1 files changed, 99 insertions, 0 deletions
diff --git a/echo/middleware/csp_test.go b/echo/middleware/csp_test.go
new file mode 100644
index 0000000..71c3f57
--- /dev/null
+++ b/echo/middleware/csp_test.go
@@ -0,0 +1,99 @@
+package middleware
+import (
+        "encoding/json"
+        "net/url"
+        "testing"
+        "time"
+        "github.com/stretchr/testify/assert"
+        "github.com/stretchr/testify/suite"
+)
+func UrlMustParse(s string) *url.URL {
+        u, err := url.Parse(s)
+        if err != nil {
+                panic(err)
+        }
+        return u
+}
+type ContentSecurityPolicyConfigSuite struct {
+        suite.Suite
+}
+func TestContentSecurityPolicyConfigSuite(t *testing.T) {
+        suite.Run(t, &ContentSecurityPolicyConfigSuite{})
+}
+func (s *ContentSecurityPolicyConfigSuite) TestBoolField() {
+        c := &ContentSecurityPolicyConfig{
+                DefaultSrc: []CSPDirective{
+                        CSPSelf,
+                        CSPHost("https://example.com"),
+                },
+                UpgradeInsecureRequests: true,
+        }
+        assert.Equal(
+                s.T(),
+                "default-src 'self' https://example.com; upgrade-insecure-requests;",
+                c.String(),
+        )
+}
+func (s *ContentSecurityPolicyConfigSuite) TestListOfStrings() {
+        c := &ContentSecurityPolicyConfig{
+                DefaultSrc: []CSPDirective{
+                        CSPSelf,
+                        CSPHost("https://example.com"),
+                },
+                ConnectSrc: []CSPDirective{
+                        CSPData,
+                        CSPHost("https://*.example.com"),
+                },
+        }
+        assert.Equal(
+                s.T(),
+                "default-src 'self' https://example.com; connect-src data: https://*.example.com;",
+                c.String(),
+        )
+}
+func (s *ContentSecurityPolicyConfigSuite) TestListOfUrls() {
+        c := &ContentSecurityPolicyConfig{
+                ReportUri: []*url.URL{
+                        UrlMustParse("https://example.com/report"),
+                        UrlMustParse("https://example.com/report2"),
+                },
+        }
+        assert.Equal(
+                s.T(),
+                "report-uri https://example.com/report https://example.com/report2;",
+                c.String(),
+        )
+}
+func TestReportToMarshalJSON(t *testing.T) {
+        c := &CSPReportTo{
+                GroupName: "group",
+                MaxAge:    24 * time.Hour,
+                Endpoints: []*url.URL{
+                        UrlMustParse("https://example.com/report"),
+                        UrlMustParse("https://example.com/report2"),
+                },
+        }
+        b, err := json.Marshal(c)
+        if err != nil {
+                t.Fail()
+        }
+        assert.Equal(
+                t,
+                `{"endpoints":[{"url":"https://example.com/report"},{"url":"https://example.com/report2"}],"group":"group","max_age":86400}`,
+                string(b),
+        )
+}

diff --git a/echo/middleware/csp_test.go b/echo/middleware/csp_test.go new file mode 100644 index 0000000..71c3f57 --- /dev/null +++ b/echo/middleware/csp_test.go
@@ -0,0 +1,99 @@
	1	package middleware
	2
	3	import (
	4	"encoding/json"
	5	"net/url"
	6	"testing"
	7	"time"
	8
	9	"github.com/stretchr/testify/assert"
	10	"github.com/stretchr/testify/suite"
	11	)
	12
	13	func UrlMustParse(s string) *url.URL {
	14	u, err := url.Parse(s)
	15	if err != nil {
	16	panic(err)
	17	}
	18	return u
	19	}
	20
	21	type ContentSecurityPolicyConfigSuite struct {
	22	suite.Suite
	23	}
	24
	25	func TestContentSecurityPolicyConfigSuite(t *testing.T) {
	26	suite.Run(t, &ContentSecurityPolicyConfigSuite{})
	27	}
	28
	29	func (s *ContentSecurityPolicyConfigSuite) TestBoolField() {
	30	c := &ContentSecurityPolicyConfig{
	31	DefaultSrc: []CSPDirective{
	32	CSPSelf,
	33	CSPHost("https://example.com"),
	34	},
	35	UpgradeInsecureRequests: true,
	36	}
	37
	38	assert.Equal(
	39	s.T(),
	40	"default-src 'self' https://example.com; upgrade-insecure-requests;",
	41	c.String(),
	42	)
	43	}
	44
	45	func (s *ContentSecurityPolicyConfigSuite) TestListOfStrings() {
	46	c := &ContentSecurityPolicyConfig{
	47	DefaultSrc: []CSPDirective{
	48	CSPSelf,
	49	CSPHost("https://example.com"),
	50	},
	51	ConnectSrc: []CSPDirective{
	52	CSPData,
	53	CSPHost("https://*.example.com"),
	54	},
	55	}
	56
	57	assert.Equal(
	58	s.T(),
	59	"default-src 'self' https://example.com; connect-src data: https://*.example.com;",
	60	c.String(),
	61	)
	62	}
	63
	64	func (s *ContentSecurityPolicyConfigSuite) TestListOfUrls() {
	65	c := &ContentSecurityPolicyConfig{
	66	ReportUri: []*url.URL{
	67	UrlMustParse("https://example.com/report"),
	68	UrlMustParse("https://example.com/report2"),
	69	},
	70	}
	71
	72	assert.Equal(
	73	s.T(),
	74	"report-uri https://example.com/report https://example.com/report2;",
	75	c.String(),
	76	)
	77	}
	78
	79	func TestReportToMarshalJSON(t *testing.T) {
	80	c := &CSPReportTo{
	81	GroupName: "group",
	82	MaxAge: 24 * time.Hour,
	83	Endpoints: []*url.URL{
	84	UrlMustParse("https://example.com/report"),
	85	UrlMustParse("https://example.com/report2"),
	86	},
	87	}
	88
	89	b, err := json.Marshal(c)
	90	if err != nil {
	91	t.Fail()
	92	}
	93
	94	assert.Equal(
	95	t,
	96	`{"endpoints":[{"url":"https://example.com/report"},{"url":"https://example.com/report2"}],"group":"group","max_age":86400}`,
	97	string(b),
	98	)
	99	}