| Server IP : 66.29.132.122 / Your IP : 3.15.31.168 Web Server : LiteSpeed System : Linux business142.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64 User : admazpex ( 531) PHP Version : 7.2.34 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /proc/self/root/proc/self/root/proc/thread-self/root/proc/thread-self/root/opt/alt/ruby19/lib64/ruby/gems/1.9.1/gems/rack-1.6.4/test/ |
Upload File : |
require 'rack/directory'
require 'rack/lint'
require 'rack/mock'
describe Rack::Directory do
DOCROOT = File.expand_path(File.dirname(__FILE__)) unless defined? DOCROOT
FILE_CATCH = proc{|env| [200, {'Content-Type'=>'text/plain', "Content-Length" => "7"}, ['passed!']] }
app = Rack::Lint.new(Rack::Directory.new(DOCROOT, FILE_CATCH))
should "serve directory indices" do
res = Rack::MockRequest.new(Rack::Lint.new(app)).
get("/cgi/")
res.should.be.ok
res.should =~ /<html><head>/
end
should "pass to app if file found" do
res = Rack::MockRequest.new(Rack::Lint.new(app)).
get("/cgi/test")
res.should.be.ok
res.should =~ /passed!/
end
should "serve uri with URL encoded filenames" do
res = Rack::MockRequest.new(Rack::Lint.new(app)).
get("/%63%67%69/") # "/cgi/test"
res.should.be.ok
res.should =~ /<html><head>/
res = Rack::MockRequest.new(Rack::Lint.new(app)).
get("/cgi/%74%65%73%74") # "/cgi/test"
res.should.be.ok
res.should =~ /passed!/
end
should "not allow directory traversal" do
res = Rack::MockRequest.new(Rack::Lint.new(app)).
get("/cgi/../test")
res.should.be.forbidden
res = Rack::MockRequest.new(Rack::Lint.new(app)).
get("/cgi/%2E%2E/test")
res.should.be.forbidden
end
should "404 if it can't find the file" do
res = Rack::MockRequest.new(Rack::Lint.new(app)).
get("/cgi/blubb")
res.should.be.not_found
end
should "uri escape path parts" do # #265, properly escape file names
mr = Rack::MockRequest.new(Rack::Lint.new(app))
res = mr.get("/cgi/test%2bdirectory")
res.should.be.ok
res.body.should =~ %r[/cgi/test%2Bdirectory/test%2Bfile]
res = mr.get("/cgi/test%2bdirectory/test%2bfile")
res.should.be.ok
end
should "correctly escape script name" do
app2 = Rack::Builder.new do
map '/script-path' do
run app
end
end
mr = Rack::MockRequest.new(Rack::Lint.new(app2))
res = mr.get("/script-path/cgi/test%2bdirectory")
res.should.be.ok
res.body.should =~ %r[/script-path/cgi/test%2Bdirectory/test%2Bfile]
res = mr.get("/script-path/cgi/test%2bdirectory/test%2bfile")
res.should.be.ok
end
end