github.com/google/go-safeweb@v0.0.0-20231219055052-64d8cfc90fbb/safehttp/cookie_test.go (about) 1 // Copyright 2020 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // https://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package safehttp 16 17 import "testing" 18 19 func TestCookie(t *testing.T) { 20 tests := []struct { 21 name string 22 cookie *Cookie 23 want string 24 }{ 25 { 26 name: "Default", 27 cookie: NewCookie("foo", "bar"), 28 want: "foo=bar; HttpOnly; Secure; SameSite=Lax", 29 }, 30 { 31 name: "SameSite Lax", 32 cookie: func() *Cookie { 33 c := NewCookie("foo", "bar") 34 c.SameSite(SameSiteNoneMode) 35 c.SameSite(SameSiteLaxMode) 36 return c 37 }(), 38 want: "foo=bar; HttpOnly; Secure; SameSite=Lax", 39 }, 40 { 41 name: "SameSite strict", 42 cookie: func() *Cookie { 43 c := NewCookie("foo", "bar") 44 c.SameSite(SameSiteStrictMode) 45 return c 46 }(), 47 want: "foo=bar; HttpOnly; Secure; SameSite=Strict", 48 }, 49 { 50 name: "SameSite none", 51 cookie: func() *Cookie { 52 c := NewCookie("foo", "bar") 53 c.SameSite(SameSiteNoneMode) 54 return c 55 }(), 56 want: "foo=bar; HttpOnly; Secure; SameSite=None", 57 }, 58 { 59 name: "Maxage positive", 60 cookie: func() *Cookie { 61 c := NewCookie("foo", "bar") 62 c.SetMaxAge(10) 63 return c 64 }(), 65 want: "foo=bar; Max-Age=10; HttpOnly; Secure; SameSite=Lax", 66 }, 67 { 68 name: "Maxage negative", 69 cookie: func() *Cookie { 70 c := NewCookie("foo", "bar") 71 c.SetMaxAge(-1) 72 return c 73 }(), 74 want: "foo=bar; Max-Age=0; HttpOnly; Secure; SameSite=Lax", 75 }, 76 { 77 name: "Path", 78 cookie: func() *Cookie { 79 c := NewCookie("foo", "bar") 80 c.Path("/asdf") 81 return c 82 }(), 83 want: "foo=bar; Path=/asdf; HttpOnly; Secure; SameSite=Lax", 84 }, 85 { 86 name: "Domain", 87 cookie: func() *Cookie { 88 c := NewCookie("foo", "bar") 89 c.Domain("example.com") 90 return c 91 }(), 92 want: "foo=bar; Domain=example.com; HttpOnly; Secure; SameSite=Lax", 93 }, 94 { 95 name: "Not Secure", 96 cookie: func() *Cookie { 97 c := NewCookie("foo", "bar") 98 c.DisableSecure() 99 return c 100 }(), 101 want: "foo=bar; HttpOnly; SameSite=Lax", 102 }, 103 { 104 name: "Not HttpOnly", 105 cookie: func() *Cookie { 106 c := NewCookie("foo", "bar") 107 c.DisableHTTPOnly() 108 return c 109 }(), 110 want: "foo=bar; Secure; SameSite=Lax", 111 }, 112 } 113 114 for _, tt := range tests { 115 t.Run(tt.name, func(t *testing.T) { 116 if got := tt.cookie.String(); got != tt.want { 117 t.Errorf("tt.cookie.String() got: %q want: %q", got, tt.want) 118 } 119 }) 120 } 121 } 122 123 func TestCookieName(t *testing.T) { 124 c := NewCookie("foo", "bar") 125 if got, want := c.Name(), "foo"; got != want { 126 t.Errorf("c.Name() got: %v want: %v", got, want) 127 } 128 } 129 130 func TestCookieValue(t *testing.T) { 131 c := NewCookie("foo", "bar") 132 if got, want := c.Value(), "bar"; got != want { 133 t.Errorf("c.Value() got: %v want: %v", got, want) 134 } 135 }