diff options
author | Dmitry Chestnykh <dmitry@codingrobots.com> | 2015-03-27 18:48:51 +0300 |
---|---|---|
committer | Dmitry Chestnykh <dmitry@codingrobots.com> | 2015-03-27 18:48:51 +0300 |
commit | 2e358078af96ec4fe5b962482254f80aabc35f64 (patch) | |
tree | 17bb032ea5d4d152aec5c852bfd09539dbd7bea1 /securecookie_test.go | |
parent | ab638a3cc27c77beedde96fd004f6c65b7d35211 (diff) |
Add test for decoding some invalid cookies.
Diffstat (limited to 'securecookie_test.go')
-rw-r--r-- | securecookie_test.go | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/securecookie_test.go b/securecookie_test.go index 381320d..241ff10 100644 --- a/securecookie_test.go +++ b/securecookie_test.go @@ -8,6 +8,7 @@ import ( "crypto/aes" "crypto/hmac" "crypto/sha256" + "encoding/base64" "errors" "fmt" "strings" @@ -66,6 +67,27 @@ func TestSecureCookie(t *testing.T) { } } +func TestDecodeInvalid(t *testing.T) { + // List of invalid cookies, which must not be accepted, base64-decoded + // (they will be encoded before passing to Decode). + invalidCookies := []string{ + "", + " ", + "\n", + "||", + "|||", + "cookie", + } + s := New([]byte("12345"), nil) + var dst string + for i, v := range invalidCookies { + err := s.Decode("name", base64.StdEncoding.EncodeToString([]byte(v)), &dst) + if err == nil { + t.Fatalf("%d: expected failure decoding", i) + } + } +} + func TestAuthentication(t *testing.T) { hash := hmac.New(sha256.New, []byte("secret-key")) for _, value := range testStrings { |