MCPcopy
hub / github.com/gin-gonic/gin / TestSecureRequestDump

Function TestSecureRequestDump

recovery_test.go:259–319  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

257}
258
259func TestSecureRequestDump(t *testing.T) {
260 tests := []struct {
261 name string
262 req *http.Request
263 wantContains string
264 wantNotContain string
265 }{
266 {
267 name: "Authorization header standard case",
268 req: func() *http.Request {
269 r, _ := http.NewRequest(http.MethodGet, "http://example.com", nil)
270 r.Header.Set("Authorization", "Bearer secret-token")
271 return r
272 }(),
273 wantContains: "Authorization: *",
274 wantNotContain: "Bearer secret-token",
275 },
276 {
277 name: "authorization header lowercase",
278 req: func() *http.Request {
279 r, _ := http.NewRequest(http.MethodGet, "http://example.com", nil)
280 r.Header.Set("authorization", "some-secret")
281 return r
282 }(),
283 wantContains: "Authorization: *",
284 wantNotContain: "some-secret",
285 },
286 {
287 name: "Authorization header mixed case",
288 req: func() *http.Request {
289 r, _ := http.NewRequest(http.MethodGet, "http://example.com", nil)
290 r.Header.Set("AuThOrIzAtIoN", "token123")
291 return r
292 }(),
293 wantContains: "Authorization: *",
294 wantNotContain: "token123",
295 },
296 {
297 name: "No Authorization header",
298 req: func() *http.Request {
299 r, _ := http.NewRequest(http.MethodGet, "http://example.com", nil)
300 r.Header.Set("Content-Type", "application/json")
301 return r
302 }(),
303 wantContains: "",
304 wantNotContain: "Authorization: *",
305 },
306 }
307
308 for _, tt := range tests {
309 t.Run(tt.name, func(t *testing.T) {
310 result := secureRequestDump(tt.req)
311 if tt.wantContains != "" && !strings.Contains(result, tt.wantContains) {
312 t.Errorf("maskHeaders() = %q, want contains %q", result, tt.wantContains)
313 }
314 if tt.wantNotContain != "" && strings.Contains(result, tt.wantNotContain) {
315 t.Errorf("maskHeaders() = %q, want NOT contain %q", result, tt.wantNotContain)
316 }

Callers

nothing calls this directly

Calls 3

secureRequestDumpFunction · 0.85
SetMethod · 0.80
RunMethod · 0.80

Tested by

no test coverage detected