go/echo
1
0
Fork 0
mirror of https://github.com/labstack/echo.git synced 2025-07-17 01:43:02 +02:00
Code Issues Releases Activity

Fixed #600

Browse Source 
Signed-off-by: Vishal Rana <vr@labstack.com>
This commit is contained in:
Vishal Rana
2016-07-16 20:13:27 -07:00
parent c1358eda73
commit 0dab439ea4
2 changed files with 54 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
middleware/csrf_test.go
View File

@ -17,17 +17,12 @@ func TestCSRF(t *testing.T) {
rec := test.NewResponseRecorder()
c := e.NewContext(req, rec)
csrf := CSRFWithConfig(CSRFConfig{
Secret: []byte("secret"),
TokenLength: 16,
})
h := csrf(func(c echo.Context) error {
return c.String(http.StatusOK, "test")
})
// No secret
assert.Panics(t, func() {
CSRF(nil)
})
// Generate CSRF token
h(c)
assert.Contains(t, rec.Header().Get(echo.HeaderSetCookie), "_csrf")
@ -46,8 +41,7 @@ func TestCSRF(t *testing.T) {
assert.Error(t, h(c))
// Valid CSRF token
salt, _ := generateSalt(8)
token := generateCSRFToken([]byte("secret"), salt)
token := generateCSRFToken(16)
req.Header().Set(echo.HeaderCookie, "_csrf="+token)
req.Header().Set(echo.HeaderXCSRFToken, token)
if assert.NoError(t, h(c)) {