aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDmitry Chestnykh <dmitry@codingrobots.com>2015-03-27 18:48:51 +0300
committerDmitry Chestnykh <dmitry@codingrobots.com>2015-03-27 18:48:51 +0300
commit2e358078af96ec4fe5b962482254f80aabc35f64 (patch)
tree17bb032ea5d4d152aec5c852bfd09539dbd7bea1
parentab638a3cc27c77beedde96fd004f6c65b7d35211 (diff)
Add test for decoding some invalid cookies.
-rw-r--r--securecookie_test.go22
1 files changed, 22 insertions, 0 deletions
diff --git a/securecookie_test.go b/securecookie_test.go
index 381320d..241ff10 100644
--- a/securecookie_test.go
+++ b/securecookie_test.go
@@ -8,6 +8,7 @@ import (
"crypto/aes"
"crypto/hmac"
"crypto/sha256"
+ "encoding/base64"
"errors"
"fmt"
"strings"
@@ -66,6 +67,27 @@ func TestSecureCookie(t *testing.T) {
}
}
+func TestDecodeInvalid(t *testing.T) {
+ // List of invalid cookies, which must not be accepted, base64-decoded
+ // (they will be encoded before passing to Decode).
+ invalidCookies := []string{
+ "",
+ " ",
+ "\n",
+ "||",
+ "|||",
+ "cookie",
+ }
+ s := New([]byte("12345"), nil)
+ var dst string
+ for i, v := range invalidCookies {
+ err := s.Decode("name", base64.StdEncoding.EncodeToString([]byte(v)), &dst)
+ if err == nil {
+ t.Fatalf("%d: expected failure decoding", i)
+ }
+ }
+}
+
func TestAuthentication(t *testing.T) {
hash := hmac.New(sha256.New, []byte("secret-key"))
for _, value := range testStrings {