Test_CSRF_Referer() — fiber Function Reference
Architecture documentation for the Test_CSRF_Referer() function in csrf_test.go from the fiber codebase.
Entity Profile
Dependency Diagram
graph TD 3ff0c937_02b0_11c6_5e37_3d3622db5c15["Test_CSRF_Referer()"] 306a0c68_f5a5_b368_f37a_1419425a8fea["csrf_test.go"] 3ff0c937_02b0_11c6_5e37_3d3622db5c15 -->|defined in| 306a0c68_f5a5_b368_f37a_1419425a8fea c0e56540_33d3_bca9_1b08_7be0c1c5a7cb["newTrustedApp()"] 3ff0c937_02b0_11c6_5e37_3d3622db5c15 -->|calls| c0e56540_33d3_bca9_1b08_7be0c1c5a7cb bb323ee5_6f3e_2587_e39a_a230309b88c4["newTrustedRequestCtx()"] 3ff0c937_02b0_11c6_5e37_3d3622db5c15 -->|calls| bb323ee5_6f3e_2587_e39a_a230309b88c4 style 3ff0c937_02b0_11c6_5e37_3d3622db5c15 fill:#6366f1,stroke:#818cf8,color:#fff
Relationship Graph
Source Code
middleware/csrf/csrf_test.go lines 1372–1522
func Test_CSRF_Referer(t *testing.T) {
t.Parallel()
app := newTrustedApp()
app.Use(New(Config{CookieSecure: true}))
app.Post("/", func(c fiber.Ctx) error {
return c.SendStatus(fiber.StatusOK)
})
h := app.Handler()
ctx := newTrustedRequestCtx()
ctx.Request.Header.SetMethod(fiber.MethodGet)
ctx.Request.Header.Set(fiber.HeaderXForwardedProto, "https")
h(ctx)
token := string(ctx.Response.Header.Peek(fiber.HeaderSetCookie))
token = strings.Split(strings.Split(token, ";")[0], "=")[1]
// Test Correct Referer with port
ctx.Request.Reset()
ctx.Response.Reset()
ctx.Request.Header.SetMethod(fiber.MethodPost)
ctx.Request.Header.Set(fiber.HeaderXForwardedProto, "https")
ctx.Request.URI().SetScheme("https")
ctx.Request.URI().SetHost("example.com:8443")
ctx.Request.Header.SetProtocol("https")
ctx.Request.Header.SetHost("example.com:8443")
ctx.Request.Header.Set(fiber.HeaderReferer, ctx.Request.URI().String())
ctx.Request.Header.Set(HeaderName, token)
ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
h(ctx)
require.Equal(t, 200, ctx.Response.StatusCode())
// Test Referer without default HTTPS port against host with default port
ctx.Request.Reset()
ctx.Response.Reset()
ctx.Request.Header.SetMethod(fiber.MethodPost)
ctx.Request.Header.Set(fiber.HeaderXForwardedProto, "https")
ctx.Request.URI().SetScheme("https")
ctx.Request.URI().SetHost("example.com:443")
ctx.Request.Header.SetProtocol("https")
ctx.Request.Header.SetHost("example.com:443")
ctx.Request.Header.Set(fiber.HeaderReferer, "https://example.com")
ctx.Request.Header.Set(HeaderName, token)
ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
h(ctx)
require.Equal(t, 200, ctx.Response.StatusCode())
// Test Referer with default HTTPS port against host without port
ctx.Request.Reset()
ctx.Response.Reset()
ctx.Request.Header.SetMethod(fiber.MethodPost)
ctx.Request.Header.Set(fiber.HeaderXForwardedProto, "https")
ctx.Request.URI().SetScheme("https")
ctx.Request.URI().SetHost("example.com")
ctx.Request.Header.SetProtocol("https")
ctx.Request.Header.SetHost("example.com")
ctx.Request.Header.Set(fiber.HeaderReferer, "https://example.com:443")
ctx.Request.Header.Set(HeaderName, token)
ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
h(ctx)
require.Equal(t, 200, ctx.Response.StatusCode())
// Test Correct Referer with ReverseProxy
ctx.Request.Reset()
ctx.Response.Reset()
ctx.Request.Header.SetMethod(fiber.MethodPost)
ctx.Request.Header.Set(fiber.HeaderXForwardedProto, "https")
ctx.Request.URI().SetScheme("https")
ctx.Request.URI().SetHost("10.0.1.42.com:8443")
ctx.Request.Header.SetProtocol("https")
ctx.Request.Header.SetHost("10.0.1.42:8443")
ctx.Request.Header.Set(fiber.HeaderXForwardedProto, "https")
ctx.Request.Header.Set(fiber.HeaderXForwardedHost, "example.com")
ctx.Request.Header.Set(fiber.HeaderXForwardedFor, `192.0.2.43, "[2001:db8:cafe::17]"`)
ctx.Request.Header.Set(fiber.HeaderReferer, "https://example.com")
ctx.Request.Header.Set(HeaderName, token)
ctx.Request.Header.SetCookie(ConfigDefault.CookieName, token)
h(ctx)
require.Equal(t, 200, ctx.Response.StatusCode())
Domain
Subdomains
Defined In
Source
Frequently Asked Questions
What does Test_CSRF_Referer() do?
Test_CSRF_Referer() is a function in the fiber codebase, defined in middleware/csrf/csrf_test.go.
Where is Test_CSRF_Referer() defined?
Test_CSRF_Referer() is defined in middleware/csrf/csrf_test.go at line 1372.
What does Test_CSRF_Referer() call?
Test_CSRF_Referer() calls 2 function(s): newTrustedApp, newTrustedRequestCtx.
Analyze Your Own Codebase
Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.
Try Supermodel Free