diff options
| author | Adam Mathes <adam@adammathes.com> | 2026-02-16 08:49:08 -0800 |
|---|---|---|
| committer | Adam Mathes <adam@adammathes.com> | 2026-02-16 08:49:08 -0800 |
| commit | 1f36ec29c83bf5826c90986e071705888c83036c (patch) | |
| tree | c2d0100ff3571fd1ed86ff7c184701e8bb48a069 /web/login_test.go | |
| parent | aee026b141532c11f8eb315ca77cc23f663901ae (diff) | |
| download | neko-1f36ec29c83bf5826c90986e071705888c83036c.tar.gz neko-1f36ec29c83bf5826c90986e071705888c83036c.tar.bz2 neko-1f36ec29c83bf5826c90986e071705888c83036c.zip | |
Fix v3 build process and CSRF login/logout exclusions
- Update Makefile to correctly build and copy frontend-vanilla (v3) assets
- Fix frontend-vanilla/vite.config.ts to build to its own dist directory
- Normalize CSRF check path and exclude /api/logout to fix v3 session clearing
- Include latest built assets for v3
Diffstat (limited to 'web/login_test.go')
| -rw-r--r-- | web/login_test.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/web/login_test.go b/web/login_test.go index b48e7bc..cd3cb01 100644 --- a/web/login_test.go +++ b/web/login_test.go @@ -51,8 +51,8 @@ func TestCSRFLoginExclusion(t *testing.T) { if rr.Code == http.StatusForbidden { t.Errorf("Expected /login/ POST to be allowed without CSRF token, got 403 Forbidden") } - if rr.Code != http.StatusTemporaryRedirect { - t.Errorf("Expected 307 Redirect on successful login, got %d", rr.Code) + if rr.Code != http.StatusSeeOther { + t.Errorf("Expected 303 Redirect on successful login, got %d", rr.Code) } // Test 2: POST /other without CSRF token |