Test_CSRF_InvalidURLHeaders() — fiber Function Reference
Architecture documentation for the Test_CSRF_InvalidURLHeaders() function in csrf_test.go from the fiber codebase.
Entity Profile
Dependency Diagram
graph TD da13a379_2de1_7cab_753f_0f45d25b84af["Test_CSRF_InvalidURLHeaders()"] 306a0c68_f5a5_b368_f37a_1419425a8fea["csrf_test.go"] da13a379_2de1_7cab_753f_0f45d25b84af -->|defined in| 306a0c68_f5a5_b368_f37a_1419425a8fea c0e56540_33d3_bca9_1b08_7be0c1c5a7cb["newTrustedApp()"] da13a379_2de1_7cab_753f_0f45d25b84af -->|calls| c0e56540_33d3_bca9_1b08_7be0c1c5a7cb bb323ee5_6f3e_2587_e39a_a230309b88c4["newTrustedRequestCtx()"] da13a379_2de1_7cab_753f_0f45d25b84af -->|calls| bb323ee5_6f3e_2587_e39a_a230309b88c4 style da13a379_2de1_7cab_753f_0f45d25b84af fill:#6366f1,stroke:#818cf8,color:#fff
Relationship Graph
Source Code
middleware/csrf/csrf_test.go lines 1923–1977
func Test_CSRF_InvalidURLHeaders(t *testing.T) {
t.Parallel()
app := newTrustedApp()
errHandler := func(ctx fiber.Ctx, err error) error {
return ctx.Status(419).Send([]byte(err.Error()))
}
app.Use(New(Config{ErrorHandler: errHandler}))
app.Post("/", func(c fiber.Ctx) error {
return c.SendStatus(fiber.StatusOK)
})
h := app.Handler()
ctx := newTrustedRequestCtx()
// Generate CSRF token
ctx.Request.Header.SetMethod(fiber.MethodGet)
ctx.Request.Header.Set(fiber.HeaderXForwardedProto, "http")
h(ctx)
token := string(ctx.Response.Header.Peek(fiber.HeaderSetCookie))
token = strings.Split(strings.Split(token, ";")[0], "=")[1]
// invalid Origin
ctx.Request.Reset()
ctx.Response.Reset()
ctx.Request.Header.SetMethod(fiber.MethodPost)
ctx.Request.URI().SetScheme("http")
ctx.Request.URI().SetHost("example.com")
ctx.Request.Header.SetProtocol("http")
ctx.Request.Header.SetHost("example.com")
ctx.Request.Header.Set(fiber.HeaderOrigin, "http://[::1]:%38%30/Invalid Origin")
ctx.Request.Header.Set(HeaderName, token)
ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
h(ctx)
require.Equal(t, 419, ctx.Response.StatusCode())
require.Equal(t, ErrOriginInvalid.Error(), string(ctx.Response.Body()))
// invalid Referer
ctx.Request.Reset()
ctx.Response.Reset()
ctx.Request.Header.SetMethod(fiber.MethodPost)
ctx.Request.Header.Set(fiber.HeaderXForwardedProto, "https")
ctx.Request.URI().SetScheme("https")
ctx.Request.URI().SetHost("example.com")
ctx.Request.Header.SetProtocol("https")
ctx.Request.Header.SetHost("example.com")
ctx.Request.Header.Set(fiber.HeaderReferer, "http://[::1]:%38%30/Invalid Referer")
ctx.Request.Header.Set(HeaderName, token)
ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
h(ctx)
require.Equal(t, 419, ctx.Response.StatusCode())
require.Equal(t, ErrRefererInvalid.Error(), string(ctx.Response.Body()))
}Domain
Subdomains
Defined In
Source
Frequently Asked Questions
What does Test_CSRF_InvalidURLHeaders() do?
Test_CSRF_InvalidURLHeaders() is a function in the fiber codebase, defined in middleware/csrf/csrf_test.go.
Where is Test_CSRF_InvalidURLHeaders() defined?
Test_CSRF_InvalidURLHeaders() is defined in middleware/csrf/csrf_test.go at line 1923.
What does Test_CSRF_InvalidURLHeaders() call?
Test_CSRF_InvalidURLHeaders() calls 2 function(s): newTrustedApp, newTrustedRequestCtx.
Analyze Your Own Codebase
Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.
Try Supermodel Free