MCPcopy
hub / github.com/gofiber/fiber / Test_CustomValues_AllHeaders

Function Test_CustomValues_AllHeaders

middleware/helmet/helmet_test.go:42–84  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

40}
41
42func Test_CustomValues_AllHeaders(t *testing.T) {
43 app := fiber.New()
44
45 app.Use(New(Config{
46 // Custom values for all headers
47 XSSProtection: "0",
48 ContentTypeNosniff: "custom-nosniff",
49 XFrameOptions: "DENY",
50 HSTSExcludeSubdomains: true,
51 ContentSecurityPolicy: "default-src 'none'",
52 CSPReportOnly: true,
53 ReferrerPolicy: "origin",
54 PermissionPolicy: "geolocation=(self)",
55 CrossOriginEmbedderPolicy: "custom-value",
56 CrossOriginOpenerPolicy: "custom-value",
57 CrossOriginResourcePolicy: "custom-value",
58 OriginAgentCluster: "custom-value",
59 XDNSPrefetchControl: "custom-control",
60 XDownloadOptions: "custom-options",
61 XPermittedCrossDomain: "custom-policies",
62 }))
63
64 app.Get("/", func(c fiber.Ctx) error {
65 return c.SendString("Hello, World!")
66 })
67
68 resp, err := app.Test(httptest.NewRequest(fiber.MethodGet, "/", http.NoBody))
69 require.NoError(t, err)
70 // Assertions for custom header values
71 require.Equal(t, "0", resp.Header.Get(fiber.HeaderXXSSProtection))
72 require.Equal(t, "custom-nosniff", resp.Header.Get(fiber.HeaderXContentTypeOptions))
73 require.Equal(t, "DENY", resp.Header.Get(fiber.HeaderXFrameOptions))
74 require.Equal(t, "default-src 'none'", resp.Header.Get(fiber.HeaderContentSecurityPolicyReportOnly))
75 require.Equal(t, "origin", resp.Header.Get(fiber.HeaderReferrerPolicy))
76 require.Equal(t, "geolocation=(self)", resp.Header.Get(fiber.HeaderPermissionsPolicy))
77 require.Equal(t, "custom-value", resp.Header.Get("Cross-Origin-Embedder-Policy"))
78 require.Equal(t, "custom-value", resp.Header.Get("Cross-Origin-Opener-Policy"))
79 require.Equal(t, "custom-value", resp.Header.Get("Cross-Origin-Resource-Policy"))
80 require.Equal(t, "custom-value", resp.Header.Get("Origin-Agent-Cluster"))
81 require.Equal(t, "custom-control", resp.Header.Get("X-DNS-Prefetch-Control"))
82 require.Equal(t, "custom-options", resp.Header.Get("X-Download-Options"))
83 require.Equal(t, "custom-policies", resp.Header.Get("X-Permitted-Cross-Domain-Policies"))
84}
85
86func Test_RealWorldValues_AllHeaders(t *testing.T) {
87 app := fiber.New()

Callers

nothing calls this directly

Calls 6

TestMethod · 0.80
NewFunction · 0.70
NewMethod · 0.65
UseMethod · 0.65
GetMethod · 0.65
SendStringMethod · 0.65

Tested by

no test coverage detected