From 3df8e78860d3a3d3cf95252bd2b4ad5fd53360cd Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 25 Dec 2014 23:51:43 +0100
Subject: tests: make sure CRLFs can't be used in URLs passed to proxy

Bug: http://curl.haxx.se/docs/adv_20150108B.html
---
 tests/data/Makefile.inc |  4 ++--
 tests/data/test1529     | 43 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 45 insertions(+), 2 deletions(-)
 create mode 100644 tests/data/test1529

(limited to 'tests/data')

diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
index 618c68223..6467ca0bb 100644
--- a/tests/data/Makefile.inc
+++ b/tests/data/Makefile.inc
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -151,7 +151,7 @@ test1516 \
 \
 test1520 \
 \
-test1525 test1526 test1527 test1528 \
+test1525 test1526 test1527 test1528 test1529 \
 \
 test1800 test1801 \
 \
diff --git a/tests/data/test1529 b/tests/data/test1529
new file mode 100644
index 000000000..33df26824
--- /dev/null
+++ b/tests/data/test1529
@@ -0,0 +1,43 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+HTTP proxy
+</keywords>
+</info>
+
+# Server-side
+<reply>
+<connect>
+HTTP/1.1 200 OK
+We-are: good
+
+</connect>
+
+</reply>
+# Client-side
+<client>
+<server>
+http
+http-proxy
+</server>
+<tool>
+lib1529
+</tool>
+ <name>
+HTTP request-injection in URL sent over proxy
+ </name>
+ <command>
+ "http://the.old.moo:%HTTPPORT/1529" %HOSTIP:%PROXYPORT
+</command>
+</client>
+
+# it should be detected and an error should be reported
+<verify>
+# 3 == CURLE_URL_MALFORMAT
+<errorcode>
+3
+</errorcode>
+</verify>
+</testcase>
-- 
cgit v1.2.3