SOURCE_BANNED_DOMAIN}`,
[DUB_TEST_IDENTITY_HEADER]: randomId(10),
},
body: {
domain: clickLink.domain,
Expand Down Expand Up @@ -140,14 +136,13 @@ describe.concurrent("/fraud/**", async () => {
});

test("FraudRuleType = paidTrafficDetected", async () => {
const clickLink = E2E_FRAUD_PARTNER.link;
const clickLink = E2E_FRAUD_PARTNER.links.paidTrafficDetected;

// Track a click
const clickResponse = await http.post<{ clickId: string }>({
path: "/track/click",
headers: {
...E2E_TRACK_CLICK_HEADERS,
[DUB_TEST_IDENTITY_HEADER]: randomId(10),
},
body: {
domain: clickLink.domain,
Expand Down
30 changes: 17 additions & 13 deletions apps/web/tests/utils/resource.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,16 +8,6 @@ export const E2E_LINK = {
url: "https://github.com/dubinc",
};

/**
* Used exclusively in E2E tests to override the computed identity hash.
* When this header is present, `getIdentityHash()` will use its value
* as the hash input instead of relying on the real IP/User-Agent.
*
* This prevents deduplication during automated tests where multiple
* requests originate from the same IP and UA.
*/
export const DUB_TEST_IDENTITY_HEADER = "x-dub-test-identity";

export const E2E_TRACK_CLICK_HEADERS = {
referer: "https://dub.co",
"User-Agent":
Expand Down Expand Up @@ -220,9 +210,23 @@ export const E2E_CUSTOMERS = [
export const E2E_FRAUD_PARTNER = {
id: "pn_1K8ND11BZ4XPEX39QX3YMBGY0",
email: "[email protected]",
link: {
domain: "getacme.link",
key: "kiran-e2e-1",
links: {
customerEmailMatch: {
domain: "getacme.link",
key: "fraud-customer-match",
},
customerEmailSuspiciousDomain: {
domain: "getacme.link",
key: "fraud-customer-suspicious",
},
referralSourceBanned: {
domain: "getacme.link",
key: "fraud-referral-source-banned",
},
paidTrafficDetected: {
domain: "getacme.link",
key: "fraud-paid-traffic",
},
},
} as const;

Expand Down