[tests] Add path traversal check with $HTTP['url']

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2777 152afb58-edef-0310-8abb-c4023f1b3aa9

2 files changed, 27 insertions, 1 deletions

diff --git a/tests/condition.conf b/tests/condition.conf
index a812c8a8..d1e88821 100644
--- a/tests/condition.conf
+++ b/tests/condition.conf
@@ -57,3 +57,13 @@ else $HTTP["host"] == "test3.example.org" {
     url.redirect = ("^" => "/match_5")
   }
 }
+
+else $HTTP["host"] == "test4.example.org" {
+  server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
+  server.name = "test4.example.org"
+  url.redirect = ("^" => "/match_6")
+
+  $HTTP["url"] =~ "^/subdir/" {
+    url.redirect = ("^" => "/match_7")
+  }
+}
diff --git a/tests/core-condition.t b/tests/core-condition.t
index 53919a15..39b24e37 100755
--- a/tests/core-condition.t
+++ b/tests/core-condition.t
@@ -8,7 +8,7 @@ BEGIN {
 
 use strict;
 use IO::Socket;
-use Test::More tests => 17;
+use Test::More tests => 19;
 use LightyTest;
 
 my $tf = LightyTest->new();
@@ -49,6 +49,22 @@ EOF
 $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_5" } ];
 ok($tf->handle_http($t) == 0, 'nesting');
 
+$t->{REQUEST}  = ( <<EOF
+GET /subdir/index.html HTTP/1.0
+Host: test4.example.org
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_7" } ];
+ok($tf->handle_http($t) == 0, 'url subdir');
+
+$t->{REQUEST}  = ( <<EOF
+GET /subdir/../css/index.html HTTP/1.0
+Host: test4.example.org
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_6" } ];
+ok($tf->handle_http($t) == 0, 'url subdir with path traversal');
+
 ok($tf->stop_proc == 0, "Stopping lighttpd");
 
 $tf->{CONFIGFILE} = 'lighttpd.conf';