add testcase for injected header, removed executable sample

Author: gittiver

examples/CMakeLists.txt

@@ -7,10 +7,6 @@ add_executable(helloworld helloworld.cpp)
 add_warnings_optimizations(helloworld)
 target_link_libraries(helloworld PUBLIC Crow::Crow)
 
-add_executable(helloworld_inject helloworld_inject.cpp)
-add_warnings_optimizations(helloworld_inject)
-target_link_libraries(helloworld_inject PUBLIC Crow::Crow)
-
 # If compression is enabled, the example will be built
 if("compression" IN_LIST CROW_FEATURES)
   add_executable(example_compression example_compression.cpp)

examples/helloworld_inject.cpp

@@ -2796,3 +2796,35 @@ TEST_CASE("option_header_passed_in_full")
     CHECK(res.find(ServerName) != std::string::npos);
     app.stop();
 }
+
+
+TEST_CASE("inject_header_via_set_haeder")
+{
+    crow::SimpleApp app;
+
+    CROW_ROUTE(app, "/")
+    ([](const crow::request &req, crow::response &res) {
+        res.write("Hello, world!");
+        res.set_header("X-Custom", "safe\r\nInjected: yes");
+        res.add_header("X-Custom2", "safe\r\nInjected: yes");
+
+        res.end();
+        //return "Hello, world!";
+    });
+
+    app.validate();
+
+    auto _ = app.bindaddr(LOCALHOST_ADDRESS).port(45451).server_name("lol").run_async();
+    app.wait_for_server_start();
+
+    {
+        //
+        auto resp = HttpClient::request(LOCALHOST_ADDRESS, 45451,
+                                        "GET / HTTP/1.0\r\nHost: localhost\r\n\r\n");
+
+        CHECK(resp.find("\r\nInjected") == std::string::npos);
+    }
+
+    app.stop();
+}
+