MCPcopy
hub / github.com/gofiber/fiber / Test_CSRF_From_Form

Function Test_CSRF_From_Form

middleware/csrf/csrf_test.go:685–720  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

683}
684
685func Test_CSRF_From_Form(t *testing.T) {
686 t.Parallel()
687 app := fiber.New()
688
689 app.Use(New(Config{Extractor: extractors.FromForm("_csrf")}))
690
691 app.Post("/", func(c fiber.Ctx) error {
692 return c.SendStatus(fiber.StatusOK)
693 })
694
695 h := app.Handler()
696 ctx := &fasthttp.RequestCtx{}
697
698 // Invalid CSRF token
699 ctx.Request.Header.SetMethod(fiber.MethodPost)
700 ctx.Request.Header.Set(fiber.HeaderContentType, fiber.MIMEApplicationForm)
701 h(ctx)
702 require.Equal(t, 403, ctx.Response.StatusCode())
703
704 // Generate CSRF token
705 ctx.Request.Reset()
706 ctx.Response.Reset()
707 ctx.Request.Header.SetMethod(fiber.MethodGet)
708 h(ctx)
709 token := string(ctx.Response.Header.Peek(fiber.HeaderSetCookie))
710 token = strings.Split(strings.Split(token, ";")[0], "=")[1]
711
712 ctx.Request.Reset()
713 ctx.Response.Reset()
714 ctx.Request.Header.SetMethod(fiber.MethodPost)
715 ctx.Request.Header.Set(fiber.HeaderContentType, fiber.MIMEApplicationForm)
716 ctx.Request.SetBodyString("_csrf=" + token)
717 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
718 h(ctx)
719 require.Equal(t, 200, ctx.Response.StatusCode())
720}
721
722func Test_CSRF_From_Query(t *testing.T) {
723 t.Parallel()

Callers

nothing calls this directly

Calls 12

FromFormFunction · 0.92
HandlerMethod · 0.80
SetMethodMethod · 0.80
NewFunction · 0.70
NewMethod · 0.65
UseMethod · 0.65
PostMethod · 0.65
SendStatusMethod · 0.65
SetMethod · 0.65
ResetMethod · 0.65
StatusCodeMethod · 0.45
SetCookieMethod · 0.45

Tested by

no test coverage detected