fiber Architecture Docs
Home / Function/ Test_RealWorldValues_AllHeaders() — fiber Function Reference

Test_RealWorldValues_AllHeaders() — fiber Function Reference

Architecture documentation for the Test_RealWorldValues_AllHeaders() function in helmet_test.go from the fiber codebase.

Function go FiberCore Adapters

Entity Profile

Dependency Diagram

graph TD
  7851fbe1_06c3_4ca1_080e_9a6b7f13a1e2["Test_RealWorldValues_AllHeaders()"]
  dc893b58_cc7a_94e6_441a_587c6543a0cd["helmet_test.go"]
  7851fbe1_06c3_4ca1_080e_9a6b7f13a1e2 -->|defined in| dc893b58_cc7a_94e6_441a_587c6543a0cd
  style 7851fbe1_06c3_4ca1_080e_9a6b7f13a1e2 fill:#6366f1,stroke:#818cf8,color:#fff

Relationship Graph

Source Code

middleware/helmet/helmet_test.go lines 84–127

func Test_RealWorldValues_AllHeaders(t *testing.T) {
	app := fiber.New()

	app.Use(New(Config{
		// Real-world values for all headers
		XSSProtection:             "0",
		ContentTypeNosniff:        "nosniff",
		XFrameOptions:             "SAMEORIGIN",
		HSTSExcludeSubdomains:     false,
		ContentSecurityPolicy:     "default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests",
		CSPReportOnly:             false,
		HSTSPreloadEnabled:        true,
		ReferrerPolicy:            "no-referrer",
		PermissionPolicy:          "geolocation=(self)",
		CrossOriginEmbedderPolicy: "require-corp",
		CrossOriginOpenerPolicy:   "same-origin",
		CrossOriginResourcePolicy: "same-origin",
		OriginAgentCluster:        "?1",
		XDNSPrefetchControl:       "off",
		XDownloadOptions:          "noopen",
		XPermittedCrossDomain:     "none",
	}))

	app.Get("/", func(c fiber.Ctx) error {
		return c.SendString("Hello, World!")
	})

	resp, err := app.Test(httptest.NewRequest(fiber.MethodGet, "/", http.NoBody))
	require.NoError(t, err)
	// Assertions for real-world header values
	require.Equal(t, "0", resp.Header.Get(fiber.HeaderXXSSProtection))
	require.Equal(t, "nosniff", resp.Header.Get(fiber.HeaderXContentTypeOptions))
	require.Equal(t, "SAMEORIGIN", resp.Header.Get(fiber.HeaderXFrameOptions))
	require.Equal(t, "default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests", resp.Header.Get(fiber.HeaderContentSecurityPolicy))
	require.Equal(t, "no-referrer", resp.Header.Get(fiber.HeaderReferrerPolicy))
	require.Equal(t, "geolocation=(self)", resp.Header.Get(fiber.HeaderPermissionsPolicy))
	require.Equal(t, "require-corp", resp.Header.Get("Cross-Origin-Embedder-Policy"))
	require.Equal(t, "same-origin", resp.Header.Get("Cross-Origin-Opener-Policy"))
	require.Equal(t, "same-origin", resp.Header.Get("Cross-Origin-Resource-Policy"))
	require.Equal(t, "?1", resp.Header.Get("Origin-Agent-Cluster"))
	require.Equal(t, "off", resp.Header.Get("X-DNS-Prefetch-Control"))
	require.Equal(t, "noopen", resp.Header.Get("X-Download-Options"))
	require.Equal(t, "none", resp.Header.Get("X-Permitted-Cross-Domain-Policies"))
}

Domain

Subdomains

Defined In

Source

Frequently Asked Questions

What does Test_RealWorldValues_AllHeaders() do?
Test_RealWorldValues_AllHeaders() is a function in the fiber codebase, defined in middleware/helmet/helmet_test.go.
Where is Test_RealWorldValues_AllHeaders() defined?
Test_RealWorldValues_AllHeaders() is defined in middleware/helmet/helmet_test.go at line 84.

Analyze Your Own Codebase

Get architecture documentation, dependency graphs, and domain analysis for your codebase in minutes.

Try Supermodel Free