mux/middleware/helmet_test.go

51 lines
1.1 KiB
Go
Raw Normal View History

package middleware
import (
"net/http"
"net/http/httptest"
"testing"
"gitserver.in/patialtech/mux"
)
func TestHelmet(t *testing.T) {
r := mux.NewRouter()
r.Get("/hello", func(writer http.ResponseWriter, request *http.Request) {
_, _ = writer.Write([]byte("hello there"))
})
endpoint := httptest.NewRequest(http.MethodGet, "/hello", nil)
// test endpoint registered/reachable
w := httptest.NewRecorder()
r.ServeHTTP(w, endpoint)
if w.Code != http.StatusOK {
t.Error("not expecting status", w.Code)
return
}
// no header test
w = httptest.NewRecorder()
r.ServeHTTP(w, endpoint)
csp := w.Header().Get("Content-Security-Policy")
// must not have a csp header, technically no header related to helmet but lets test with one.
if csp != "" {
t.Error("csp header not expected")
}
// introduce helmet middleware
r.Use(Helmet(HelmetOption{}))
// header tests..
w = httptest.NewRecorder()
r.ServeHTTP(w, endpoint)
// csp and other headers are expected
csp = w.Header().Get("Content-Security-Policy")
// fmt.Printf("csp %s", csp)
if csp == "" {
t.Error("csp header missing")
}
// TODO need more tests
}