diff options
Diffstat (limited to 't/basic.t')
| -rw-r--r-- | t/basic.t | 56 |
1 files changed, 37 insertions, 19 deletions
@@ -5,7 +5,7 @@ use Apache::Test; use Apache::TestUtil; use Apache::TestRequest qw/GET_BODY/; -plan tests => 5; +plan tests => 7; my $head; # expected page header my $foot; # expected page footer @@ -13,55 +13,73 @@ my @body; # sections of page body # Read contents of header and footer -open my $h, '<', 't/htdocs/head.html' or die "Could not open < head.html: $!"; -open my $f, '<', 't/htdocs/foot.html' or die "Could not open < foot.html: $!"; +open my $h, '<', 't/htdocs/head.html' + or die "Could not open < t/htdocs/head.html: $!"; +open my $f, '<', 't/htdocs/foot.html' + or die "Could not open < t/htdocs/foot.html: $!"; $head = do { local $/; <$h> }; $foot = do { local $/; <$f> }; close $h; close $f; -# Set up helpers +# Helper for replacing file contents -sub set_conf { - open my $c, '>', 't/htdocs/.htaccess' or die; - print $c shift; - close $c; -} -sub set_body { - open my $b, '>', 't/htdocs/test.html' or die; - print $b join('', @_); - close $b; +sub set { + my $file = shift; + open my $fh, '>', $file or die "Could not open > $file: $!"; + print $fh join('', @_); + close $fh; } # Run tests -set_conf <<CONF; +set 't/htdocs/.htaccess', <<CONF; Inject head.html foot.html CONF +set 't/htdocs/subdir/.htaccess', <<CONF; +Inject head.html +CONF + @body = ("<title>Test</title>\n", "This is a test page.\n"); -set_body @body; +set 't/htdocs/test.html', @body; ok GET_BODY('/test.html'), "${body[0]}$head${body[1]}$foot", '<head>-less head'; @body = ("<head>...</head>\n", "This is a test page.\n"); -set_body @body; +set 't/htdocs/test.html', @body; ok GET_BODY('/test.html'), "${body[0]}$head${body[1]}$foot", '<head>-ful head'; @body = ("<html>\n", "This is a test page.\n", "</html>\n"); -set_body @body; +set 't/htdocs/test.html', @body; ok GET_BODY('/test.html'), "${body[0]}$head${body[1]}$foot${body[2]}", '<html>-wrapped document'; @body = ("<!doctype html>\n", "This is a test page.\n"); -set_body @body; +set 't/htdocs/test.html', @body; ok GET_BODY('/test.html'), "${body[0]}$head${body[1]}$foot", '<!doctype>'; @body = ("\n<!doctype html>\n", "This is a test page.\n"); -set_body @body; +set 't/htdocs/test.html', @body; ok GET_BODY('/test.html'), "${body[0]}$head${body[1]}$foot", '<!doctype> with leading newline'; +@body = ("This is a test page.\n"); +set 't/htdocs/subdir/test.html', @body; +ok GET_BODY('/subdir/test.html'), "$head${body[0]}", + 'different injection in subdirectory'; + +set 't/htdocs/subdir/.htaccess', <<CONF; +Inject " " +CONF + +set 't/htdocs/ ', 'head'; # needed in case " " is (incorrectly) accepted +ok GET_BODY('/subdir/test.html') eq "head${body[0]}" && 1 || 0, 0, + 'single-space argument should fail'; + unlink 't/htdocs/.htaccess'; unlink 't/htdocs/test.html'; +unlink 't/htdocs/subdir/.htaccess'; +unlink 't/htdocs/subdir/test.html'; +unlink 't/htdocs/ '; |