fixed router.ServeHTTP

added in middleware: Cors and Helmet
2024-11-03 15:33:50 +05:30
parent 116afe7930
commit f72529aea5
5 changed files with 738 additions and 1 deletions
--- a/middleware/helmet_test.go
+++ b/middleware/helmet_test.go
@@ -0,0 +1,50 @@
+package middleware
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"gitserver.in/patialtech/mux"
+)
+
+func TestHelmet(t *testing.T) {
+	r := mux.NewRouter()
+	r.Get("/hello", func(writer http.ResponseWriter, request *http.Request) {
+		_, _ = writer.Write([]byte("hello there"))
+	})
+
+	endpoint := httptest.NewRequest(http.MethodGet, "/hello", nil)
+
+	// test endpoint registered/reachable
+	w := httptest.NewRecorder()
+	r.ServeHTTP(w, endpoint)
+	if w.Code != http.StatusOK {
+		t.Error("not expecting status", w.Code)
+		return
+	}
+
+	// no header test
+	w = httptest.NewRecorder()
+	r.ServeHTTP(w, endpoint)
+	csp := w.Header().Get("Content-Security-Policy")
+	// must not have a csp header, technically no header related to helmet but lets test with one.
+	if csp != "" {
+		t.Error("csp header not expected")
+	}
+
+	// introduce helmet middleware
+	r.Use(Helmet(HelmetOption{}))
+
+	// header tests..
+	w = httptest.NewRecorder()
+	r.ServeHTTP(w, endpoint)
+	// csp and other headers are expected
+	csp = w.Header().Get("Content-Security-Policy")
+	// fmt.Printf("csp %s", csp)
+	if csp == "" {
+		t.Error("csp header missing")
+	}
+
+	// TODO need more tests
+}