curl/tests/data/test973
Daniel Stenberg 5295e8d64a
tests: verify the fix for CVE-2022-27774
- Test 973 redirects from HTTP to FTP, clear auth
 - Test 974 redirects from HTTP to HTTP different port, clear auth
 - Test 975 redirects from HTTP to FTP, permitted to keep auth
 - Test 976 redirects from HTTP to HTTP different port, permitted to keep
   auth
2022-04-25 16:24:33 +02:00

89 lines
1.2 KiB
Plaintext

<testcase>
<info>
<keywords>
HTTP
FTP
--location
</keywords>
</info>
#
# Server-side
<reply>
<data>
HTTP/1.1 301 redirect
Date: Tue, 09 Nov 2010 14:49:00 GMT
Server: test-server/fake
Content-Length: 0
Connection: close
Content-Type: text/html
Location: ftp://%HOSTIP:%FTPPORT/a/path/%TESTNUMBER0002
</data>
<data2>
data
to
see
that FTP
works
so does it?
</data2>
<datacheck>
HTTP/1.1 301 redirect
Date: Tue, 09 Nov 2010 14:49:00 GMT
Server: test-server/fake
Content-Length: 0
Connection: close
Content-Type: text/html
Location: ftp://%HOSTIP:%FTPPORT/a/path/%TESTNUMBER0002
data
to
see
that FTP
works
so does it?
</datacheck>
</reply>
#
# Client-side
<client>
<server>
http
ftp
</server>
<name>
HTTP with auth redirected to FTP w/o auth
</name>
<command>
http://%HOSTIP:%HTTPPORT/%TESTNUMBER -L -u joe:secret
</command>
</client>
#
# Verify data after the test has been "shot"
<verify>
<protocol>
GET /%TESTNUMBER HTTP/1.1
Host: %HOSTIP:%HTTPPORT
Authorization: Basic am9lOnNlY3JldA==
User-Agent: curl/%VERSION
Accept: */*
USER anonymous
PASS ftp@example.com
PWD
CWD a
CWD path
EPSV
TYPE I
SIZE %TESTNUMBER0002
RETR %TESTNUMBER0002
QUIT
</protocol>
</verify>
</testcase>