Test security warning logs (would need to capture log output in real implementation)
(t *testing.T)
| 347 | |
| 348 | // Test security warning logs (would need to capture log output in real implementation) |
| 349 | func Test_CSRF_Security_Warnings(t *testing.T) { |
| 350 | t.Parallel() |
| 351 | |
| 352 | // Test that insecure extractors trigger warnings |
| 353 | // Note: In a real implementation, you'd want to capture log output |
| 354 | // For now, we just test that the configuration doesn't panic |
| 355 | |
| 356 | insecureConfigs := []Config{ |
| 357 | {Extractor: extractors.FromQuery("csrf_token")}, |
| 358 | {Extractor: extractors.FromParam("csrf")}, |
| 359 | } |
| 360 | |
| 361 | for i, cfg := range insecureConfigs { |
| 362 | t.Run(fmt.Sprintf("InsecureConfig%d", i), func(t *testing.T) { |
| 363 | t.Parallel() |
| 364 | require.NotPanics(t, func() { |
| 365 | configDefault(cfg) |
| 366 | }) |
| 367 | }) |
| 368 | } |
| 369 | } |
| 370 | |
| 371 | // Test isInsecureCookieExtractor function directly |
| 372 | func Test_isInsecureCookieExtractor(t *testing.T) { |
nothing calls this directly
no test coverage detected