MCPcopy
hub / github.com/labstack/echo / TestSecureWithConfig_HSTSPreloadEnabled

Function TestSecureWithConfig_HSTSPreloadEnabled

middleware/secure_test.go:101–122  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

99}
100
101func TestSecureWithConfig_HSTSPreloadEnabled(t *testing.T) {
102 // Custom with CSPReportOnly flag
103 e := echo.New()
104 h := func(c *echo.Context) error {
105 return c.String(http.StatusOK, "test")
106 }
107
108 req := httptest.NewRequest(http.MethodGet, "/", nil)
109 // Custom, with preload option enabled
110 req.Header.Set(echo.HeaderXForwardedProto, "https")
111 rec := httptest.NewRecorder()
112 c := e.NewContext(req, rec)
113
114 err := SecureWithConfig(SecureConfig{
115 HSTSMaxAge: 3600,
116 HSTSPreloadEnabled: true,
117 })(h)(c)
118 assert.NoError(t, err)
119
120 assert.Equal(t, "max-age=3600; includeSubdomains; preload", rec.Header().Get(echo.HeaderStrictTransportSecurity))
121
122}
123
124func TestSecureWithConfig_HSTSExcludeSubdomains(t *testing.T) {
125 // Custom with CSPReportOnly flag

Callers

nothing calls this directly

Calls 6

StringMethod · 0.95
SecureWithConfigFunction · 0.85
SetMethod · 0.80
NewContextMethod · 0.80
GetMethod · 0.45
HeaderMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…