MCPcopy
hub / github.com/gofiber/fiber / Test_CSRF_Chain_Extractor_SingleExtractor

Function Test_CSRF_Chain_Extractor_SingleExtractor

middleware/csrf/csrf_test.go:2277–2315  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

2275}
2276
2277func Test_CSRF_Chain_Extractor_SingleExtractor(t *testing.T) {
2278 t.Parallel()
2279 app := fiber.New()
2280
2281 // Chain with single extractor (should behave like the single extractor)
2282 singleChain := extractors.Chain(extractors.FromHeader("X-Csrf-Token"))
2283
2284 app.Use(New(Config{Extractor: singleChain}))
2285
2286 app.Post("/", func(c fiber.Ctx) error {
2287 return c.SendStatus(fiber.StatusOK)
2288 })
2289
2290 h := app.Handler()
2291 ctx := &fasthttp.RequestCtx{}
2292
2293 // Generate CSRF token
2294 ctx.Request.Header.SetMethod(fiber.MethodGet)
2295 h(ctx)
2296 token := string(ctx.Response.Header.Peek(fiber.HeaderSetCookie))
2297 token = strings.Split(strings.Split(token, ";")[0], "=")[1]
2298
2299 // Test valid token in header
2300 ctx.Request.Reset()
2301 ctx.Response.Reset()
2302 ctx.Request.Header.SetMethod(fiber.MethodPost)
2303 ctx.Request.Header.Set("X-Csrf-Token", token)
2304 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
2305 h(ctx)
2306 require.Equal(t, 200, ctx.Response.StatusCode())
2307
2308 // Test no token
2309 ctx.Request.Reset()
2310 ctx.Response.Reset()
2311 ctx.Request.Header.SetMethod(fiber.MethodPost)
2312 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
2313 h(ctx)
2314 require.Equal(t, 403, ctx.Response.StatusCode())
2315}
2316
2317func Test_CSRF_All_Extractors(t *testing.T) {
2318 t.Parallel()

Callers

nothing calls this directly

Calls 13

ChainFunction · 0.92
FromHeaderFunction · 0.92
HandlerMethod · 0.80
SetMethodMethod · 0.80
NewFunction · 0.70
NewMethod · 0.65
UseMethod · 0.65
PostMethod · 0.65
SendStatusMethod · 0.65
ResetMethod · 0.65
SetMethod · 0.65
SetCookieMethod · 0.45

Tested by

no test coverage detected