(t *testing.T)
| 163 | } |
| 164 | |
| 165 | func TestProxyChecksHeaderForAccessRules(t *testing.T) { |
| 166 | server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
| 167 | fmt.Fprintln(w, "OK") |
| 168 | })) |
| 169 | defer server.Close() |
| 170 | |
| 171 | proxy := httptest.NewServer(&HTTPProxy{ |
| 172 | ProtectHeaders: testProtectHeaders, |
| 173 | Config: config.Proxy{}, |
| 174 | Transport: http.DefaultTransport, |
| 175 | Lookup: func(r *http.Request) *route.Target { |
| 176 | tgt := &route.Target{ |
| 177 | URL: mustParse(server.URL), |
| 178 | Opts: map[string]string{"allow": "ip:127.0.0.0/8,ip:fe80::/10,ip:::1"}, |
| 179 | } |
| 180 | tgt.ProcessAccessRules() |
| 181 | return tgt |
| 182 | }, |
| 183 | }) |
| 184 | defer proxy.Close() |
| 185 | |
| 186 | req, _ := http.NewRequest("GET", proxy.URL, nil) |
| 187 | req.Header.Set("X-Forwarded-For", "1.2.3.4") |
| 188 | resp, _ := mustDo(req) |
| 189 | |
| 190 | if got, want := resp.StatusCode, http.StatusForbidden; got != want { |
| 191 | t.Errorf("got %v want %v", got, want) |
| 192 | } |
| 193 | } |
| 194 | |
| 195 | func TestProxyNoRouteHTML(t *testing.T) { |
| 196 | want := "<html>503</html>" |
nothing calls this directly
no test coverage detected