MCPcopy
hub / github.com/uber-go/zap / FuzzAtomicLevelServeHTTP

Function FuzzAtomicLevelServeHTTP

http_handler_test.go:241–259  ·  view source on GitHub ↗
(f *testing.F)

Source from the content-addressed store, hash-verified

239}
240
241func FuzzAtomicLevelServeHTTP(f *testing.F) {
242 f.Add(`{"level":"info"}`)
243 f.Add(`{"level":"warn"}`)
244 f.Add(`{"level":"<script>alert(\"malicious\")</script>"}`)
245 f.Fuzz(func(t *testing.T, input string) {
246 lvl := zap.NewAtomicLevel()
247
248 resw := httptest.NewRecorder()
249 req, err := http.NewRequest(http.MethodPut, "http://localhost:9999/log/level", strings.NewReader(input))
250 require.NoError(t, err, "Error constructing request.")
251
252 lvl.ServeHTTP(resw, req)
253
254 require.NotEqual(t, http.StatusInternalServerError, resw.Code, "Unexpected status code.")
255
256 // Response body must never contain HTML tags.
257 assert.NotRegexp(t, `<[^>]+>`, resw.Body.String(), "Unexpected HTML tag in response body.")
258 })
259}

Callers

nothing calls this directly

Calls 4

ServeHTTPMethod · 0.95
NewAtomicLevelFunction · 0.92
AddMethod · 0.45
StringMethod · 0.45

Tested by

no test coverage detected