berkus
/
actix-web
mirror of https://github.com/fafhrd91/actix-web
1
0
Fork 0
Code Issues Releases Wiki Activity

ci: add test to ensure header isn't leaked

This commit is contained in:
Nathan Shaaban 2022-12-29 20:13:14 +00:00
parent c14c03f073
commit 4957233405
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
actix-web/src/request.rs
View File

@ -916,4 +916,24 @@ mod tests {
let body = read_body(bar_resp).await;
assert_eq!(body, "http://localhost:8080/bar/nested");
}
#[test]
fn authorization_header_hidden_in_debug() {
let authorization_header = "Basic bXkgdXNlcm5hbWU6bXkgcGFzc3dvcmQK";
let req = TestRequest::get()
.insert_header((http::header::AUTHORIZATION, authorization_header))
.to_http_request();
assert!(!format!("{:?}", req).contains(authorization_header));
}
#[test]
fn other_header_visible_in_debug() {
let location_header = "192.0.0.1";
let req = TestRequest::get()
.insert_header((http::header::LOCATION, location_header))
.to_http_request();
assert!(format!("{:?}", req).contains(location_header));
}
}