miroir/crates/miroir-core
jedarden 3a61c94d25 test(miroir-proxy): add P10.6 CSRF posture acceptance tests (§9)
Add comprehensive acceptance tests for CSRF posture implementation:

- Cookie-auth POST without X-CSRF-Token → 403 missing_csrf
- Cookie-auth POST with wrong token → 403 csrf_mismatch
- Bearer-auth POST bypasses CSRF (plan §9)
- X-Admin-Key header bypasses CSRF
- Origin validation (same-origin, specific, wildcard, referer fallback)
- CSRF token generation and extraction
- CSP header builder merges overrides additively
- CSP config validation rejects wildcard in overrides
- CSRF middleware skips safe methods (GET, HEAD, OPTIONS)
- CSRF middleware skips non-admin paths
- CSRF middleware skips dispatch-exempt endpoints
- Admin session cookie extraction
- Cross-pod session seal verification (mismatch and match)

All 20 tests pass, validating the CSRF posture implementation
required for Admin UI and Search UI session endpoints.

Closes: miroir-46p.6

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-24 23:28:58 -04:00
..
benches fix(tests): add missing vector_config field and fix test compilation 2026-05-24 20:45:02 -04:00
migrations P6.4: Mode B leader-only singleton coordinator (plan §14.5) 2026-05-23 05:21:16 -04:00
proptest-regressions feat(tests): add property tests and fuzz targets for router, config, and parsers (plan §8, P9.6) 2026-05-24 11:41:48 -04:00
src test(miroir-proxy): add P10.6 CSRF posture acceptance tests (§9) 2026-05-24 23:28:58 -04:00
tests fix(hedging): implement proper timeout-based hedging for p95 latency 2026-05-24 23:12:09 -04:00
Cargo.toml feat(cdc): implement Kafka sink for CDC events (P5.13.c) 2026-05-24 13:41:40 -04:00
proptest.toml P1.6: Verify property tests and benchmarks for router 2026-05-23 10:21:56 -04:00