Browse Source

[tests] Add path traversal check with $HTTP['url']

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2777 152afb58-edef-0310-8abb-c4023f1b3aa9
svn/tags/lighttpd-1.4.29
Stefan Bühler 11 years ago
parent
commit
1eef447d32
  1. 10
      tests/condition.conf
  2. 18
      tests/core-condition.t

10
tests/condition.conf

@ -57,3 +57,13 @@ else $HTTP["host"] == "test3.example.org" {
url.redirect = ("^" => "/match_5")
}
}
else $HTTP["host"] == "test4.example.org" {
server.document-root = env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/"
server.name = "test4.example.org"
url.redirect = ("^" => "/match_6")
$HTTP["url"] =~ "^/subdir/" {
url.redirect = ("^" => "/match_7")
}
}

18
tests/core-condition.t

@ -8,7 +8,7 @@ BEGIN {
use strict;
use IO::Socket;
use Test::More tests => 17;
use Test::More tests => 19;
use LightyTest;
my $tf = LightyTest->new();
@ -49,6 +49,22 @@ EOF
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_5" } ];
ok($tf->handle_http($t) == 0, 'nesting');
$t->{REQUEST} = ( <<EOF
GET /subdir/index.html HTTP/1.0
Host: test4.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_7" } ];
ok($tf->handle_http($t) == 0, 'url subdir');
$t->{REQUEST} = ( <<EOF
GET /subdir/../css/index.html HTTP/1.0
Host: test4.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 301, 'Location' => "/match_6" } ];
ok($tf->handle_http($t) == 0, 'url subdir with path traversal');
ok($tf->stop_proc == 0, "Stopping lighttpd");
$tf->{CONFIGFILE} = 'lighttpd.conf';

Loading…
Cancel
Save