/ go Public
net/http/httptest: make it possible to use a Server (TLS or not) to test cookies #31054
FeatureRequest help wanted NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
httptest.NewTLSServer uses a cert that is not valid for localhost
What version of Go are you using (
Does this issue reproduce with the latest release?
What operating system and processor architecture are you using (
What did you do?
I'm trying to test something that involves cookies that set the
Domainattribute. As discussed in #12610,
*net/http/cookiejar.Jarwon't return cookies for an IP (as per the relevant RFCs).
(*httptest.Server).URLhas the host set to an IP address (defaults to
To do the test I needed, I spun up an
httptest.NewTLSServer(...), replaced the IP in
localhostand attempted to send a request to it with
What did you expect to see?
I expected the
httptest.NewTLSServer(...)to use a TLS cert that could be valid for
localhost, as well as the loopback IP addresses.
I expected to be able to successfully make an HTTPS request to
localhostat the correct port that the
*httptest.Serverwas listening on by using
What did you see instead?
x509: certificate is valid for example.com, not localhost
For completeness, I'm including the suite of tests showing the different behaviors with
*cookiejar.Jarand the various combinations of
*httptest.Server. The problematic test here is
TestCookies/tls/localhost/default_cert(line 174). The test at line 185 shows that the original issue with cookies is resolved if I send requests to
localhostwith a cert valid for that hostname.
I attempted to have a conversation about the hosts included in the cert used by
httptest.NewTLSServer()in the golang-nuts group, but it went nowhere.
The text was updated successfully, but these errors were encountered: