1 <testcase> 2 <info> 3 # verify that dotdot removal can be disabled! 4 <keywords> 5 HTTP 6 HTTP GET 7 HTTP proxy 8 </keywords> 9 </info> 10 11 # 12 # Server-side 13 <reply> 14 <data> 15 HTTP/1.1 200 OK 16 Content-Length: 6 17 Connection: close 18 19 -foo- 20 </data> 21 22 <data1> 23 HTTP/1.1 200 OK 24 Content-Length: 7 25 Connection: close 26 27 -cool- 28 </data1> 29 </reply> 30 31 # 32 # Client-side 33 <client> 34 <server> 35 http 36 </server> 37 <name> 38 HTTP _without_ dotdot removal 39 </name> 40 <command> 41 --path-as-is --proxy http://%HOSTIP:%HTTPPORT http://test.remote.haxx.se.1241:8990/../../hej/but/who/../1241?stupid=me/../1241#soo/../1241 http://test.remote.haxx.se.1241:8990/../../hej/but/who/../12410001#/../12410001 42 </command> 43 </client> 44 45 # 46 # Verify data after the test has been "shot" 47 <verify> 48 <strip> 49 ^User-Agent:.* 50 </strip> 51 <protocol> 52 GET http://test.remote.haxx.se.1241:8990/../../hej/but/who/../1241?stupid=me/../1241 HTTP/1.1 53 Host: test.remote.haxx.se.1241:8990 54 Accept: */* 55 Proxy-Connection: Keep-Alive 56 57 GET http://test.remote.haxx.se.1241:8990/../../hej/but/who/../12410001 HTTP/1.1 58 Host: test.remote.haxx.se.1241:8990 59 Accept: */* 60 Proxy-Connection: Keep-Alive 61 62 </protocol> 63 </verify> 64 </testcase> 65
