1 <testcase> 2 <info> 3 # This test is a copy of test 1231, modified to use a HTTP proxy. 4 <keywords> 5 HTTP 6 HTTP GET 7 HTTP proxy 8 dotdot removal 9 </keywords> 10 </info> 11 12 # 13 # Server-side 14 <reply name="1"> 15 <data> 16 HTTP/1.1 200 OK 17 Content-Length: 6 18 Connection: close 19 20 -foo- 21 </data> 22 23 <data1> 24 HTTP/1.1 200 OK 25 Content-Length: 7 26 Connection: close 27 28 -cool- 29 </data1> 30 </reply> 31 32 # 33 # Client-side 34 <client> 35 <server> 36 http 37 </server> 38 <name> 39 HTTP URL with dotdot removal from path using an HTTP proxy 40 </name> 41 <command> 42 --proxy http://%HOSTIP:%HTTPPORT http://test.remote.haxx.se.1232:8990/../../hej/but/who/../1232?stupid=me/../1232#soo/../1232 http://test.remote.haxx.se.1232:8990/../../hej/but/who/../12320001#/../12320001 43 </command> 44 </client> 45 46 # 47 # Verify data after the test has been "shot" 48 <verify> 49 <strip> 50 ^User-Agent:.* 51 </strip> 52 <protocol> 53 GET http://test.remote.haxx.se.1232:8990/hej/but/1232?stupid=me/../1232 HTTP/1.1 54 Host: test.remote.haxx.se.1232:8990 55 Accept: */* 56 57 GET http://test.remote.haxx.se.1232:8990/hej/but/12320001 HTTP/1.1 58 Host: test.remote.haxx.se.1232:8990 59 Accept: */* 60 61 </protocol> 62 </verify> 63 </testcase> 64
