d-bis/explorer-monorepo
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bdae5a9f6e8e2a357a4f33f5159045e35ae31ec3
explorer-monorepo/backend/api/websocket/server_test.go
defiQUG bdae5a9f6e feat: explorer API, wallet, CCIP scripts, and config refresh 
- Backend REST/gateway/track routes, analytics, Blockscout proxy paths.
- Frontend wallet and liquidity surfaces; MetaMask token list alignment.
- Deployment docs, verification scripts, address inventory updates.

Check: go build ./... under backend/ (pass).
Made-with: Cursor
2026-04-07 23:22:12 -07:00

43 lines
1.2 KiB
Go
Raw Blame History

package websocket
import (
"net/http/httptest"
"testing"
)
func TestWebsocketOriginAllowedDefaultsToSameHost(t *testing.T) {
t.Setenv("WEBSOCKET_ALLOWED_ORIGINS", "")
req := httptest.NewRequest("GET", "http://example.com/ws", nil)
req.Host = "example.com:8080"
req.Header.Set("Origin", "https://example.com")
if !websocketOriginAllowed(req) {
t.Fatal("expected same-host websocket origin to be allowed by default")
}
}
func TestWebsocketOriginAllowedRejectsCrossOriginByDefault(t *testing.T) {
t.Setenv("WEBSOCKET_ALLOWED_ORIGINS", "")
req := httptest.NewRequest("GET", "http://example.com/ws", nil)
req.Host = "example.com:8080"
req.Header.Set("Origin", "https://attacker.example")
if websocketOriginAllowed(req) {
t.Fatal("expected cross-origin websocket request to be rejected by default")
}
}
func TestWebsocketOriginAllowedHonorsExplicitAllowlist(t *testing.T) {
t.Setenv("WEBSOCKET_ALLOWED_ORIGINS", "https://app.example, https://ops.example")
req := httptest.NewRequest("GET", "http://example.com/ws", nil)
req.Host = "example.com:8080"
req.Header.Set("Origin", "https://ops.example")
if !websocketOriginAllowed(req) {
t.Fatal("expected allowlisted websocket origin to be accepted")
}
}
Reference in New Issue View Git Blame Copy Permalink