Kharec/goyco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test(middleware): expect CSRF cookie readable by script for header submit

Browse Source
This commit is contained in:
Sandro CURY CAZZANIGA
2026-05-06 20:07:35 +02:00
parent 2adf72c138
commit 4e188eb8d5
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/middleware/csrf_test.go
+2 -2
View File
@@ -242,8 +242,8 @@ func TestSetCSRFToken(t *testing.T) {
t.Errorf("Expected cookie value %s, got %s", token, cookie.Value)
}
if !cookie.HttpOnly {
t.Error("CSRF token cookie should be HttpOnly")
if cookie.HttpOnly {
t.Error("CSRF token cookie must not be HttpOnly so JS can mirror it to X-CSRF-Token")
}
if cookie.SameSite != http.SameSiteLaxMode {