CSRF protection using HMAC-signed state tokens (RFC 5869, RFC 2104)
fix(fuzz): fix test name prefixes to match module names (E725)
+5
-4
+5
-4
fuzz/fuzz_csrf.ml
+5
-4
fuzz/fuzz_csrf.ml
···
49
49
()
50
50
51
51
let () =
52
-
add_test ~name:"sign/verify roundtrip" [ bytes; bytes ] test_roundtrip;
53
-
add_test ~name:"wrong secret rejects" [ bytes; bytes; bytes ]
52
+
add_test ~name:"csrf: sign/verify roundtrip" [ bytes; bytes ] test_roundtrip;
53
+
add_test ~name:"csrf: wrong secret rejects" [ bytes; bytes; bytes ]
54
54
test_wrong_secret;
55
-
add_test ~name:"tampered signature rejects" [ bytes; bytes ]
55
+
add_test ~name:"csrf: tampered signature rejects" [ bytes; bytes ]
56
56
test_tampered_signature;
57
-
add_test ~name:"malformed input doesn't crash" [ bytes; bytes ] test_malformed
57
+
add_test ~name:"csrf: malformed input doesn't crash" [ bytes; bytes ]
58
+
test_malformed