CarrotSkin/backend
4
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4b4980820f65e19ef8df3e98695ae13347efa314
backend/internal/middleware/cors_test.go

135 lines
3.3 KiB
Go
Raw Normal View History

chore: 初始化仓库,排除二进制文件和覆盖率文件
2025-11-28 23:30:49 +08:00
package middleware
import (
"net/http"
"net/http/httptest"
"testing"
"github.com/gin-gonic/gin"
)
// TestCORS_Headers 测试CORS中间件设置的响应头
func TestCORS_Headers(t *testing.T) {
gin.SetMode(gin.TestMode)
router := gin.New()
router.Use(CORS())
router.GET("/test", func(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{"message": "success"})
})
req, _ := http.NewRequest("GET", "/test", nil)
w := httptest.NewRecorder()
router.ServeHTTP(w, req)
// 验证CORS响应头
expectedHeaders := map[string]string{
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Credentials": "true",
"Access-Control-Allow-Methods": "POST, OPTIONS, GET, PUT, DELETE",
}
for header, expectedValue := range expectedHeaders {
actualValue := w.Header().Get(header)
if actualValue != expectedValue {
t.Errorf("Header %s = %q, want %q", header, actualValue, expectedValue)
}
}
// 验证Access-Control-Allow-Headers包含必要字段
allowHeaders := w.Header().Get("Access-Control-Allow-Headers")
if allowHeaders == "" {
t.Error("Access-Control-Allow-Headers 不应为空")
}
}
// TestCORS_OPTIONS 测试OPTIONS请求处理
func TestCORS_OPTIONS(t *testing.T) {
gin.SetMode(gin.TestMode)
router := gin.New()
router.Use(CORS())
router.GET("/test", func(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{"message": "success"})
})
req, _ := http.NewRequest("OPTIONS", "/test", nil)
w := httptest.NewRecorder()
router.ServeHTTP(w, req)
// OPTIONS请求应该返回204状态码
if w.Code != http.StatusNoContent {
t.Errorf("OPTIONS请求状态码 = %d, want %d", w.Code, http.StatusNoContent)
}
}
// TestCORS_AllowMethods 测试允许的HTTP方法
func TestCORS_AllowMethods(t *testing.T) {
gin.SetMode(gin.TestMode)
router := gin.New()
router.Use(CORS())
router.GET("/test", func(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{"message": "success"})
})
methods := []string{"GET", "POST", "PUT", "DELETE"}
for _, method := range methods {
t.Run(method, func(t *testing.T) {
req, _ := http.NewRequest(method, "/test", nil)
w := httptest.NewRecorder()
router.ServeHTTP(w, req)
// 验证允许的方法头包含该方法
allowMethods := w.Header().Get("Access-Control-Allow-Methods")
if allowMethods == "" {
t.Error("Access-Control-Allow-Methods 不应为空")
}
})
}
}
// TestCORS_AllowHeaders 测试允许的请求头
func TestCORS_AllowHeaders(t *testing.T) {
gin.SetMode(gin.TestMode)
router := gin.New()
router.Use(CORS())
router.GET("/test", func(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{"message": "success"})
})
req, _ := http.NewRequest("GET", "/test", nil)
w := httptest.NewRecorder()
router.ServeHTTP(w, req)
allowHeaders := w.Header().Get("Access-Control-Allow-Headers")
expectedHeaders := []string{"Content-Type", "Authorization", "Accept"}
for _, expectedHeader := range expectedHeaders {
if !contains(allowHeaders, expectedHeader) {
t.Errorf("Access-Control-Allow-Headers 应包含 %s", expectedHeader)
}
}
}
// 辅助函数:检查字符串是否包含子字符串(简单实现)
func contains(s, substr string) bool {
if len(substr) == 0 {
return true
}
if len(s) < len(substr) {
return false
}
for i := 0; i <= len(s)-len(substr); i++ {
if s[i:i+len(substr)] == substr {
return true
}
}
return false
}
Reference in New Issue Copy Permalink