MCPcopy
hub / github.com/labstack/echo / TestSecureWithConfig_HSTSExcludeSubdomains

Function TestSecureWithConfig_HSTSExcludeSubdomains

middleware/secure_test.go:124–146  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

122}
123
124func TestSecureWithConfig_HSTSExcludeSubdomains(t *testing.T) {
125 // Custom with CSPReportOnly flag
126 e := echo.New()
127 h := func(c *echo.Context) error {
128 return c.String(http.StatusOK, "test")
129 }
130
131 req := httptest.NewRequest(http.MethodGet, "/", nil)
132
133 // Custom, with preload option enabled and subdomains excluded
134 req.Header.Set(echo.HeaderXForwardedProto, "https")
135 rec := httptest.NewRecorder()
136 c := e.NewContext(req, rec)
137
138 err := SecureWithConfig(SecureConfig{
139 HSTSMaxAge: 3600,
140 HSTSPreloadEnabled: true,
141 HSTSExcludeSubdomains: true,
142 })(h)(c)
143 assert.NoError(t, err)
144
145 assert.Equal(t, "max-age=3600; preload", rec.Header().Get(echo.HeaderStrictTransportSecurity))
146}

Callers

nothing calls this directly

Calls 6

StringMethod · 0.95
SecureWithConfigFunction · 0.85
SetMethod · 0.80
NewContextMethod · 0.80
GetMethod · 0.45
HeaderMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…