[tests] Add path traversal check with $HTTP['url']

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2777 152afb58-edef-0310-8abb-c4023f1b3aa9

1 files changed, 17 insertions, 1 deletions

diff --git a/tests/core-condition.t b/tests/core-condition.t
index 53919a15..39b24e37 100755
--- a/tests/core-condition.t
+++ b/tests/core-condition.t
@@ -8,7 +8,7 @@ BEGIN {
 
 use strict;
 use IO::Socket;
-use Test::More tests => 17;
+use Test::More tests => 19;
 use LightyTest;
 
 my $tf = LightyTest->new();
@@ -49,6 +49,22 @@ EOF
 $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_5" } ];
 ok($tf->handle_http($t) == 0, 'nesting');
 
+$t->{REQUEST}  = ( <<EOF
+GET /subdir/index.html HTTP/1.0
+Host: test4.example.org
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_7" } ];
+ok($tf->handle_http($t) == 0, 'url subdir');
+
+$t->{REQUEST}  = ( <<EOF
+GET /subdir/../css/index.html HTTP/1.0
+Host: test4.example.org
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_6" } ];
+ok($tf->handle_http($t) == 0, 'url subdir with path traversal');
+
 ok($tf->stop_proc == 0, "Stopping lighttpd");
 
 $tf->{CONFIGFILE} = 'lighttpd.conf';