fixa aumento no serial do soa
This commit is contained in:
@@ -154,6 +154,15 @@ func TestLoginCreatesSession(t *testing.T) {
|
||||
if len(cookies) == 0 || cookies[0].Name != sessionCookieName {
|
||||
t.Fatalf("expected session cookie, got %#v", cookies)
|
||||
}
|
||||
if !cookies[0].HttpOnly {
|
||||
t.Fatal("session cookie must be HttpOnly")
|
||||
}
|
||||
if !cookies[0].Secure {
|
||||
t.Fatal("session cookie must be Secure")
|
||||
}
|
||||
if cookies[0].SameSite != http.SameSiteStrictMode {
|
||||
t.Fatalf("unexpected SameSite policy: %v", cookies[0].SameSite)
|
||||
}
|
||||
|
||||
req = httptest.NewRequest(http.MethodGet, "/zones", nil)
|
||||
req.AddCookie(cookies[0])
|
||||
@@ -196,9 +205,12 @@ func TestLogoutClearsSession(t *testing.T) {
|
||||
if err != nil {
|
||||
t.Fatalf("createSession returned error: %v", err)
|
||||
}
|
||||
csrfToken := srv.sessions[token].CSRFToken
|
||||
|
||||
req := httptest.NewRequest(http.MethodGet, "/logout", nil)
|
||||
body := strings.NewReader("csrf_token=" + csrfToken)
|
||||
req := httptest.NewRequest(http.MethodPost, "/logout", body)
|
||||
req.AddCookie(&http.Cookie{Name: sessionCookieName, Value: token})
|
||||
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
||||
rec := httptest.NewRecorder()
|
||||
|
||||
srv.routes().ServeHTTP(rec, req)
|
||||
@@ -211,6 +223,51 @@ func TestLogoutClearsSession(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestLogoutRequiresCSRF(t *testing.T) {
|
||||
srv, err := New(Config{Authenticator: &fakeAuth{allowed: true}}, &fakeClient{}, nil)
|
||||
if err != nil {
|
||||
t.Fatalf("New returned error: %v", err)
|
||||
}
|
||||
token, err := srv.createSession("alice")
|
||||
if err != nil {
|
||||
t.Fatalf("createSession returned error: %v", err)
|
||||
}
|
||||
|
||||
req := httptest.NewRequest(http.MethodPost, "/logout", nil)
|
||||
req.AddCookie(&http.Cookie{Name: sessionCookieName, Value: token})
|
||||
rec := httptest.NewRecorder()
|
||||
|
||||
srv.routes().ServeHTTP(rec, req)
|
||||
|
||||
if rec.Code != http.StatusForbidden {
|
||||
t.Fatalf("unexpected status: %d", rec.Code)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSecurityHeadersAreSet(t *testing.T) {
|
||||
srv, err := New(Config{}, &fakeClient{}, nil)
|
||||
if err != nil {
|
||||
t.Fatalf("New returned error: %v", err)
|
||||
}
|
||||
|
||||
req := httptest.NewRequest(http.MethodGet, "/healthz", nil)
|
||||
rec := httptest.NewRecorder()
|
||||
|
||||
srv.routes().ServeHTTP(rec, req)
|
||||
|
||||
for _, header := range []string{
|
||||
"Content-Security-Policy",
|
||||
"Referrer-Policy",
|
||||
"Strict-Transport-Security",
|
||||
"X-Content-Type-Options",
|
||||
"X-Frame-Options",
|
||||
} {
|
||||
if rec.Header().Get(header) == "" {
|
||||
t.Fatalf("expected %s header", header)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func TestParseLinesSkipsBlankLines(t *testing.T) {
|
||||
values := parseLines("192.0.2.1\n\n192.0.2.2\n")
|
||||
if len(values) != 2 {
|
||||
|
||||
Reference in New Issue
Block a user