MCPcopy
hub / github.com/gofiber/fiber / Test_CookieJar_SetRejectUnrelatedDomain

Function Test_CookieJar_SetRejectUnrelatedDomain

client/cookiejar_test.go:455–474  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

453}
454
455func Test_CookieJar_SetRejectUnrelatedDomain(t *testing.T) {
456 t.Parallel()
457
458 jar := &CookieJar{}
459 origin := fasthttp.AcquireURI()
460 defer fasthttp.ReleaseURI(origin)
461 require.NoError(t, origin.Parse(nil, []byte("http://attacker.example/")))
462
463 c := &fasthttp.Cookie{}
464 c.SetKey("sess")
465 c.SetValue("evil")
466 c.SetDomain("victim.example")
467
468 jar.Set(origin, c)
469
470 target := fasthttp.AcquireURI()
471 defer fasthttp.ReleaseURI(target)
472 require.NoError(t, target.Parse(nil, []byte("http://victim.example/")))
473 require.Empty(t, jar.Get(target))
474}
475
476func Test_CookieJar_RejectPublicSuffixResponseDomain(t *testing.T) {
477 t.Parallel()

Callers

nothing calls this directly

Calls 3

SetMethod · 0.95
GetMethod · 0.95
ParseMethod · 0.65

Tested by

no test coverage detected