| 270 | } |
| 271 | |
| 272 | func hstsHeaderForRequest(t *testing.T, config *Config, scheme string) string { |
| 273 | t.Helper() |
| 274 | |
| 275 | app := fiber.New() |
| 276 | app.Use(New(*config)) |
| 277 | app.Get("/", func(c fiber.Ctx) error { |
| 278 | return c.SendString("Hello, World!") |
| 279 | }) |
| 280 | |
| 281 | if scheme == "http" { |
| 282 | resp, err := app.Test(httptest.NewRequest(fiber.MethodGet, "/", http.NoBody)) |
| 283 | require.NoError(t, err) |
| 284 | header := resp.Header.Get(fiber.HeaderStrictTransportSecurity) |
| 285 | require.NoError(t, resp.Body.Close()) |
| 286 | return header |
| 287 | } |
| 288 | |
| 289 | require.Equal(t, "https", scheme) |
| 290 | |
| 291 | serverTLSConf, clientTLSConf, err := tlstest.GetTLSConfigs() |
| 292 | require.NoError(t, err) |
| 293 | |
| 294 | ln, err := net.Listen(fiber.NetworkTCP4, "127.0.0.1:0") |
| 295 | require.NoError(t, err) |
| 296 | |
| 297 | tlsListener := tls.NewListener(ln, serverTLSConf) |
| 298 | errCh := make(chan error, 1) |
| 299 | go func() { |
| 300 | errCh <- app.Listener(tlsListener, fiber.ListenConfig{ |
| 301 | DisableStartupMessage: true, |
| 302 | }) |
| 303 | }() |
| 304 | |
| 305 | client := &http.Client{ |
| 306 | Timeout: time.Second, |
| 307 | Transport: &http.Transport{ |
| 308 | TLSClientConfig: clientTLSConf, |
| 309 | }, |
| 310 | } |
| 311 | |
| 312 | var resp *http.Response |
| 313 | for deadline := time.Now().Add(time.Second); ; { |
| 314 | resp, err = client.Get("https://" + ln.Addr().String() + "/") |
| 315 | if err == nil { |
| 316 | break |
| 317 | } |
| 318 | if time.Now().After(deadline) { |
| 319 | require.NoError(t, err) |
| 320 | } |
| 321 | time.Sleep(10 * time.Millisecond) |
| 322 | } |
| 323 | |
| 324 | header := resp.Header.Get(fiber.HeaderStrictTransportSecurity) |
| 325 | require.NoError(t, resp.Body.Close()) |
| 326 | client.CloseIdleConnections() |
| 327 | |
| 328 | require.NoError(t, app.Shutdown()) |
| 329 | select { |