MCPcopy
hub / github.com/gofiber/fiber / Test_CSRF_All_Extractors

Function Test_CSRF_All_Extractors

middleware/csrf/csrf_test.go:2317–2417  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

2315}
2316
2317func Test_CSRF_All_Extractors(t *testing.T) {
2318 t.Parallel()
2319
2320 testCases := []struct {
2321 setupRequest func(ctx *fasthttp.RequestCtx, token string)
2322 name string
2323 extractor extractors.Extractor
2324 expectStatus int
2325 }{
2326 {
2327 name: "FromHeader",
2328 extractor: extractors.FromHeader("X-Csrf-Token"),
2329 setupRequest: func(ctx *fasthttp.RequestCtx, token string) {
2330 ctx.Request.Header.SetMethod(fiber.MethodPost)
2331 ctx.Request.Header.Set("X-Csrf-Token", token)
2332 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
2333 },
2334 expectStatus: 200,
2335 },
2336 {
2337 name: "FromHeader_Missing",
2338 extractor: extractors.FromHeader("X-Csrf-Token"),
2339 setupRequest: func(ctx *fasthttp.RequestCtx, token string) {
2340 ctx.Request.Header.SetMethod(fiber.MethodPost)
2341 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
2342 },
2343 expectStatus: 403,
2344 },
2345 {
2346 name: "FromForm",
2347 extractor: extractors.FromForm("_csrf"),
2348 setupRequest: func(ctx *fasthttp.RequestCtx, token string) {
2349 ctx.Request.Header.SetMethod(fiber.MethodPost)
2350 ctx.Request.Header.Set(fiber.HeaderContentType, fiber.MIMEApplicationForm)
2351 ctx.Request.SetBodyString("_csrf=" + token)
2352 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
2353 },
2354 expectStatus: 200,
2355 },
2356 {
2357 name: "FromForm_Missing",
2358 extractor: extractors.FromForm("_csrf"),
2359 setupRequest: func(ctx *fasthttp.RequestCtx, token string) {
2360 ctx.Request.Header.SetMethod(fiber.MethodPost)
2361 ctx.Request.Header.Set(fiber.HeaderContentType, fiber.MIMEApplicationForm)
2362 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
2363 },
2364 expectStatus: 403,
2365 },
2366 {
2367 name: "FromQuery",
2368 extractor: extractors.FromQuery("csrf_token"),
2369 setupRequest: func(ctx *fasthttp.RequestCtx, token string) {
2370 ctx.Request.Header.SetMethod(fiber.MethodPost)
2371 ctx.Request.SetRequestURI("/?csrf_token=" + token)
2372 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
2373 },
2374 expectStatus: 200,

Callers

nothing calls this directly

Calls 14

FromHeaderFunction · 0.92
FromFormFunction · 0.92
FromQueryFunction · 0.92
SetMethodMethod · 0.80
HandlerMethod · 0.80
NewFunction · 0.70
SetMethod · 0.65
NewMethod · 0.65
UseMethod · 0.65
PostMethod · 0.65
SendStatusMethod · 0.65
ResetMethod · 0.65

Tested by

no test coverage detected