048ed061c2
实现 allow_insecure_http 并在关闭校验时执行最小格式验证 - 关闭 allowlist 时要求 URL 可解析且 scheme 合规 - 响应头过滤关闭时使用默认白名单策略 - 更新相关文档、示例与测试覆盖
25 lines
857 B
Go
25 lines
857 B
Go
package urlvalidator
|
|
|
|
import "testing"
|
|
|
|
func TestValidateURLFormat(t *testing.T) {
|
|
if _, err := ValidateURLFormat("", false); err == nil {
|
|
t.Fatalf("expected empty url to fail")
|
|
}
|
|
if _, err := ValidateURLFormat("://bad", false); err == nil {
|
|
t.Fatalf("expected invalid url to fail")
|
|
}
|
|
if _, err := ValidateURLFormat("http://example.com", false); err == nil {
|
|
t.Fatalf("expected http to fail when allow_insecure_http is false")
|
|
}
|
|
if _, err := ValidateURLFormat("https://example.com", false); err != nil {
|
|
t.Fatalf("expected https to pass, got %v", err)
|
|
}
|
|
if _, err := ValidateURLFormat("http://example.com", true); err != nil {
|
|
t.Fatalf("expected http to pass when allow_insecure_http is true, got %v", err)
|
|
}
|
|
if _, err := ValidateURLFormat("https://example.com:bad", true); err == nil {
|
|
t.Fatalf("expected invalid port to fail")
|
|
}
|
|
}
|