GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Polish matchesRequireCsrfProtectionWhenNonStandardHTTPMethodIsUsed 

Issue gh-8149
pull/8534/head
Rob Winch 6 years ago
parent
0f92415395
commit
4473dca022
1 changed files with 7 additions and 10 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 17
      web/src/test/java/org/springframework/security/web/server/csrf/CsrfWebFilterTests.java

17
web/src/test/java/org/springframework/security/web/server/csrf/CsrfWebFilterTests.java
Unescape View File

@ -27,6 +27,7 @@ import org.springframework.http.MediaType; @@ -27,6 +27,7 @@ import org.springframework.http.MediaType;
import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
import org.springframework.mock.web.server.MockServerWebExchange;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult;
import org.springframework.test.web.reactive.server.WebTestClient;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@ -42,8 +43,6 @@ import static org.mockito.ArgumentMatchers.any; @@ -42,8 +43,6 @@ import static org.mockito.ArgumentMatchers.any;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verifyZeroInteractions;
import static org.mockito.Mockito.when;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.spy;
import static org.springframework.mock.web.server.MockServerWebExchange.from;
import static org.springframework.web.reactive.function.BodyInserters.fromMultipartData;
@ -189,15 +188,13 @@ public class CsrfWebFilterTests { @@ -189,15 +188,13 @@ public class CsrfWebFilterTests {
}
@Test
public void matchesRequireCSRFProtectionWhenNonStandardHTTPMethodIsUsed() {
final String NON_STANDARD_HTTP_METHOD = "non-standard-http-method";
MockServerWebExchange nonStandardHttpRequest = from(MockServerHttpRequest.method(HttpMethod.resolve(NON_STANDARD_HTTP_METHOD), "/"));
// gh-8452
public void matchesRequireCsrfProtectionWhenNonStandardHTTPMethodIsUsed() {
HttpMethod customHttpMethod = HttpMethod.resolve("non-standard-http-method");
MockServerWebExchange nonStandardHttpRequest = from(MockServerHttpRequest.method(customHttpMethod, "/"));
ServerWebExchangeMatcher serverWebExchangeMatcher = spy(CsrfWebFilter.DEFAULT_CSRF_MATCHER);
serverWebExchangeMatcher.matches(nonStandardHttpRequest);
verify(serverWebExchangeMatcher).matches(nonStandardHttpRequest);
assertThat(serverWebExchangeMatcher.matches(nonStandardHttpRequest).block().isMatch()).isTrue();
ServerWebExchangeMatcher serverWebExchangeMatcher = CsrfWebFilter.DEFAULT_CSRF_MATCHER;
assertThat(serverWebExchangeMatcher.matches(nonStandardHttpRequest).map(MatchResult::isMatch).block()).isTrue();
}
@Test

Write Preview
Loading…
Cancel
Save