1 // Copyright 2010 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
19 var writeSetCookiesTests
= []struct {
24 &Cookie
{Name
: "cookie-1", Value
: "v$1"},
28 &Cookie
{Name
: "cookie-2", Value
: "two", MaxAge
: 3600},
29 "cookie-2=two; Max-Age=3600",
32 &Cookie
{Name
: "cookie-3", Value
: "three", Domain
: ".example.com"},
33 "cookie-3=three; Domain=example.com",
36 &Cookie
{Name
: "cookie-4", Value
: "four", Path
: "/restricted/"},
37 "cookie-4=four; Path=/restricted/",
40 &Cookie
{Name
: "cookie-5", Value
: "five", Domain
: "wrong;bad.abc"},
44 &Cookie
{Name
: "cookie-6", Value
: "six", Domain
: "bad-.abc"},
48 &Cookie
{Name
: "cookie-7", Value
: "seven", Domain
: "127.0.0.1"},
49 "cookie-7=seven; Domain=127.0.0.1",
52 &Cookie
{Name
: "cookie-8", Value
: "eight", Domain
: "::1"},
57 func TestWriteSetCookies(t
*testing
.T
) {
58 defer log
.SetOutput(os
.Stderr
)
59 var logbuf bytes
.Buffer
60 log
.SetOutput(&logbuf
)
62 for i
, tt
:= range writeSetCookiesTests
{
63 if g
, e
:= tt
.Cookie
.String(), tt
.Raw
; g
!= e
{
64 t
.Errorf("Test %d, expecting:\n%s\nGot:\n%s\n", i
, e
, g
)
69 if got
, sub
:= logbuf
.String(), "dropping domain attribute"; !strings
.Contains(got
, sub
) {
70 t
.Errorf("Expected substring %q in log output. Got:\n%s", sub
, got
)
74 type headerOnlyResponseWriter Header
76 func (ho headerOnlyResponseWriter
) Header() Header
{
80 func (ho headerOnlyResponseWriter
) Write([]byte) (int, error
) {
84 func (ho headerOnlyResponseWriter
) WriteHeader(int) {
88 func TestSetCookie(t
*testing
.T
) {
90 SetCookie(headerOnlyResponseWriter(m
), &Cookie
{Name
: "cookie-1", Value
: "one", Path
: "/restricted/"})
91 SetCookie(headerOnlyResponseWriter(m
), &Cookie
{Name
: "cookie-2", Value
: "two", MaxAge
: 3600})
92 if l
:= len(m
["Set-Cookie"]); l
!= 2 {
93 t
.Fatalf("expected %d cookies, got %d", 2, l
)
95 if g
, e
:= m
["Set-Cookie"][0], "cookie-1=one; Path=/restricted/"; g
!= e
{
96 t
.Errorf("cookie #1: want %q, got %q", e
, g
)
98 if g
, e
:= m
["Set-Cookie"][1], "cookie-2=two; Max-Age=3600"; g
!= e
{
99 t
.Errorf("cookie #2: want %q, got %q", e
, g
)
103 var addCookieTests
= []struct {
112 []*Cookie
{{Name
: "cookie-1", Value
: "v$1"}},
117 {Name
: "cookie-1", Value
: "v$1"},
118 {Name
: "cookie-2", Value
: "v$2"},
119 {Name
: "cookie-3", Value
: "v$3"},
121 "cookie-1=v$1; cookie-2=v$2; cookie-3=v$3",
125 func TestAddCookie(t
*testing
.T
) {
126 for i
, tt
:= range addCookieTests
{
127 req
, _
:= NewRequest("GET", "http://example.com/", nil)
128 for _
, c
:= range tt
.Cookies
{
131 if g
:= req
.Header
.Get("Cookie"); g
!= tt
.Raw
{
132 t
.Errorf("Test %d:\nwant: %s\n got: %s\n", i
, tt
.Raw
, g
)
138 var readSetCookiesTests
= []struct {
143 Header
{"Set-Cookie": {"Cookie-1=v$1"}},
144 []*Cookie
{{Name
: "Cookie-1", Value
: "v$1", Raw
: "Cookie-1=v$1"}},
147 Header
{"Set-Cookie": {"NID=99=YsDT5i3E-CXax-; expires=Wed, 23-Nov-2011 01:05:03 GMT; path=/; domain=.google.ch; HttpOnly"}},
150 Value
: "99=YsDT5i3E-CXax-",
152 Domain
: ".google.ch",
154 Expires
: time
.Date(2011, 11, 23, 1, 5, 3, 0, time
.UTC
),
155 RawExpires
: "Wed, 23-Nov-2011 01:05:03 GMT",
156 Raw
: "NID=99=YsDT5i3E-CXax-; expires=Wed, 23-Nov-2011 01:05:03 GMT; path=/; domain=.google.ch; HttpOnly",
160 Header
{"Set-Cookie": {".ASPXAUTH=7E3AA; expires=Wed, 07-Mar-2012 14:25:06 GMT; path=/; HttpOnly"}},
165 Expires
: time
.Date(2012, 3, 7, 14, 25, 6, 0, time
.UTC
),
166 RawExpires
: "Wed, 07-Mar-2012 14:25:06 GMT",
168 Raw
: ".ASPXAUTH=7E3AA; expires=Wed, 07-Mar-2012 14:25:06 GMT; path=/; HttpOnly",
172 Header
{"Set-Cookie": {"ASP.NET_SessionId=foo; path=/; HttpOnly"}},
174 Name
: "ASP.NET_SessionId",
178 Raw
: "ASP.NET_SessionId=foo; path=/; HttpOnly",
182 // TODO(bradfitz): users have reported seeing this in the
183 // wild, but do browsers handle it? RFC 6265 just says "don't
184 // do that" (section 3) and then never mentions header folding
186 // Header{"Set-Cookie": {"ASP.NET_SessionId=foo; path=/; HttpOnly, .ASPXAUTH=7E3AA; expires=Wed, 07-Mar-2012 14:25:06 GMT; path=/; HttpOnly"}},
189 func toJSON(v
interface{}) string {
190 b
, err
:= json
.Marshal(v
)
192 return fmt
.Sprintf("%#v", v
)
197 func TestReadSetCookies(t
*testing
.T
) {
198 for i
, tt
:= range readSetCookiesTests
{
199 for n
:= 0; n
< 2; n
++ { // to verify readSetCookies doesn't mutate its input
200 c
:= readSetCookies(tt
.Header
)
201 if !reflect
.DeepEqual(c
, tt
.Cookies
) {
202 t
.Errorf("#%d readSetCookies: have\n%s\nwant\n%s\n", i
, toJSON(c
), toJSON(tt
.Cookies
))
209 var readCookiesTests
= []struct {
215 Header
{"Cookie": {"Cookie-1=v$1", "c2=v2"}},
218 {Name
: "Cookie-1", Value
: "v$1"},
219 {Name
: "c2", Value
: "v2"},
223 Header
{"Cookie": {"Cookie-1=v$1", "c2=v2"}},
226 {Name
: "c2", Value
: "v2"},
230 Header
{"Cookie": {"Cookie-1=v$1; c2=v2"}},
233 {Name
: "Cookie-1", Value
: "v$1"},
234 {Name
: "c2", Value
: "v2"},
238 Header
{"Cookie": {"Cookie-1=v$1; c2=v2"}},
241 {Name
: "c2", Value
: "v2"},
246 func TestReadCookies(t
*testing
.T
) {
247 for i
, tt
:= range readCookiesTests
{
248 for n
:= 0; n
< 2; n
++ { // to verify readCookies doesn't mutate its input
249 c
:= readCookies(tt
.Header
, tt
.Filter
)
250 if !reflect
.DeepEqual(c
, tt
.Cookies
) {
251 t
.Errorf("#%d readCookies:\nhave: %s\nwant: %s\n", i
, toJSON(c
), toJSON(tt
.Cookies
))
258 func TestCookieSanitizeValue(t
*testing
.T
) {
259 defer log
.SetOutput(os
.Stderr
)
260 var logbuf bytes
.Buffer
261 log
.SetOutput(&logbuf
)
267 {"foo bar", "foobar"},
268 {"\x00\x7e\x7f\x80", "\x7e"},
269 {`"withquotes"`, "withquotes"},
271 for _
, tt
:= range tests
{
272 if got
:= sanitizeCookieValue(tt
.in
); got
!= tt
.want
{
273 t
.Errorf("sanitizeCookieValue(%q) = %q; want %q", tt
.in
, got
, tt
.want
)
277 if got
, sub
:= logbuf
.String(), "dropping invalid bytes"; !strings
.Contains(got
, sub
) {
278 t
.Errorf("Expected substring %q in log output. Got:\n%s", sub
, got
)
282 func TestCookieSanitizePath(t
*testing
.T
) {
283 defer log
.SetOutput(os
.Stderr
)
284 var logbuf bytes
.Buffer
285 log
.SetOutput(&logbuf
)
291 {"/path with space/", "/path with space/"},
292 {"/just;no;semicolon\x00orstuff/", "/justnosemicolonorstuff/"},
294 for _
, tt
:= range tests
{
295 if got
:= sanitizeCookiePath(tt
.in
); got
!= tt
.want
{
296 t
.Errorf("sanitizeCookiePath(%q) = %q; want %q", tt
.in
, got
, tt
.want
)
300 if got
, sub
:= logbuf
.String(), "dropping invalid bytes"; !strings
.Contains(got
, sub
) {
301 t
.Errorf("Expected substring %q in log output. Got:\n%s", sub
, got
)