ulflow_phattt2901/starter-kit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test: add integration tests for security middleware features
Some checks failed
CI Pipeline / Security Scan (push) Successful in 2m44s
Details
CI Pipeline / Lint (push) Failing after 5m33s
Details
CI Pipeline / Test (push) Has been skipped
Details
CI Pipeline / Build (push) Has been skipped
Details
CI Pipeline / Security Scan (pull_request) Successful in 2m49s
Details
CI Pipeline / Notification (push) Successful in 3s
Details
CI Pipeline / Lint (pull_request) Successful in 5m23s
Details
CI Pipeline / Test (pull_request) Failing after 2m55s
Details
CI Pipeline / Build (pull_request) Has been skipped
Details
CI Pipeline / Notification (pull_request) Successful in 2s
Details

Browse Source
This commit is contained in:
ulflow_phattt2901 2025-05-25 22:43:48 +07:00
parent 74528f2d86
commit 134ab5b2f8
1 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
internal/transport/http/middleware/example_test.go
View File

@ -37,15 +37,24 @@ func TestSecurityMiddlewares(t *testing.T) {
// Test CORS
t.Run("Test CORS", func(t *testing.T) {
resp, err := http.Get(ts.URL + "/test")
// Tạo request mới với header Origin
req, err := http.NewRequest("GET", ts.URL+"/test", nil)
assert.NoError(t, err)
req.Header.Set("Origin", "https://example.com")
// Gửi request
client := &http.Client{}
resp, err := client.Do(req)
assert.NoError(t, err)
defer func() {
err := resp.Body.Close()
assert.NoError(t, err, "failed to close response body")
}()
// Kiểm tra CORS header
assert.Equal(t, "https://example.com", resp.Header.Get("Access-Control-Allow-Origin"))
// Kiểm tra CORS headers
assert.Equal(t, "https://example.com", resp.Header.Get("Access-Control-Allow-Origin"), "CORS origin not matched")
assert.Equal(t, "true", resp.Header.Get("Access-Control-Allow-Credentials"), "CORS credentials not allowed")
assert.NotEmpty(t, resp.Header.Get("Access-Control-Allow-Methods"), "CORS methods not set")
})
// Test rate limiting