aboutsummaryrefslogtreecommitdiffstats
path: root/web
diff options
context:
space:
mode:
Diffstat (limited to 'web')
-rw-r--r--web/auth_test.go10
-rw-r--r--web/frontend.go2
-rw-r--r--web/web.go20
-rw-r--r--web/web_test.go88
4 files changed, 60 insertions, 60 deletions
diff --git a/web/auth_test.go b/web/auth_test.go
index 6f319b9..847d32d 100644
--- a/web/auth_test.go
+++ b/web/auth_test.go
@@ -36,7 +36,7 @@ func TestAuthenticationNoPassword(t *testing.T) {
wrappedHandler.ServeHTTP(rr, req)
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200 OK when no password is set, got %d", rr.Code)
+ t.Errorf("Expected %d OK when no password is set, got %d", http.StatusOK, rr.Code)
}
body := rr.Body.String()
@@ -72,7 +72,7 @@ func TestAuthenticationWithPassword(t *testing.T) {
wrappedHandler.ServeHTTP(rr, req)
if rr.Code != http.StatusTemporaryRedirect {
- t.Errorf("Expected 307 redirect when not authenticated, got %d", rr.Code)
+ t.Errorf("Expected %d redirect when not authenticated, got %d", http.StatusTemporaryRedirect, rr.Code)
}
location := rr.Header().Get("Location")
@@ -125,7 +125,7 @@ func TestAuthenticationWithValidCookie(t *testing.T) {
wrappedHandler.ServeHTTP(rr, req)
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200 OK with valid auth cookie, got %d", rr.Code)
+ t.Errorf("Expected %d OK with valid auth cookie, got %d", http.StatusOK, rr.Code)
}
}
@@ -145,7 +145,7 @@ func TestApiLoginNoPassword(t *testing.T) {
// Should succeed with any password (or empty) when no password is configured
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200 OK for API login with no password configured, got %d", rr.Code)
+ t.Errorf("Expected %d OK for API login with no password configured, got %d", http.StatusOK, rr.Code)
}
}
@@ -164,7 +164,7 @@ func TestApiAuthStatusNoPassword(t *testing.T) {
// Should return authenticated:true when no password is set
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200 OK for auth status with no password, got %d", rr.Code)
+ t.Errorf("Expected %d OK for auth status with no password, got %d", http.StatusOK, rr.Code)
}
body := rr.Body.String()
diff --git a/web/frontend.go b/web/frontend.go
index 6961ec0..d77c974 100644
--- a/web/frontend.go
+++ b/web/frontend.go
@@ -41,7 +41,7 @@ func ServeFrontend(w http.ResponseWriter, r *http.Request) {
return
}
}
- defer f.Close()
+ defer func() { _ = f.Close() }()
d, err := f.Stat()
if err != nil {
diff --git a/web/web.go b/web/web.go
index b1a95d1..1f1bd62 100644
--- a/web/web.go
+++ b/web/web.go
@@ -98,7 +98,7 @@ func imageProxyHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("ETag", string(decodedURL))
w.Header().Set("Cache-Control", "public")
w.Header().Set("Expires", time.Now().Add(48*time.Hour).Format(time.RFC1123))
- w.Write(bts)
+ _, _ = w.Write(bts)
}
var AuthCookie = "auth"
@@ -126,7 +126,7 @@ func loginHandler(w http.ResponseWriter, r *http.Request) {
func logoutHandler(w http.ResponseWriter, r *http.Request) {
c := http.Cookie{Name: AuthCookie, MaxAge: 0, Path: "/", HttpOnly: true}
http.SetCookie(w, &c)
- fmt.Fprintf(w, "you are logged out")
+ _, _ = fmt.Fprintf(w, "you are logged out")
}
func Authenticated(r *http.Request) bool {
@@ -170,7 +170,7 @@ func serveBoxedFile(w http.ResponseWriter, r *http.Request, filename string) {
http.Error(w, "file not found", http.StatusNotFound)
return
}
- defer f.Close()
+ defer func() { _ = f.Close() }()
fi, _ := f.Stat()
http.ServeContent(w, r, filename, fi.ModTime(), f.(io.ReadSeeker))
@@ -188,7 +188,7 @@ func apiLoginHandler(w http.ResponseWriter, r *http.Request) {
c := http.Cookie{Name: AuthCookie, Value: "noauth", Path: "/", MaxAge: SecondsInAYear, HttpOnly: true}
http.SetCookie(w, &c)
w.Header().Set("Content-Type", "application/json")
- fmt.Fprintf(w, `{"status":"ok"}`)
+ _, _ = fmt.Fprintf(w, `{"status":"ok"}`)
return
}
@@ -200,7 +200,7 @@ func apiLoginHandler(w http.ResponseWriter, r *http.Request) {
c := http.Cookie{Name: AuthCookie, Value: string(v), Path: "/", MaxAge: SecondsInAYear, HttpOnly: true}
http.SetCookie(w, &c)
w.Header().Set("Content-Type", "application/json")
- fmt.Fprintf(w, `{"status":"ok"}`)
+ _, _ = fmt.Fprintf(w, `{"status":"ok"}`)
} else {
http.Error(w, `{"status":"error", "message":"bad login"}`, http.StatusUnauthorized)
}
@@ -209,10 +209,10 @@ func apiLoginHandler(w http.ResponseWriter, r *http.Request) {
func apiAuthStatusHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
if Authenticated(r) {
- fmt.Fprintf(w, `{"status":"ok", "authenticated":true}`)
+ _, _ = fmt.Fprintf(w, `{"status":"ok", "authenticated":true}`)
} else {
w.WriteHeader(http.StatusUnauthorized)
- fmt.Fprintf(w, `{"status":"error", "authenticated":false}`)
+ _, _ = fmt.Fprintf(w, `{"status":"error", "authenticated":false}`)
}
}
@@ -311,7 +311,7 @@ func (w *gzipWriter) WriteHeader(status int) {
func (w *gzipWriter) Flush() {
if w.gz != nil {
- w.gz.Flush()
+ _ = w.gz.Flush()
}
if f, ok := w.ResponseWriter.(http.Flusher); ok {
f.Flush()
@@ -338,7 +338,7 @@ func GzipMiddleware(next http.Handler) http.Handler {
gzw := &gzipWriter{ResponseWriter: w}
next.ServeHTTP(gzw, r)
if gzw.gz != nil {
- gzw.gz.Close()
+ _ = gzw.gz.Close()
gzPool.Put(gzw.gz)
}
})
@@ -348,7 +348,7 @@ func apiLogoutHandler(w http.ResponseWriter, r *http.Request) {
c := http.Cookie{Name: AuthCookie, Value: "", Path: "/", MaxAge: -1, HttpOnly: true}
http.SetCookie(w, &c)
w.Header().Set("Content-Type", "application/json")
- fmt.Fprintf(w, `{"status":"ok"}`)
+ _, _ = fmt.Fprintf(w, `{"status":"ok"}`)
}
func generateRandomToken(n int) string {
diff --git a/web/web_test.go b/web/web_test.go
index 3c5e3df..ad79581 100644
--- a/web/web_test.go
+++ b/web/web_test.go
@@ -101,7 +101,7 @@ func TestAuthWrapUnauthenticated(t *testing.T) {
handler.ServeHTTP(rr, req)
if rr.Code != http.StatusTemporaryRedirect {
- t.Errorf("Expected 307, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusTemporaryRedirect, rr.Code)
}
}
@@ -131,7 +131,7 @@ func TestLoginHandlerPostSuccess(t *testing.T) {
rr := httptest.NewRecorder()
loginHandler(rr, req)
if rr.Code != http.StatusTemporaryRedirect {
- t.Errorf("Expected 307, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusTemporaryRedirect, rr.Code)
}
}
@@ -142,7 +142,7 @@ func TestLoginHandlerPostFail(t *testing.T) {
rr := httptest.NewRecorder()
loginHandler(rr, req)
if rr.Code != http.StatusUnauthorized {
- t.Errorf("Expected 401, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusUnauthorized, rr.Code)
}
}
@@ -151,7 +151,7 @@ func TestLoginHandlerBadMethod(t *testing.T) {
rr := httptest.NewRecorder()
loginHandler(rr, req)
if rr.Code != http.StatusInternalServerError {
- t.Errorf("Expected 500, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusInternalServerError, rr.Code)
}
}
@@ -161,7 +161,7 @@ func TestLogoutHandler(t *testing.T) {
logoutHandler(rr, req)
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusOK, rr.Code)
}
cookies := rr.Result().Cookies()
found := false
@@ -189,7 +189,7 @@ func TestImageProxyHandlerIfNoneMatch(t *testing.T) {
rr := httptest.NewRecorder()
imageProxyHandler(rr, req)
if rr.Code != http.StatusNotModified {
- t.Errorf("Expected 304, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusNotModified, rr.Code)
}
}
@@ -206,14 +206,14 @@ func TestImageProxyHandlerEtag(t *testing.T) {
rr := httptest.NewRecorder()
imageProxyHandler(rr, req)
if rr.Code != http.StatusNotModified {
- t.Errorf("Expected 304, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusNotModified, rr.Code)
}
}
func TestImageProxyHandlerSuccess(t *testing.T) {
imgServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "image/jpeg")
- w.WriteHeader(200)
+ w.WriteHeader(http.StatusOK)
w.Write([]byte("fake-image-data"))
}))
defer imgServer.Close()
@@ -225,7 +225,7 @@ func TestImageProxyHandlerSuccess(t *testing.T) {
imageProxyHandler(rr, req)
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusOK, rr.Code)
}
if rr.Body.String() != "fake-image-data" {
t.Errorf("Expected image data, got %q", rr.Body.String())
@@ -239,7 +239,7 @@ func TestImageProxyHandlerBadRemote(t *testing.T) {
rr := httptest.NewRecorder()
imageProxyHandler(rr, req)
if rr.Code != http.StatusNotFound {
- t.Errorf("Expected 404, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusNotFound, rr.Code)
}
}
@@ -248,7 +248,7 @@ func TestImageProxyHandlerEmptyId(t *testing.T) {
rr := httptest.NewRecorder()
imageProxyHandler(rr, req)
if rr.Code != http.StatusNotFound {
- t.Errorf("Expected 404, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusNotFound, rr.Code)
}
}
@@ -257,7 +257,7 @@ func TestImageProxyHandlerBadBase64(t *testing.T) {
rr := httptest.NewRecorder()
imageProxyHandler(rr, req)
if rr.Code != http.StatusNotFound {
- t.Errorf("Expected 404, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusNotFound, rr.Code)
}
}
@@ -281,7 +281,7 @@ func TestApiMounting(t *testing.T) {
handler.ServeHTTP(rr, req)
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200 via API mount, got %d", rr.Code)
+ t.Errorf("Expected %d via API mount, got %d", http.StatusOK, rr.Code)
}
}
@@ -293,7 +293,7 @@ func TestIndexHandler(t *testing.T) {
indexHandler(rr, req)
if rr.Code != http.StatusOK && rr.Code != http.StatusNotFound {
- t.Errorf("Expected 200 or 404, got %d", rr.Code)
+ t.Errorf("Expected %d or %d, got %d", http.StatusOK, http.StatusNotFound, rr.Code)
}
}
@@ -305,7 +305,7 @@ func TestServeBoxedFile(t *testing.T) {
serveBoxedFile(rr, req, "style.css")
if rr.Code != http.StatusOK && rr.Code != http.StatusNotFound {
- t.Errorf("Expected 200 or 404, got %d", rr.Code)
+ t.Errorf("Expected %d or %d, got %d", http.StatusOK, http.StatusNotFound, rr.Code)
}
}
@@ -319,7 +319,7 @@ func TestAuthWrapHandlerUnauthenticated(t *testing.T) {
handler.ServeHTTP(rr, req)
if rr.Code != http.StatusTemporaryRedirect {
- t.Errorf("Expected 307 redirect, got %d", rr.Code)
+ t.Errorf("Expected %d redirect, got %d", http.StatusTemporaryRedirect, rr.Code)
}
}
@@ -330,7 +330,7 @@ func TestApiLoginHandlerSuccess(t *testing.T) {
rr := httptest.NewRecorder()
apiLoginHandler(rr, req)
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusOK, rr.Code)
}
body := rr.Body.String()
if body != `{"status":"ok"}` {
@@ -345,7 +345,7 @@ func TestApiLoginHandlerFail(t *testing.T) {
rr := httptest.NewRecorder()
apiLoginHandler(rr, req)
if rr.Code != http.StatusUnauthorized {
- t.Errorf("Expected 401, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusUnauthorized, rr.Code)
}
}
@@ -356,7 +356,7 @@ func TestApiAuthStatusHandlerAuthenticated(t *testing.T) {
rr := httptest.NewRecorder()
apiAuthStatusHandler(rr, req)
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusOK, rr.Code)
}
body := rr.Body.String()
if body != `{"status":"ok", "authenticated":true}` {
@@ -396,7 +396,7 @@ func TestApiAuthStatusHandlerUnauthenticated(t *testing.T) {
rr := httptest.NewRecorder()
apiAuthStatusHandler(rr, req)
if rr.Code != http.StatusUnauthorized {
- t.Errorf("Expected 401, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusUnauthorized, rr.Code)
}
body := rr.Body.String()
if body != `{"status":"error", "authenticated":false}` {
@@ -411,7 +411,7 @@ func TestLoginHandlerGet(t *testing.T) {
// should return login.html from rice box
if rr.Code != http.StatusOK && rr.Code != http.StatusNotFound {
- t.Errorf("Expected 200 or 404, got %d", rr.Code)
+ t.Errorf("Expected %d or %d, got %d", http.StatusOK, http.StatusNotFound, rr.Code)
}
}
@@ -474,7 +474,7 @@ func TestGzipCompression(t *testing.T) {
handler304.ServeHTTP(rr, req)
if rr.Code != http.StatusNotModified {
- t.Errorf("Expected 304, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusNotModified, rr.Code)
}
if rr.Header().Get("Content-Encoding") == "gzip" {
t.Error("Expected no Content-Encoding for 304 response")
@@ -494,7 +494,7 @@ func TestNewRouter(t *testing.T) {
// Should be unauthorized but the route should be found
if rr.Code != http.StatusUnauthorized {
- t.Errorf("Expected 401 for unauthorized /api/auth, got %d", rr.Code)
+ t.Errorf("Expected %d for unauthorized /api/auth, got %d", http.StatusUnauthorized, rr.Code)
}
}
@@ -509,7 +509,7 @@ func TestIndexHandlerRedirect(t *testing.T) {
// Should redirect to login since not authenticated
if rr.Code != http.StatusTemporaryRedirect {
- t.Errorf("Expected 307 redirect for unauthenticated root, got %d", rr.Code)
+ t.Errorf("Expected %d redirect for unauthenticated root, got %d", http.StatusTemporaryRedirect, rr.Code)
}
}
@@ -520,7 +520,7 @@ func TestServeFrontendEdgeCases(t *testing.T) {
handler := http.StripPrefix("/v2/", http.HandlerFunc(ServeFrontend))
handler.ServeHTTP(rr, req)
if rr.Code != http.StatusNotFound {
- t.Errorf("Expected 404 for missing asset, got %d", rr.Code)
+ t.Errorf("Expected %d for missing asset, got %d", http.StatusNotFound, rr.Code)
}
// 2. Missing file without extension should serve index.html (or 404 if index.html missing)
@@ -529,7 +529,7 @@ func TestServeFrontendEdgeCases(t *testing.T) {
handler.ServeHTTP(rr, req)
// We check for 200 or 404 depending on if index.html is in the box
if rr.Code != http.StatusOK && rr.Code != http.StatusNotFound {
- t.Errorf("Expected 200 or 404 for client route, got %d", rr.Code)
+ t.Errorf("Expected %d or %d, got %d", http.StatusOK, http.StatusNotFound, rr.Code)
}
}
@@ -545,10 +545,10 @@ func TestGzipMiddlewareStatusCodes(t *testing.T) {
handler.ServeHTTP(rr, req)
if rr.Code != http.StatusCreated {
- t.Errorf("Expected 201, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusCreated, rr.Code)
}
if rr.Header().Get("Content-Encoding") != "gzip" {
- t.Error("Expected gzip encoding even for 201 Created")
+ t.Error("Expected gzip encoding even for http.StatusCreated")
}
}
@@ -564,11 +564,11 @@ func TestGzipMiddlewareErrorStatus(t *testing.T) {
handler.ServeHTTP(rr, req)
if rr.Code != http.StatusNotFound {
- t.Errorf("Expected 404, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusNotFound, rr.Code)
}
// Currently we gzip anything compressible regardless of status
if rr.Header().Get("Content-Encoding") != "gzip" {
- t.Error("Expected gzip encoding even for 404 (current behavior)")
+ t.Error("Expected gzip encoding even for http.StatusNotFound (current behavior)")
}
}
@@ -616,7 +616,7 @@ func TestImageProxyHandlerMissingURL(t *testing.T) {
rr := httptest.NewRecorder()
imageProxyHandler(rr, req)
if rr.Code != http.StatusNotFound {
- t.Errorf("Expected 404, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusNotFound, rr.Code)
}
}
@@ -625,7 +625,7 @@ func TestImageProxyHandlerInvalidBase64(t *testing.T) {
rr := httptest.NewRecorder()
imageProxyHandler(rr, req)
if rr.Code != http.StatusNotFound {
- t.Errorf("Expected 404, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusNotFound, rr.Code)
}
}
@@ -635,7 +635,7 @@ func TestServeFrontendNotFound(t *testing.T) {
ServeFrontend(rr, req)
// Should fallback to index.html if it's not a dot-extension file
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200 (fallback to index.html), got %d", rr.Code)
+ t.Errorf("Expected %d (fallback to index.html), got %d", http.StatusOK, rr.Code)
}
}
@@ -649,7 +649,7 @@ func TestImageProxyHeaders(t *testing.T) {
rr := httptest.NewRecorder()
imageProxyHandler(rr, req)
if rr.Code != http.StatusNotModified {
- t.Errorf("Expected 304 for If-None-Match, got %d", rr.Code)
+ t.Errorf("Expected %d for If-None-Match, got %d", http.StatusNotModified, rr.Code)
}
// Test Etag
@@ -658,7 +658,7 @@ func TestImageProxyHeaders(t *testing.T) {
rr = httptest.NewRecorder()
imageProxyHandler(rr, req)
if rr.Code != http.StatusNotModified {
- t.Errorf("Expected 304 for Etag, got %d", rr.Code)
+ t.Errorf("Expected %d for Etag, got %d", http.StatusNotModified, rr.Code)
}
}
@@ -667,7 +667,7 @@ func TestServeFrontendAssetNotFound(t *testing.T) {
rr := httptest.NewRecorder()
ServeFrontend(rr, req)
if rr.Code != http.StatusNotFound {
- t.Errorf("Expected 404 for missing asset, got %d", rr.Code)
+ t.Errorf("Expected %d for missing asset, got %d", http.StatusNotFound, rr.Code)
}
}
@@ -676,7 +676,7 @@ func TestServeBoxedFileNotFound(t *testing.T) {
rr := httptest.NewRecorder()
serveBoxedFile(rr, req, "nonexistent")
if rr.Code != http.StatusNotFound {
- t.Errorf("Expected 404 for nonexistent file, got %d", rr.Code)
+ t.Errorf("Expected %d for nonexistent file, got %d", http.StatusNotFound, rr.Code)
}
}
@@ -689,7 +689,7 @@ func TestImageProxyHandlerHeaders(t *testing.T) {
rr := httptest.NewRecorder()
imageProxyHandler(rr, req)
if rr.Code != http.StatusNotModified {
- t.Errorf("Expected 304 for matching Etag, got %d", rr.Code)
+ t.Errorf("Expected %d for matching Etag, got %d", http.StatusNotModified, rr.Code)
}
}
@@ -707,8 +707,8 @@ func TestImageProxyHandlerRemoteError(t *testing.T) {
req := httptest.NewRequest("GET", "/"+id, nil)
rr := httptest.NewRecorder()
imageProxyHandler(rr, req)
- if rr.Code != 404 {
- t.Errorf("Expected 404 for remote error, got %d", rr.Code)
+ if rr.Code != http.StatusNotFound {
+ t.Errorf("Expected %d for remote error, got %d", http.StatusNotFound, rr.Code)
}
}
@@ -717,7 +717,7 @@ func TestApiLoginHandlerBadMethod(t *testing.T) {
rr := httptest.NewRecorder()
apiLoginHandler(rr, req)
if rr.Code != http.StatusMethodNotAllowed {
- t.Errorf("Expected 405, got %d", rr.Code)
+ t.Errorf("Expected %d, got %d", http.StatusMethodNotAllowed, rr.Code)
}
}
@@ -748,7 +748,7 @@ func TestCSRFMiddleware(t *testing.T) {
rr := httptest.NewRecorder()
handler.ServeHTTP(rr, req)
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200 for GET, got %d", rr.Code)
+ t.Errorf("Expected %d for GET, got %d", http.StatusOK, rr.Code)
}
cookies := rr.Result().Cookies()
var csrfCookie *http.Cookie
@@ -768,7 +768,7 @@ func TestCSRFMiddleware(t *testing.T) {
rr = httptest.NewRecorder()
handler.ServeHTTP(rr, req)
if rr.Code != http.StatusForbidden {
- t.Errorf("Expected 403 for POST without token, got %d", rr.Code)
+ t.Errorf("Expected %d for POST without token, got %d", http.StatusForbidden, rr.Code)
}
// Case 3: POST with valid token should succeed
@@ -778,7 +778,7 @@ func TestCSRFMiddleware(t *testing.T) {
rr = httptest.NewRecorder()
handler.ServeHTTP(rr, req)
if rr.Code != http.StatusOK {
- t.Errorf("Expected 200 for POST with valid token, got %d", rr.Code)
+ t.Errorf("Expected %d for POST with valid token, got %d", http.StatusOK, rr.Code)
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-02-25 16:09:32 +0000