cvs commit: jakarta-tomcat-4.0/tester/src/bin tester.xml

Thu, 14 Mar 2002 14:11:14 -0800 

remm        02/03/14 12:41:38

  Modified:    tester/src/bin tester.xml
  Log:
  - Group the security oriented tests together.
  
  Revision  Changes    Path
  1.83      +24 -11    jakarta-tomcat-4.0/tester/src/bin/tester.xml
  
  Index: tester.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/tester/src/bin/tester.xml,v
  retrieving revision 1.82
  retrieving revision 1.83
  diff -u -r1.82 -r1.83
  --- tester.xml        3 Jan 2002 00:56:42 -0000       1.82
  +++ tester.xml        14 Mar 2002 20:41:38 -0000      1.83
  @@ -15,7 +15,7 @@
     <taskdef  name="tester"     classname="org.apache.tester.TestClient"/>
   
   
  -  <target name="all" 
depends="ROOT,Authentication,CaseSensitive,Decoding,ErrorPage,FilterRequest,FilterResponse,Jndi,Jsp,Lifecycle,RequestDispatcher,Resources,ServletContext,ServletRequest,ServletResponse,HttpSession,XercesTest"/>
  +  <target name="all" 
depends="ROOT,Authentication,CaseSensitive,Decoding,ErrorPage,FilterRequest,FilterResponse,Jndi,Jsp,Lifecycle,RequestDispatcher,Resources,Security,ServletContext,ServletRequest,ServletResponse,HttpSession,XercesTest"/>
   
   
     <target name="ROOT">
  @@ -32,11 +32,6 @@
            request="${examples.path}/.." debug="${debug}"
             status="302"/>
   
  -    <!-- Should not be able to use relative path above document root -->
  -    <tester host="${host}" port="${port}" protocol="HTTP/1.0"
  -         request="${examples.path}/../.." debug="${debug}"
  -          status="404"/>
  -
       <!-- Should be able to successfully retrieve a golden file -->
       <tester host="${host}" port="${port}" protocol="${protocol}"
            request="${context.path}/Golden01"
  @@ -211,11 +206,6 @@
            request="${examples.path}/jsp/snp/snoop.jsp"
             status="200"/>
   
  -    <!-- DefaultServlet should not decode the path again -->
  -    <tester host="${host}" port="${port}" protocol="HTTP/1.0"
  -         request="${examples.path}/jsp/snp/snoop%252ejsp"
  -          status="400"/>
  -
     </target>
   
   
  @@ -1380,6 +1370,29 @@
              debug="${debug}"
            request="${context.path}/Resources06?path=/WEB-INF"
         outContent="Resources06 PASSED"/>
  +
  +  </target>
  +
  +
  +  <target name="Security">
  +
  +    <!-- ========== Security Tests ======================================== -->
  +
  +    <!-- Should not be able to use relative path above document root -->
  +    <tester host="${host}" port="${port}" protocol="HTTP/1.0"
  +         request="${examples.path}/../.." debug="${debug}"
  +          status="400"/>
  +
  +    <!-- Should not be able to use specially crafted URLs to get around 
  +         security constraints -->
  +    <tester host="${host}" port="${port}" protocol="HTTP/1.0"
  +         request="${examples.path}/jsp/security//protected/index.jsp" 
  +         debug="${debug}" status="302"/>
  +
  +    <!-- DefaultServlet should not decode the path again -->
  +    <tester host="${host}" port="${port}" protocol="HTTP/1.0"
  +         request="${examples.path}/jsp/snp/snoop%252ejsp"
  +          status="404"/>
   
     </target>
   
  
  
  

--
To unsubscribe, e-mail:   <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>

Reply via email to