Skip to content

Commit

Permalink
Fix function signature of NoClickjacking middleware
Browse files Browse the repository at this point in the history
  • Loading branch information
@markuswustenberg
markuswustenberg committed Feb 22, 2023
1 parent 032a8df commit 4ad7e7d
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 5 deletions.
2 changes: 1 addition & 1 deletion httph.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ type Middleware = func(next http.Handler) http.Handler
// NoClickjacking is Middleware which sets headers to disallow frame embedding and XSS protection for older browsers.
// See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
// See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
func NoClickjacking(next http.Handler) http.HandlerFunc {
func NoClickjacking(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("X-Frame-Options", "deny")
w.Header().Set("X-XSS-Protection", "1; mode=block")
Expand Down
6 changes: 2 additions & 4 deletions httph_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,10 +105,8 @@ func TestNoClickjacking(t *testing.T) {
req := httptest.NewRequest(http.MethodGet, "/", nil)
res := httptest.NewRecorder()

mux := http.NewServeMux()
mux.HandleFunc("/", httph.NoClickjacking(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})))

mux.ServeHTTP(res, req)
h := httph.NoClickjacking(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
h.ServeHTTP(res, req)

is.Equal(t, http.StatusOK, res.Result().StatusCode)
is.Equal(t, "deny", res.Result().Header.Get("X-Frame-Options"))
Expand Down

0 comments on commit 4ad7e7d

Please sign in to comment.