(t *testing.T)
| 2315 | } |
| 2316 | |
| 2317 | func Test_CSRF_All_Extractors(t *testing.T) { |
| 2318 | t.Parallel() |
| 2319 | |
| 2320 | testCases := []struct { |
| 2321 | setupRequest func(ctx *fasthttp.RequestCtx, token string) |
| 2322 | name string |
| 2323 | extractor extractors.Extractor |
| 2324 | expectStatus int |
| 2325 | }{ |
| 2326 | { |
| 2327 | name: "FromHeader", |
| 2328 | extractor: extractors.FromHeader("X-Csrf-Token"), |
| 2329 | setupRequest: func(ctx *fasthttp.RequestCtx, token string) { |
| 2330 | ctx.Request.Header.SetMethod(fiber.MethodPost) |
| 2331 | ctx.Request.Header.Set("X-Csrf-Token", token) |
| 2332 | ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token) |
| 2333 | }, |
| 2334 | expectStatus: 200, |
| 2335 | }, |
| 2336 | { |
| 2337 | name: "FromHeader_Missing", |
| 2338 | extractor: extractors.FromHeader("X-Csrf-Token"), |
| 2339 | setupRequest: func(ctx *fasthttp.RequestCtx, token string) { |
| 2340 | ctx.Request.Header.SetMethod(fiber.MethodPost) |
| 2341 | ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token) |
| 2342 | }, |
| 2343 | expectStatus: 403, |
| 2344 | }, |
| 2345 | { |
| 2346 | name: "FromForm", |
| 2347 | extractor: extractors.FromForm("_csrf"), |
| 2348 | setupRequest: func(ctx *fasthttp.RequestCtx, token string) { |
| 2349 | ctx.Request.Header.SetMethod(fiber.MethodPost) |
| 2350 | ctx.Request.Header.Set(fiber.HeaderContentType, fiber.MIMEApplicationForm) |
| 2351 | ctx.Request.SetBodyString("_csrf=" + token) |
| 2352 | ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token) |
| 2353 | }, |
| 2354 | expectStatus: 200, |
| 2355 | }, |
| 2356 | { |
| 2357 | name: "FromForm_Missing", |
| 2358 | extractor: extractors.FromForm("_csrf"), |
| 2359 | setupRequest: func(ctx *fasthttp.RequestCtx, token string) { |
| 2360 | ctx.Request.Header.SetMethod(fiber.MethodPost) |
| 2361 | ctx.Request.Header.Set(fiber.HeaderContentType, fiber.MIMEApplicationForm) |
| 2362 | ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token) |
| 2363 | }, |
| 2364 | expectStatus: 403, |
| 2365 | }, |
| 2366 | { |
| 2367 | name: "FromQuery", |
| 2368 | extractor: extractors.FromQuery("csrf_token"), |
| 2369 | setupRequest: func(ctx *fasthttp.RequestCtx, token string) { |
| 2370 | ctx.Request.Header.SetMethod(fiber.MethodPost) |
| 2371 | ctx.Request.SetRequestURI("/?csrf_token=" + token) |
| 2372 | ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token) |
| 2373 | }, |
| 2374 | expectStatus: 200, |
nothing calls this directly
no test coverage detected