fiber Architecture Docs
Home / Function/ Test_CSRF_From_Custom() — fiber Function Reference

Test_CSRF_From_Custom() — fiber Function Reference

Architecture documentation for the Test_CSRF_From_Custom() function in csrf_test.go from the fiber codebase.

Function go FiberMiddleware Security

Entity Profile

Dependency Diagram

graph TD
  7a375376_d0a7_782f_ec09_91d2caf26b22["Test_CSRF_From_Custom()"]
  306a0c68_f5a5_b368_f37a_1419425a8fea["csrf_test.go"]
  7a375376_d0a7_782f_ec09_91d2caf26b22 -->|defined in| 306a0c68_f5a5_b368_f37a_1419425a8fea
  style 7a375376_d0a7_782f_ec09_91d2caf26b22 fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

middleware/csrf/csrf_test.go lines 746–796

func Test_CSRF_From_Custom(t *testing.T) {
	t.Parallel()
	app := fiber.New()

	extractor := extractors.Extractor{
		Extract: func(c fiber.Ctx) (string, error) {
			body := string(c.Body())
			// Generate the correct extractor to get the token from the correct location
			selectors := strings.Split(body, "=")

			if len(selectors) != 2 || selectors[1] == "" {
				return "", extractors.ErrNotFound
			}
			return selectors[1], nil
		},
		Source: extractors.SourceCustom,
		Key:    "_csrf",
	}

	app.Use(New(Config{Extractor: extractor}))

	app.Post("/", func(c fiber.Ctx) error {
		return c.SendStatus(fiber.StatusOK)
	})

	h := app.Handler()
	ctx := &fasthttp.RequestCtx{}

	// Invalid CSRF token
	ctx.Request.Header.SetMethod(fiber.MethodPost)
	ctx.Request.Header.Set(fiber.HeaderContentType, fiber.MIMETextPlain)
	h(ctx)
	require.Equal(t, 403, ctx.Response.StatusCode())

	// Generate CSRF token
	ctx.Request.Reset()
	ctx.Response.Reset()
	ctx.Request.Header.SetMethod(fiber.MethodGet)
	h(ctx)
	token := string(ctx.Response.Header.Peek(fiber.HeaderSetCookie))
	token = strings.Split(strings.Split(token, ";")[0], "=")[1]

	ctx.Request.Reset()
	ctx.Response.Reset()
	ctx.Request.Header.SetMethod(fiber.MethodPost)
	ctx.Request.Header.Set(fiber.HeaderContentType, fiber.MIMETextPlain)
	ctx.Request.SetBodyString("_csrf=" + token)
	ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
	h(ctx)
	require.Equal(t, 200, ctx.Response.StatusCode())
}

Domain

Subdomains

Defined In

Source

Frequently Asked Questions

What does Test_CSRF_From_Custom() do?
Test_CSRF_From_Custom() is a function in the fiber codebase, defined in middleware/csrf/csrf_test.go.
Where is Test_CSRF_From_Custom() defined?
Test_CSRF_From_Custom() is defined in middleware/csrf/csrf_test.go at line 746.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free