From 36a497ed7b2fbd6e960ad02cacd4d234ab795f5b Mon Sep 17 00:00:00 2001
From: Your Name <your.email@example.com>
Date: Fri, 29 May 2026 20:13:56 +0800
Subject: [PATCH] test: expand responseheaders test coverage to 97.2%
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Add tests for:
- FilterHeaders with nil filter (uses default)
- CompileHeaderFilter with empty/whitespace strings
- WriteFilteredHeaders helper
- Multi-value header handling

Coverage: 77.8% → 97.2%
---
 .../responseheaders/responseheaders_test.go   | 69 +++++++++++++++++++
 1 file changed, 69 insertions(+)

diff --git a/internal/util/responseheaders/responseheaders_test.go b/internal/util/responseheaders/responseheaders_test.go
index 4d9b365..20168f2 100644
--- a/internal/util/responseheaders/responseheaders_test.go
+++ b/internal/util/responseheaders/responseheaders_test.go
@@ -65,3 +65,72 @@ func TestFilterHeadersEnabledUsesAllowlist(t *testing.T) {
 		t.Fatalf("expected X-Blocked removed, got %q", filtered.Get("X-Blocked"))
 	}
 }
+
+func TestFilterHeadersNilFilter(t *testing.T) {
+	src := http.Header{}
+	src.Add("Content-Type", "application/json")
+	src.Add("X-Request-Id", "req-123")
+	src.Add("X-Unknown", "unknown")
+
+	// nil filter should use default compiled filter
+	filtered := FilterHeaders(src, nil)
+	if filtered.Get("Content-Type") != "application/json" {
+		t.Fatalf("expected Content-Type allowed, got %q", filtered.Get("Content-Type"))
+	}
+	if filtered.Get("X-Request-Id") != "req-123" {
+		t.Fatalf("expected X-Request-Id allowed, got %q", filtered.Get("X-Request-Id"))
+	}
+	if filtered.Get("X-Unknown") != "" {
+		t.Fatalf("expected X-Unknown removed, got %q", filtered.Get("X-Unknown"))
+	}
+}
+
+func TestCompileHeaderFilterEmptyStrings(t *testing.T) {
+	cfg := config.ResponseHeaderConfig{
+		Enabled:           true,
+		AdditionalAllowed: []string{"", "  ", "valid"},
+		ForceRemove:       []string{"", "  "},
+	}
+
+	filter := CompileHeaderFilter(cfg)
+	if filter == nil {
+		t.Fatal("expected filter to be created")
+	}
+
+	// Empty strings should be filtered out
+	src := http.Header{}
+	src.Add("Valid", "value")
+	filtered := FilterHeaders(src, filter)
+	if filtered.Get("Valid") != "value" {
+		t.Fatalf("expected Valid header to pass through")
+	}
+}
+
+func TestWriteFilteredHeaders(t *testing.T) {
+	src := http.Header{}
+	src.Add("Content-Type", "application/json")
+	src.Add("X-Custom", "custom")
+
+	dst := http.Header{}
+	WriteFilteredHeaders(dst, src, nil)
+
+	if dst.Get("Content-Type") != "application/json" {
+		t.Fatalf("expected Content-Type written to dst")
+	}
+	if dst.Get("X-Custom") != "" {
+		t.Fatalf("expected X-Custom filtered out")
+	}
+}
+
+func TestFilterHeadersMultipleValues(t *testing.T) {
+	src := http.Header{}
+	src.Add("Content-Type", "application/json")
+	src.Add("Vary", "Accept")
+	src.Add("Vary", "Accept-Encoding")
+
+	filtered := FilterHeaders(src, nil)
+	varyValues := filtered["Vary"]
+	if len(varyValues) != 2 {
+		t.Fatalf("expected 2 Vary values, got %d", len(varyValues))
+	}
+}