Skip to content

Commit 10929f6

Browse files
committed
ci: enhance code quality and testing for secure.go and GitHub workflows
- Update golangci-lint-action to version 7 in GitHub workflow - Add version specification for golangci-lint-action in GitHub workflow - Create a new .golangci.yml file with specific linter configurations and exclusions - Split long comments in secure.go for better readability - Add context package import in secure_test.go - Replace hardcoded host and scheme strings with constants in secure_test.go - Use http.NewRequestWithContext instead of http.NewRequest in secure_test.go - Remove gin.SetMode initialization in secure_test.go Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
1 parent b1873ca commit 10929f6

File tree

4 files changed

+76
-23
lines changed

4 files changed

+76
-23
lines changed

.github/workflows/go.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,8 +23,9 @@ jobs:
2323
go-version-file: go.mod
2424
check-latest: true
2525
- name: Setup golangci-lint
26-
uses: golangci/golangci-lint-action@v6
26+
uses: golangci/golangci-lint-action@v7
2727
with:
28+
version: v2.0
2829
args: --verbose
2930
test:
3031
strategy:

.golangci.yml

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,50 @@
1+
version: "2"
2+
linters:
3+
default: none
4+
enable:
5+
- bodyclose
6+
- dogsled
7+
- dupl
8+
- errcheck
9+
- exhaustive
10+
- gochecknoinits
11+
- goconst
12+
- gocritic
13+
- gocyclo
14+
- goprintffuncname
15+
- gosec
16+
- govet
17+
- ineffassign
18+
- lll
19+
- misspell
20+
- nakedret
21+
- noctx
22+
- nolintlint
23+
- rowserrcheck
24+
- staticcheck
25+
- unconvert
26+
- unparam
27+
- unused
28+
- whitespace
29+
exclusions:
30+
generated: lax
31+
presets:
32+
- comments
33+
- common-false-positives
34+
- legacy
35+
- std-error-handling
36+
paths:
37+
- third_party$
38+
- builtin$
39+
- examples$
40+
formatters:
41+
enable:
42+
- gofmt
43+
- gofumpt
44+
- goimports
45+
exclusions:
46+
generated: lax
47+
paths:
48+
- third_party$
49+
- builtin$
50+
- examples$

secure.go

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,8 @@ type Config struct {
4242
// ContentSecurityPolicy allows the Content-Security-Policy header value
4343
// to be set with a custom value. Default is "".
4444
ContentSecurityPolicy string
45-
// HTTP header "Referrer-Policy" governs which referrer information, sent in the Referrer header, should be included with requests made.
45+
// HTTP header "Referrer-Policy" governs which referrer information, sent in the Referrer header,
46+
// should be included with requests made.
4647
ReferrerPolicy string
4748
// When true, the whole security policy applied by the middleware is disabled completely.
4849
IsDevelopment bool
@@ -57,8 +58,10 @@ type Config struct {
5758
// to succeed.
5859
DontRedirectIPV4Hostnames bool
5960

60-
// If the request is insecure, treat it as secure if any of the headers in this dict are set to their corresponding value
61-
// This is useful when your app is running behind a secure proxy that forwards requests to your app over http (such as on Heroku).
61+
// If the request is insecure, treat it as secure if any of the headers
62+
// in this dict are set to their corresponding value.
63+
// This is useful when your app is running behind a secure proxy that forwards requests to your app over http
64+
// (such as on Heroku).
6265
SSLProxyHeaders map[string]string
6366
}
6467

secure_test.go

Lines changed: 18 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
package secure
22

33
import (
4+
"context"
45
"net/http"
56
"net/http/httptest"
67
"testing"
@@ -11,12 +12,10 @@ import (
1112

1213
const (
1314
testResponse = "bar"
15+
exampleHost = "www.example.com"
16+
httpScheme = "http"
1417
)
1518

16-
func init() {
17-
gin.SetMode(gin.TestMode)
18-
}
19-
2019
func newServer(options Config) *gin.Engine {
2120
router := gin.New()
2221
router.Use(New(options))
@@ -28,7 +27,7 @@ func newServer(options Config) *gin.Engine {
2827

2928
func performRequest(router *gin.Engine, path string) *httptest.ResponseRecorder {
3029
w := httptest.NewRecorder()
31-
req, _ := http.NewRequest("GET", path, nil)
30+
req, _ := http.NewRequestWithContext(context.Background(), "GET", path, nil)
3231
router.ServeHTTP(w, req)
3332
return w
3433
}
@@ -47,12 +46,12 @@ func TestNoConfig(t *testing.T) {
4746
func TestDefaultConfig(t *testing.T) {
4847
router := newServer(DefaultConfig())
4948

50-
w := performRequest(router, "https://www.example.com/foo")
49+
w := performRequest(router, "https://"+exampleHost+"/foo")
5150

5251
assert.Equal(t, http.StatusOK, w.Code)
5352
assert.Equal(t, "bar", w.Body.String())
5453

55-
w = performRequest(router, "http://www.example.com/foo")
54+
w = performRequest(router, "http://"+exampleHost+"/foo")
5655

5756
assert.Equal(t, http.StatusMovedPermanently, w.Code)
5857
assert.Equal(t, "https://www.example.com/foo", w.Header().Get("Location"))
@@ -63,18 +62,18 @@ func TestNoAllowHosts(t *testing.T) {
6362
AllowedHosts: []string{},
6463
})
6564

66-
w := performRequest(router, "http://www.example.com/foo")
65+
w := performRequest(router, "http://"+exampleHost+"/foo")
6766

6867
assert.Equal(t, http.StatusOK, w.Code)
6968
assert.Equal(t, "bar", w.Body.String())
7069
}
7170

7271
func TestGoodSingleAllowHosts(t *testing.T) {
7372
router := newServer(Config{
74-
AllowedHosts: []string{"www.example.com"},
73+
AllowedHosts: []string{exampleHost},
7574
})
7675

77-
w := performRequest(router, "http://www.example.com/foo")
76+
w := performRequest(router, "http://"+exampleHost+"/foo")
7877

7978
assert.Equal(t, http.StatusOK, w.Code)
8079
assert.Equal(t, "bar", w.Body.String())
@@ -92,7 +91,7 @@ func TestBadSingleAllowHosts(t *testing.T) {
9291

9392
func TestGoodMultipleAllowHosts(t *testing.T) {
9493
router := newServer(Config{
95-
AllowedHosts: []string{"www.example.com", "sub.example.com"},
94+
AllowedHosts: []string{exampleHost, "sub.example.com"},
9695
})
9796

9897
w := performRequest(router, "http://sub.example.com/foo")
@@ -179,7 +178,7 @@ func TestDontRedirectIPV4Hostnames(t *testing.T) {
179178
DontRedirectIPV4Hostnames: true,
180179
})
181180

182-
w1 := performRequest(router, "http://www.example.com/foo")
181+
w1 := performRequest(router, "http://"+exampleHost+"/foo")
183182
assert.Equal(t, http.StatusMovedPermanently, w1.Code)
184183

185184
w2 := performRequest(router, "http://127.0.0.1/foo")
@@ -192,7 +191,7 @@ func TestBasicSSLWithHost(t *testing.T) {
192191
SSLHost: "secure.example.com",
193192
})
194193

195-
w := performRequest(router, "http://www.example.com/foo")
194+
w := performRequest(router, "http://"+exampleHost+"/foo")
196195

197196
assert.Equal(t, http.StatusMovedPermanently, w.Code)
198197
assert.Equal(t, "https://secure.example.com/foo", w.Header().Get("Location"))
@@ -204,9 +203,9 @@ func TestBadProxySSL(t *testing.T) {
204203
})
205204

206205
w := httptest.NewRecorder()
207-
req, _ := http.NewRequest("GET", "/foo", nil)
208-
req.Host = "www.example.com"
209-
req.URL.Scheme = "http"
206+
req, _ := http.NewRequestWithContext(context.Background(), "GET", "/foo", nil)
207+
req.Host = exampleHost
208+
req.URL.Scheme = httpScheme
210209
req.Header.Add("X-Forwarded-Proto", "https")
211210

212211
router.ServeHTTP(w, req)
@@ -222,8 +221,8 @@ func TestProxySSLWithHeaderOption(t *testing.T) {
222221
})
223222

224223
w := httptest.NewRecorder()
225-
req, _ := http.NewRequest("GET", "/foo", nil)
226-
req.Host = "www.example.com"
224+
req, _ := http.NewRequestWithContext(context.Background(), "GET", "/foo", nil)
225+
req.Host = exampleHost
227226
req.URL.Scheme = "http"
228227
req.Header.Add("X-Arbitrary-Header", "arbitrary-value")
229228

@@ -239,7 +238,7 @@ func TestProxySSLWithWrongHeaderValue(t *testing.T) {
239238
})
240239

241240
w := httptest.NewRecorder()
242-
req, _ := http.NewRequest("GET", "/foo", nil)
241+
req, _ := http.NewRequestWithContext(context.Background(), "GET", "/foo", nil)
243242
req.Host = "www.example.com"
244243
req.URL.Scheme = "http"
245244
req.Header.Add("X-Arbitrary-Header", "wrong-value")

0 commit comments

Comments
 (0)