summaryrefslogtreecommitdiff
path: root/tests/core-condition.t
diff options
context:
space:
mode:
authorStefan Bühler <stbuehler@web.de>2011-02-10 07:56:11 +0000
committerStefan Bühler <stbuehler@web.de>2011-02-10 07:56:11 +0000
commit1eef447d329f436aa5838954310121ae5928f95c (patch)
tree21dea48cb5d65a0a05ba369a5c41bc1e10c9753a /tests/core-condition.t
parentabf07f3a0288f32b02b203f95c3539bf4201ad75 (diff)
downloadlighttpd1.4-1eef447d329f436aa5838954310121ae5928f95c.tar.gz
lighttpd1.4-1eef447d329f436aa5838954310121ae5928f95c.zip
[tests] Add path traversal check with $HTTP['url']
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2777 152afb58-edef-0310-8abb-c4023f1b3aa9
Diffstat (limited to 'tests/core-condition.t')
-rwxr-xr-xtests/core-condition.t18
1 files changed, 17 insertions, 1 deletions
diff --git a/tests/core-condition.t b/tests/core-condition.t
index 53919a15..39b24e37 100755
--- a/tests/core-condition.t
+++ b/tests/core-condition.t
@@ -8,7 +8,7 @@ BEGIN {
use strict;
use IO::Socket;
-use Test::More tests => 17;
+use Test::More tests => 19;
use LightyTest;
my $tf = LightyTest->new();
@@ -49,6 +49,22 @@ EOF
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_5" } ];
ok($tf->handle_http($t) == 0, 'nesting');
+$t->{REQUEST} = ( <<EOF
+GET /subdir/index.html HTTP/1.0
+Host: test4.example.org
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_7" } ];
+ok($tf->handle_http($t) == 0, 'url subdir');
+
+$t->{REQUEST} = ( <<EOF
+GET /subdir/../css/index.html HTTP/1.0
+Host: test4.example.org
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_6" } ];
+ok($tf->handle_http($t) == 0, 'url subdir with path traversal');
+
ok($tf->stop_proc == 0, "Stopping lighttpd");
$tf->{CONFIGFILE} = 'lighttpd.conf';