| <testcase> |
| <info> |
| # This test is a copy of test 1231, modified to use a HTTP proxy. |
| <keywords> |
| HTTP |
| HTTP GET |
| HTTP proxy |
| dotdot removal |
| </keywords> |
| </info> |
| |
| # |
| # Server-side |
| <reply name="1"> |
| <data> |
| HTTP/1.1 200 OK |
| Content-Length: 6 |
| Connection: close |
| |
| -foo- |
| </data> |
| |
| <data1> |
| HTTP/1.1 200 OK |
| Content-Length: 7 |
| Connection: close |
| |
| -cool- |
| </data1> |
| </reply> |
| |
| # |
| # Client-side |
| <client> |
| <server> |
| http |
| </server> |
| <name> |
| HTTP URL with dotdot removal from path using an HTTP proxy |
| </name> |
| <command> |
| --proxy http://%HOSTIP:%HTTPPORT http://test.remote.haxx.se.1232:8990/../../hej/but/who/../1232?stupid=me/../1232#soo/../1232 http://test.remote.haxx.se.1232:8990/../../hej/but/who/../12320001#/../12320001 |
| </command> |
| </client> |
| |
| # |
| # Verify data after the test has been "shot" |
| <verify> |
| <strip> |
| ^User-Agent:.* |
| </strip> |
| <protocol> |
| GET http://test.remote.haxx.se.1232:8990/hej/but/1232?stupid=me/../1232 HTTP/1.1
|
| Host: test.remote.haxx.se.1232:8990
|
| Accept: */*
|
| Proxy-Connection: Keep-Alive
|
|
|
| GET http://test.remote.haxx.se.1232:8990/hej/but/12320001 HTTP/1.1
|
| Host: test.remote.haxx.se.1232:8990
|
| Accept: */*
|
| Proxy-Connection: Keep-Alive
|
|
|
| </protocol> |
| </verify> |
| </testcase> |