SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Add content-type error report test

Browse source
This commit is contained in:
koplas 2025-03-10 12:02:44 +01:00
parent 3cfafa8263
commit 534d6f049f
2 changed files with 65 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

53
cmd/csaf_checker/processor_test.go
View file

@ -14,6 +14,8 @@ import (
"net/http/httptest" "net/http/httptest"
"os" "os"
"reflect" "reflect"
"slices"
"strings"
"testing" "testing"
"text/template" "text/template"
@ -65,6 +67,57 @@ func getRequirementTestData(t *testing.T, params testutil.ProviderParams, direct
return requirement return requirement
} }
func TestContentTypeReport(t *testing.T) {
serverURL := ""
params := testutil.ProviderParams{
URL: "",
EnableSha256: true,
EnableSha512: true,
ForbidSha256: true,
ForbidSha512: true,
JSONContentType: "application/json; charset=utf-8",
}
server := httptest.NewTLSServer(testutil.ProviderHandler(&params, false))
defer server.Close()
serverURL = server.URL
params.URL = server.URL
hClient := server.Client()
client := util.Client(hClient)
cfg := config{}
err := cfg.prepare()
if err != nil {
t.Fatalf("SHA marking config failed: %v", err)
}
p, err := newProcessor(&cfg)
if err != nil {
t.Fatalf("could not init downloader: %v", err)
}
p.client = client
report, err := p.run([]string{serverURL + "/provider-metadata.json"})
if err != nil {
t.Errorf("Content-Type-Report: Expected no error, got: %v", err)
}
got := report.Domains[0].Requirements
idx := slices.IndexFunc(got, func(e *Requirement) bool {
return e.Num == 7
})
if idx == -1 {
t.Error("Content-Type-Report: Could not find requirement")
} else {
message := got[idx].Messages[0]
if message.Type != ErrorType || !strings.Contains(message.Text, "should be 'application/json'") {
t.Errorf("Content-Type-Report: Content Type Error, got %v", message)
}
}
p.close()
}
func TestShaMarking(t *testing.T) { func TestShaMarking(t *testing.T) {
tests := []struct { tests := []struct {
name string name string

8
internal/testutil/testutil.go
View file

@ -23,6 +23,7 @@ type ProviderParams struct {
EnableSha512 bool EnableSha512 bool
ForbidSha256 bool ForbidSha256 bool
ForbidSha512 bool ForbidSha512 bool
JSONContentType string
} }
// ProviderHandler returns a test provider handler with the specified configuration. // ProviderHandler returns a test provider handler with the specified configuration.
@ -35,6 +36,11 @@ func ProviderHandler(params *ProviderParams, directoryProvider bool) http.Handle
path += "simple-rolie-provider" path += "simple-rolie-provider"
} }
jsonContenType := "application/json"
if params.JSONContentType != "" {
jsonContenType = params.JSONContentType
}
path += r.URL.Path path += r.URL.Path
if strings.HasSuffix(r.URL.Path, "/") { if strings.HasSuffix(r.URL.Path, "/") {
@ -50,7 +56,7 @@ func ProviderHandler(params *ProviderParams, directoryProvider bool) http.Handle
case strings.HasSuffix(path, ".html"): case strings.HasSuffix(path, ".html"):
w.Header().Add("Content-Type", "text/html") w.Header().Add("Content-Type", "text/html")
case strings.HasSuffix(path, ".json"): case strings.HasSuffix(path, ".json"):
w.Header().Add("Content-Type", "application/json") w.Header().Add("Content-Type", jsonContenType)
case (strings.HasSuffix(path, ".sha256")) && params.ForbidSha256: case (strings.HasSuffix(path, ".sha256")) && params.ForbidSha256:
w.WriteHeader(http.StatusForbidden) w.WriteHeader(http.StatusForbidden)
return return