rewrite.t

Eric Covener Mon, 13 Mar 2023 07:23:54 -0700

Yann, can you check out the failure I committed and see if it's me or
unintended?  Everything else went pretty smooth and looks useful in a
bind.


# Check /modules/rewrite/escaping/local_bctls_nospace/foo/bar/%20baz/%0d
for foo/bar/ baz%0d
# rewritten query 'foo%2fbar%2f+baz%2f%0d'
# expected: 'foo/bar/ baz%0d'
# received: 'foo%2fbar%2f+baz%2f%0d'
not ok 67


    RewriteRule ^/modules/rewrite/escaping/local_bctls_nospace/(.*)
/?$1 "[B= ?,BNEG,BCTLS]"


On Mon, Mar 13, 2023 at 10:21 AM <cove...@apache.org> wrote:
>
> Author: covener
> Date: Mon Mar 13 14:20:59 2023
> New Revision: 1908349
>
> URL: http://svn.apache.org/viewvc?rev=1908349&view=rev
> Log:
> test [B] and additions
>
> 1 failing
>
> Modified:
>     httpd/test/framework/trunk/t/conf/extra.conf.in
>     httpd/test/framework/trunk/t/modules/rewrite.t
>
> Modified: httpd/test/framework/trunk/t/conf/extra.conf.in
> URL: 
> http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/conf/extra.conf.in?rev=1908349&r1=1908348&r2=1908349&view=diff
> ==============================================================================
> --- httpd/test/framework/trunk/t/conf/extra.conf.in (original)
> +++ httpd/test/framework/trunk/t/conf/extra.conf.in Mon Mar 13 14:20:59 2023
> @@ -270,6 +270,12 @@
>      RewriteRule ^/modules/rewrite/cookie/foo - 
> [CO=NAME3:VAL:localhost:86400:/0:secure:httponly:foo]
>
>      RewriteRule ^/modules/rewrite/escaping/local/(.*) /?$1
> +    RewriteRule ^/modules/rewrite/escaping/local_b/(.*) /?$1 [B]
> +    RewriteRule ^/modules/rewrite/escaping/local_bctls/(.*) /?$1 [BCTLS]
> +    RewriteRule ^/modules/rewrite/escaping/local_bctls_andslash/(.*) /?$1 
> [B=/,BCTLS]
> +    RewriteRule ^/modules/rewrite/escaping/local_bctls_nospace/(.*) /?$1 
> "[B= ?,BNEG,BCTLS]"
> +    RewriteRule ^/modules/rewrite/escaping/local_b_noslash/(.*) /?$1 
> [B=/,BNEG]
> +    RewriteRule ^/modules/rewrite/escaping/local_b_justslash/(.*) /?$1 [B=/]
>      RewriteRule ^/modules/rewrite/escaping/redir/(.*) 
> http://@SERVERNAME@:@PORT@/?$1 [R]
>      RewriteRule ^/modules/rewrite/escaping/redir_ne/(.*) 
> http://@SERVERNAME@:@PORT@/?$1 [R,NE]
>      RewriteRule ^/modules/rewrite/escaping/proxy/(.*) 
> http://@SERVERNAME@:@PORT@/?$1 [P]
> @@ -282,6 +288,9 @@
>        RewriteRule proxy_ne/(.*) http://@SERVERNAME@:@PORT@/?$1 [P,NE]
>      </LocationMatch>
>
> +   <Location /modules/rewrite/escaping>
> +      Header always set rewritten-query "expr=%{QUERY_STRING}"
> +   </Location>
>     <VirtualHost cve_2011_3368_rewrite>
>        DocumentRoot @SERVERROOT@/htdocs/modules/proxy
>        RewriteEngine On
>
> Modified: httpd/test/framework/trunk/t/modules/rewrite.t
> URL: 
> http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/modules/rewrite.t?rev=1908349&r1=1908348&r2=1908349&view=diff
> ==============================================================================
> --- httpd/test/framework/trunk/t/modules/rewrite.t (original)
> +++ httpd/test/framework/trunk/t/modules/rewrite.t Mon Mar 13 14:20:59 2023
> @@ -34,6 +34,15 @@ my @escapes = (
>      [ "/modules/rewrite/escaping/fixups/proxy_ne/foo%20bar"  =>  403],
>  );
>
> +my @bflags = (
> +    # t/conf/extra.conf.in
> +    [ "/modules/rewrite/escaping/local_b/foo/bar/%20baz%0d"           =>  
> "foo%2fbar%2f+baz%0d"],        # this is why [B] sucks
> +    [ "/modules/rewrite/escaping/local_bctls/foo/bar/%20baz/%0d"      =>  
> "foo/bar/+baz/%0d"],           # spaces and ctls only
> +    [ "/modules/rewrite/escaping/local_bctls_andslash/foo/bar/%20baz/%0d" => 
>  "foo%2fbar%2f+baz%2f%0d"], # not realistic, but opt in to slashes
> +    [ "/modules/rewrite/escaping/local_bctls_nospace/foo/bar/%20baz/%0d"  => 
>  "foo/bar/ baz%0d"],        # CTLS but allow space
> +    [ "/modules/rewrite/escaping/local_b_noslash/foo/bar/%20baz/%0d"      => 
>  "foo/bar/+baz/%0d"],       # negate something from [B]
> +    [ "/modules/rewrite/escaping/local_b_justslash/foo/bar/%20baz/"    =>  
> "foo%2fbar%2f baz%2f"],       # test basic B=/
> +);
>
>  if (!have_min_apache_version('2.4.19')) {
>      # PR 50447, server context
> @@ -47,7 +56,7 @@ if (!have_min_apache_version('2.4')) {
>  # Specific tests for PR 58231
>  my $vary_header_tests = (have_min_apache_version("2.4.30") ? 9 : 0) + 
> (have_min_apache_version("2.4.29") ? 4 : 0);
>  my $cookie_tests = have_min_apache_version("2.4.47") ? 6 : 0;
> -my $escape_tests = have_min_apache_version("2.4.57") ? scalar(@escapes) : 0;
> +my $escape_tests = have_min_apache_version("2.4.57") ? scalar(@escapes) + 
> scalar(@bflags) : 0;
>
>  plan tests => @map * @num + 16 + $vary_header_tests + $cookie_tests + 
> $escape_tests, todo => \@todo, need_module 'rewrite';
>
> @@ -216,6 +225,15 @@ if (have_min_apache_version("2.4.57")) {
>          $r = GET($url, redirect_ok => 0);
>          ok t_cmp $r->code, $expect;
>      }
> +    foreach my $t (@bflags) {
> +        my $url= $t->[0];
> +        my $expect= $t->[1];
> +        t_debug "Check $url for $expect\n";
> +        $r = GET($url, redirect_ok => 0);
> +        t_debug("rewritten query '" . $r->header("rewritten-query") . "'");
> +        ok t_cmp $r->header("rewritten-query"), $expect;
> +    }
> +
>  }
>
>
>
>


-- 
Eric Covener
cove...@gmail.com

Re: svn commit: r1908349 - in /httpd/test/framework/trunk/t: conf/extra.conf.in modules/rewrite.t

Reply via email to