(t *testing.T)
| 64 | } |
| 65 | |
| 66 | func TestGetEffectiveHostAndScheme(t *testing.T) { |
| 67 | t.Parallel() |
| 68 | |
| 69 | tests := []struct { |
| 70 | name string |
| 71 | setupRequest func() *http.Request |
| 72 | cfg *Config |
| 73 | expectedHost string |
| 74 | expectedScheme string |
| 75 | }{ |
| 76 | { |
| 77 | name: "basic request without forwarding headers", |
| 78 | setupRequest: func() *http.Request { |
| 79 | req := httptest.NewRequest(http.MethodGet, "/test", nil) |
| 80 | req.Host = "example.com" |
| 81 | return req |
| 82 | }, |
| 83 | cfg: &Config{}, |
| 84 | expectedHost: "example.com", |
| 85 | expectedScheme: "http", // defaults to http |
| 86 | }, |
| 87 | { |
| 88 | name: "X-Forwarded-Host ignored by default", |
| 89 | setupRequest: func() *http.Request { |
| 90 | req := httptest.NewRequest(http.MethodGet, "/test", nil) |
| 91 | req.Host = "internal.example.com" |
| 92 | req.Header.Set(headers.ForwardedHostHeader, "attacker.example.com") |
| 93 | req.Header.Set(headers.ForwardedProtoHeader, "https") |
| 94 | return req |
| 95 | }, |
| 96 | cfg: &Config{}, |
| 97 | expectedHost: "internal.example.com", |
| 98 | expectedScheme: "http", |
| 99 | }, |
| 100 | { |
| 101 | name: "request with X-Forwarded-Host header", |
| 102 | setupRequest: func() *http.Request { |
| 103 | req := httptest.NewRequest(http.MethodGet, "/test", nil) |
| 104 | req.Host = "internal.example.com" |
| 105 | req.Header.Set(headers.ForwardedHostHeader, "public.example.com") |
| 106 | return req |
| 107 | }, |
| 108 | cfg: &Config{TrustProxyHeaders: true}, |
| 109 | expectedHost: "public.example.com", |
| 110 | expectedScheme: "http", |
| 111 | }, |
| 112 | { |
| 113 | name: "request with X-Forwarded-Proto header", |
| 114 | setupRequest: func() *http.Request { |
| 115 | req := httptest.NewRequest(http.MethodGet, "/test", nil) |
| 116 | req.Host = "example.com" |
| 117 | req.Header.Set(headers.ForwardedProtoHeader, "http") |
| 118 | return req |
| 119 | }, |
| 120 | cfg: &Config{TrustProxyHeaders: true}, |
| 121 | expectedHost: "example.com", |
| 122 | expectedScheme: "http", |
| 123 | }, |
nothing calls this directly
no test coverage detected