Skip to content

Commit 36b0edb

Browse files
MeGaurav4MeGaurav4
authored
test(poc): cover poc_location_tag and poc_location_in_url helpers (#1187)
1 parent 7e2abd0 commit 36b0edb

1 file changed

Lines changed: 54 additions & 0 deletions

File tree

src/cmd/scan/poc/tests.rs

Lines changed: 54 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,3 +46,57 @@ fn informational_block_defaults_tag_when_inject_type_empty() {
4646
let out = render_finding_block(&r, "plain", false, false);
4747
assert!(out.contains("[INF][Informational]"), "{out}");
4848
}
49+
50+
#[test]
51+
fn poc_location_tag_header_cookie_is_case_insensitive() {
52+
assert_eq!(poc_location_tag("Header", "Cookie"), Some("cookie"));
53+
assert_eq!(poc_location_tag("Header", "cookie"), Some("cookie"));
54+
assert_eq!(poc_location_tag("Header", "COOKIE"), Some("cookie"));
55+
}
56+
57+
#[test]
58+
fn poc_location_tag_header_non_cookie() {
59+
assert_eq!(poc_location_tag("Header", "X-Foo"), Some("hdr"));
60+
assert_eq!(poc_location_tag("Header", "Authorization"), Some("hdr"));
61+
}
62+
63+
#[test]
64+
fn poc_location_tag_body_variants() {
65+
assert_eq!(poc_location_tag("Body", "q"), Some("body"));
66+
assert_eq!(poc_location_tag("JsonBody", "q"), Some("body"));
67+
assert_eq!(poc_location_tag("MultipartBody", "q"), Some("body"));
68+
}
69+
70+
#[test]
71+
fn poc_location_tag_path_and_fragment() {
72+
assert_eq!(poc_location_tag("Path", "seg"), Some("path"));
73+
assert_eq!(poc_location_tag("Fragment", "f"), Some("frag"));
74+
}
75+
76+
#[test]
77+
fn poc_location_tag_query_and_empty_return_none() {
78+
assert_eq!(poc_location_tag("", "q"), None);
79+
assert_eq!(poc_location_tag("Query", "q"), None);
80+
}
81+
82+
#[test]
83+
fn poc_location_tag_unknown_returns_none() {
84+
assert_eq!(poc_location_tag("UnknownLocation", "q"), None);
85+
}
86+
87+
#[test]
88+
fn poc_location_in_url_true_for_query_path_fragment() {
89+
assert!(poc_location_in_url(""));
90+
assert!(poc_location_in_url("Query"));
91+
assert!(poc_location_in_url("Path"));
92+
assert!(poc_location_in_url("Fragment"));
93+
}
94+
95+
#[test]
96+
fn poc_location_in_url_false_for_side_channel_locations() {
97+
assert!(!poc_location_in_url("Header"));
98+
assert!(!poc_location_in_url("Cookie"));
99+
assert!(!poc_location_in_url("Body"));
100+
assert!(!poc_location_in_url("JsonBody"));
101+
assert!(!poc_location_in_url("MultipartBody"));
102+
}

0 commit comments

Comments
 (0)