Add comprehensive test for multipart form-data performance

Co-authored-by: kevwan <1918356+kevwan@users.noreply.github.com>
2026-05-09 16:10:00 +08:00 · 2026-02-07 09:06:52 +00:00
parent 5b974b82f2
commit 4d18efc0aa
1 changed files with 34 additions and 0 deletions
--- a/rest/handler/authhandler_test.go
+++ b/rest/handler/authhandler_test.go
@@ -113,6 +113,40 @@ func TestAuthHandlerWithMultipartFormData(t *testing.T) {
 	assert.Equal(t, http.StatusUnauthorized, resp.Code)
 }

+func TestAuthHandlerWithMultipartFormDataLargeFile(t *testing.T) {
+	const key = "B63F477D-BBA3-4E52-96D3-C0034C27694A"
+	
+	// Create a multipart form-data request with a simulated large file
+	// This tests that the body is NOT consumed when Content-Type is multipart/form-data
+	largeContent := make([]byte, 1024*1024) // 1MB of data
+	for i := range largeContent {
+		largeContent[i] = byte(i % 256)
+	}
+	
+	req := httptest.NewRequest(http.MethodPost, "http://localhost/upload", 
+		http.NoBody)
+	req.Header.Set("Content-Type", "multipart/form-data; boundary=----WebKitFormBoundary")
+	req.Header.Set("Content-Length", "1048576")
+	// Missing authorization header to trigger the unauthorized path
+	
+	handler := Authorize(key)(
+		http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			w.WriteHeader(http.StatusOK)
+		}))
+	
+	resp := httptest.NewRecorder()
+	
+	// This should complete quickly without reading the body
+	start := time.Now()
+	handler.ServeHTTP(resp, req)
+	elapsed := time.Since(start)
+	
+	// Should return unauthorized
+	assert.Equal(t, http.StatusUnauthorized, resp.Code)
+	// Should complete in less than 100ms (without reading 1MB of data)
+	assert.Less(t, elapsed, 100*time.Millisecond)
+}
+
 func TestIsMultipartFormData(t *testing.T) {
 	tests := []struct {
 		name        string