tamsin/learn-go
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lets-go:14.2 middleware tests

Browse Source
This commit is contained in:
tamsin johnson 2024-02-14 10:27:32 -08:00
parent 6744d12001
commit be85d936a9
1 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
snippetbox/cmd/web/middleware_test.go Normal file
View File

@ -0,0 +1,43 @@
package main
import (
"bytes"
"io"
"net/http"
"net/http/httptest"
"testing"
"snippetbox.chaosfem.tw/internal/assert"
)
func TestSecureHeaders(t *testing.T) {
rr := httptest.NewRecorder()
r, err := http.NewRequest(http.MethodGet, "/", nil)
if err != nil {
t.Fatal(err)
}
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("OK"))
})
secureHeaders(next).ServeHTTP(rr, r)
rs := rr.Result()
assert.Equal(t, rs.Header.Get("Content-Security-Policy"), "default-src 'self'; style-src 'self' fonts.googleapis.com; font-src fonts.gstatic.com")
assert.Equal(t, rs.Header.Get("Referrer-Policy"), "origin-when-cross-origin")
assert.Equal(t, rs.Header.Get("X-Content-Type-Options"), "nosniff")
assert.Equal(t, rs.Header.Get("X-Frame-Options"), "deny")
assert.Equal(t, rs.Header.Get("X-XSS-Protection"), "0")
defer rs.Body.Close()
body, err := io.ReadAll(rs.Body)
if err != nil {
t.Fatal(err)
}
assert.Equal(t, string(bytes.TrimSpace(body)), "OK")
}