MCPcopy
hub / github.com/gofiber/fiber / Test_CSRF_From_Query

Function Test_CSRF_From_Query

middleware/csrf/csrf_test.go:722–758  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

720}
721
722func Test_CSRF_From_Query(t *testing.T) {
723 t.Parallel()
724 app := fiber.New()
725
726 app.Use(New(Config{Extractor: extractors.FromQuery("_csrf")}))
727
728 app.Post("/", func(c fiber.Ctx) error {
729 return c.SendStatus(fiber.StatusOK)
730 })
731
732 h := app.Handler()
733 ctx := &fasthttp.RequestCtx{}
734
735 // Invalid CSRF token
736 ctx.Request.Header.SetMethod(fiber.MethodPost)
737 ctx.Request.SetRequestURI("/?_csrf=" + utils.UUIDv4())
738 h(ctx)
739 require.Equal(t, 403, ctx.Response.StatusCode())
740
741 // Generate CSRF token
742 ctx.Request.Reset()
743 ctx.Response.Reset()
744 ctx.Request.Header.SetMethod(fiber.MethodGet)
745 ctx.Request.SetRequestURI("/")
746 h(ctx)
747 token := string(ctx.Response.Header.Peek(fiber.HeaderSetCookie))
748 token = strings.Split(strings.Split(token, ";")[0], "=")[1]
749
750 ctx.Request.Reset()
751 ctx.Response.Reset()
752 ctx.Request.SetRequestURI("/?_csrf=" + token)
753 ctx.Request.Header.SetMethod(fiber.MethodPost)
754 ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
755 h(ctx)
756 require.Equal(t, 200, ctx.Response.StatusCode())
757 require.Equal(t, "OK", string(ctx.Response.Body()))
758}
759
760func Test_CSRF_From_Param(t *testing.T) {
761 t.Parallel()

Callers

nothing calls this directly

Calls 12

FromQueryFunction · 0.92
HandlerMethod · 0.80
SetMethodMethod · 0.80
NewFunction · 0.70
NewMethod · 0.65
UseMethod · 0.65
PostMethod · 0.65
SendStatusMethod · 0.65
ResetMethod · 0.65
BodyMethod · 0.65
StatusCodeMethod · 0.45
SetCookieMethod · 0.45

Tested by

no test coverage detected