From e062043433381fa5fd2f90b2fcc9dc912dbb79f6 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 16 Oct 2019 09:57:33 +0200 Subject: url: normalize CURLINFO_EFFECTIVE_URL The URL extracted with CURLINFO_EFFECTIVE_URL was returned as given as input in most cases, which made it not get a scheme prefixed like before if the URL was given without one, and it didn't remove dotdot sequences etc. Added test case 1907 to verify that this now works as intended and as before 7.62.0. Regression introduced in 7.62.0 Reported-by: Christophe Dervieux Fixes #4491 Closes #4493 --- tests/data/Makefile.inc | 2 +- tests/data/test1907 | 53 +++++++++++++++++++++++++++++++++++++++++++++ tests/libtest/Makefile.inc | 6 +++++- tests/libtest/lib1907.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 113 insertions(+), 2 deletions(-) create mode 100644 tests/data/test1907 create mode 100644 tests/libtest/lib1907.c (limited to 'tests') diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index f082cc46a..ba6dfcf73 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -190,7 +190,7 @@ test1700 test1701 test1702 \ \ test1800 test1801 \ \ -test1900 test1901 test1902 test1903 test1904 test1905 test1906 \ +test1900 test1901 test1902 test1903 test1904 test1905 test1906 test1907 \ \ test2000 test2001 test2002 test2003 test2004 test2005 test2006 test2007 \ test2008 test2009 test2010 test2011 test2012 test2013 test2014 test2015 \ diff --git a/tests/data/test1907 b/tests/data/test1907 new file mode 100644 index 000000000..93f37051e --- /dev/null +++ b/tests/data/test1907 @@ -0,0 +1,53 @@ + + + +CURLINFO_EFFECTIVE_URL + + + +# Server-side + + +HTTP/1.1 200 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Funny-head: yesyes swsclose +Content-Length: 0 + + + + +# Client-side + + +http + + +CURLINFO_EFFECTIVE_URL with non-scheme URL + + +lib1907 + + + +%HOSTIP:%HTTPPORT/hello/../1907 + + + +# Verify data after the test has been "shot" + + +^User-Agent:.* + + +GET /1907 HTTP/1.1 +Host: %HOSTIP:%HTTPPORT +Accept: */* + + + +Effective URL: http://%HOSTIP:%HTTPPORT/1907 + + + diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index 3297b665a..9ba72d7de 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -33,7 +33,7 @@ noinst_PROGRAMS = chkhostname libauthretry libntlmconnect \ lib1550 lib1551 lib1552 lib1553 lib1554 lib1555 lib1556 lib1557 \ lib1558 lib1559 lib1560 \ lib1591 lib1592 lib1593 lib1594 lib1596 \ - lib1900 lib1905 lib1906 \ + lib1900 lib1905 lib1906 lib1907 \ lib2033 chkdecimalpoint_SOURCES = chkdecimalpoint.c ../../lib/mprintf.c \ @@ -566,6 +566,10 @@ lib1906_SOURCES = lib1906.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib1906_LDADD = $(TESTUTIL_LIBS) lib1906_CPPFLAGS = $(AM_CPPFLAGS) +lib1907_SOURCES = lib1907.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) +lib1907_LDADD = $(TESTUTIL_LIBS) +lib1907_CPPFLAGS = $(AM_CPPFLAGS) + lib2033_SOURCES = libntlmconnect.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib2033_LDADD = $(TESTUTIL_LIBS) lib2033_CPPFLAGS = $(AM_CPPFLAGS) -DUSE_PIPELINING diff --git a/tests/libtest/lib1907.c b/tests/libtest/lib1907.c new file mode 100644 index 000000000..2d9465aee --- /dev/null +++ b/tests/libtest/lib1907.c @@ -0,0 +1,54 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2019, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ +#include "test.h" + +#include "testutil.h" +#include "warnless.h" +#include "memdebug.h" + +int test(char *URL) +{ + char *url_after; + CURL *curl; + CURLcode curl_code; + char error_buffer[CURL_ERROR_SIZE] = ""; + + curl_global_init(CURL_GLOBAL_DEFAULT); + curl = curl_easy_init(); + curl_easy_setopt(curl, CURLOPT_URL, URL); + curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, error_buffer); + curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L); + curl_code = curl_easy_perform(curl); + if(!curl_code) + fprintf(stderr, "failure expected, " + "curl_easy_perform returned %ld: <%s>, <%s>\n", + (long) curl_code, curl_easy_strerror(curl_code), error_buffer); + + /* print the used url */ + if(!curl_easy_getinfo(curl, CURLINFO_EFFECTIVE_URL, &url_after)) + printf("Effective URL: %s\n", url_after); + + curl_easy_cleanup(curl); + curl_global_cleanup(); + + return 0; +} -- cgit v1.2.3