diff options
author | Daniel Stenberg <daniel@haxx.se> | 2014-12-25 23:51:43 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2015-01-07 22:55:56 +0100 |
commit | 3df8e78860d3a3d3cf95252bd2b4ad5fd53360cd (patch) | |
tree | 2876435418df6605f02225daa1b498d51449c5ac /tests/data/test1529 | |
parent | 178bd7db34f77e020fb8562890c5625ccbd67093 (diff) |
tests: make sure CRLFs can't be used in URLs passed to proxy
Bug: http://curl.haxx.se/docs/adv_20150108B.html
Diffstat (limited to 'tests/data/test1529')
-rw-r--r-- | tests/data/test1529 | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/tests/data/test1529 b/tests/data/test1529 new file mode 100644 index 000000000..33df26824 --- /dev/null +++ b/tests/data/test1529 @@ -0,0 +1,43 @@ +<testcase> +<info> +<keywords> +HTTP +HTTP GET +HTTP proxy +</keywords> +</info> + +# Server-side +<reply> +<connect> +HTTP/1.1 200 OK
+We-are: good
+
+</connect> + +</reply> +# Client-side +<client> +<server> +http +http-proxy +</server> +<tool> +lib1529 +</tool> + <name> +HTTP request-injection in URL sent over proxy + </name> + <command> + "http://the.old.moo:%HTTPPORT/1529" %HOSTIP:%PROXYPORT +</command> +</client> + +# it should be detected and an error should be reported +<verify> +# 3 == CURLE_URL_MALFORMAT +<errorcode> +3 +</errorcode> +</verify> +</testcase> |