diff options
author | Stefan Bühler <stbuehler@web.de> | 2011-02-10 07:56:11 +0000 |
---|---|---|
committer | Stefan Bühler <stbuehler@web.de> | 2011-02-10 07:56:11 +0000 |
commit | 1eef447d329f436aa5838954310121ae5928f95c (patch) | |
tree | 21dea48cb5d65a0a05ba369a5c41bc1e10c9753a /tests/core-condition.t | |
parent | abf07f3a0288f32b02b203f95c3539bf4201ad75 (diff) | |
download | lighttpd-git-1eef447d329f436aa5838954310121ae5928f95c.tar.gz |
[tests] Add path traversal check with $HTTP['url']
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2777 152afb58-edef-0310-8abb-c4023f1b3aa9
Diffstat (limited to 'tests/core-condition.t')
-rwxr-xr-x | tests/core-condition.t | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/tests/core-condition.t b/tests/core-condition.t index 53919a15..39b24e37 100755 --- a/tests/core-condition.t +++ b/tests/core-condition.t @@ -8,7 +8,7 @@ BEGIN { use strict; use IO::Socket; -use Test::More tests => 17; +use Test::More tests => 19; use LightyTest; my $tf = LightyTest->new(); @@ -49,6 +49,22 @@ EOF $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_5" } ]; ok($tf->handle_http($t) == 0, 'nesting'); +$t->{REQUEST} = ( <<EOF +GET /subdir/index.html HTTP/1.0 +Host: test4.example.org +EOF + ); +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_7" } ]; +ok($tf->handle_http($t) == 0, 'url subdir'); + +$t->{REQUEST} = ( <<EOF +GET /subdir/../css/index.html HTTP/1.0 +Host: test4.example.org +EOF + ); +$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_6" } ]; +ok($tf->handle_http($t) == 0, 'url subdir with path traversal'); + ok($tf->stop_proc == 0, "Stopping lighttpd"); $tf->{CONFIGFILE} = 'lighttpd.conf'; |