Mercurial > hg > nginx-tests
annotate secure_link.t @ 1265:200d9d091da2
Tests: index tests for configuration token starting with variable.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 21 Dec 2017 16:48:22 +0300 |
parents | 64f287c8cc62 |
children | 97c8280de681 |
rev | line source |
---|---|
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
2 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
3 # (C) Maxim Dounin |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
4 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
5 # Tests for nginx secure_link module. |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
6 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
7 ############################################################################### |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
8 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
9 use warnings; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
10 use strict; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
11 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
12 use Test::More; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
13 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
14 use Digest::MD5 qw/ md5 md5_hex /; |
161
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
15 use MIME::Base64 qw/ encode_base64 /; |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
16 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
17 BEGIN { use FindBin; chdir($FindBin::Bin); } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
18 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
19 use lib 'lib'; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
20 use Test::Nginx; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
21 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
22 ############################################################################### |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
23 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
24 select STDERR; $| = 1; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
25 select STDOUT; $| = 1; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
26 |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
27 my $t = Test::Nginx->new()->has(qw/http secure_link rewrite/)->plan(19); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
28 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
29 $t->write_file_expand('nginx.conf', <<'EOF'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
30 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
31 %%TEST_GLOBALS%% |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
32 |
249
6a0d934950bc
Tests: remove extra spaces in "daemon off".
Maxim Dounin <mdounin@mdounin.ru>
parents:
161
diff
changeset
|
33 daemon off; |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
34 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
35 events { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
36 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
37 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
38 http { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
39 %%TEST_GLOBALS_HTTP%% |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
40 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
41 server { |
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
42 listen 127.0.0.1:8080; |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
43 server_name localhost; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
44 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
45 location / { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
46 # new style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
47 # /test.html?hash=BASE64URL |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
48 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
49 secure_link $arg_hash; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
50 secure_link_md5 secret$uri; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
51 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
52 # invalid hash |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
53 if ($secure_link = "") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
54 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
55 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
56 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
57 # expired |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
58 if ($secure_link = "0") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
59 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
60 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
61 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
62 # $secure_link = "1" |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
63 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
64 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
65 location = /expires.html { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
66 # new style with expires |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
67 # /test.html?hash=BASE64URL&expires=12345678 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
68 |
695
da20b4389038
Tests: added secure_link_expires variable test.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
590
diff
changeset
|
69 add_header X-Expires $secure_link_expires; |
da20b4389038
Tests: added secure_link_expires variable test.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
590
diff
changeset
|
70 |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
71 secure_link $arg_hash,$arg_expires; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
72 secure_link_md5 secret$uri$arg_expires; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
73 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
74 # invalid hash |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
75 if ($secure_link = "") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
76 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
77 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
78 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
79 # expired |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
80 if ($secure_link = "0") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
81 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
82 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
83 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
84 # $secure_link = "1" |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
85 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
86 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
87 location /p/ { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
88 # old style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
89 # /p/d8e8fca2dc0f896fd7cb4cb0031ba249/test.html |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
90 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
91 secure_link_secret secret; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
92 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
93 if ($secure_link = "") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
94 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
95 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
96 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
97 rewrite ^ /$secure_link break; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
98 } |
255
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
99 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
100 location /inheritance/ { |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
101 secure_link_secret secret; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
102 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
103 location = /inheritance/test { |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
104 secure_link Xr4ilOzQ4PCOq3aQ0qbuaQ==; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
105 secure_link_md5 secret; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
106 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
107 if ($secure_link = "1") { |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
108 rewrite ^ /test.html break; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
109 } |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
110 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
111 return 403; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
112 } |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
113 } |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
114 |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
115 location /stub { |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
116 return 200 x$secure_link${secure_link_expires}x; |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
117 } |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
118 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
119 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
120 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
121 EOF |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
122 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
123 $t->write_file('test.html', 'PASSED'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
124 $t->write_file('expires.html', 'PASSED'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
125 $t->run(); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
126 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
127 ############################################################################### |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
128 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
129 # new style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
130 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
131 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA=='), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
132 qr/PASSED/, 'request md5'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
133 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA'), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
134 qr/PASSED/, 'request md5 no padding'); |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
135 |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
136 TODO: { |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
137 todo_skip 'stack-buffer-overflow', 1 unless $ENV{TEST_NGINX_UNSAFE} |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
138 or $t->has_version('1.13.5'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
139 |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
140 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHAQQ'), |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
141 qr/^HTTP.*403/, 'request md5 too long'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
142 |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
143 } |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
144 |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
145 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA-TOOLONG'), |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
146 qr/^HTTP.*403/, 'request md5 too long encoding'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
147 like(http_get('/test.html?hash=BADHASHLENGTH'), |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
148 qr/^HTTP.*403/, 'request md5 decode error'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
149 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHX=='), |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
150 qr/^HTTP.*403/, 'request md5 mismatch'); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
151 like(http_get('/test.html'), qr/^HTTP.*403/, 'request no hash'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
152 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
153 # new style with expires |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
154 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
155 my ($expires, $hash); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
156 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
157 $expires = time() + 86400; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
158 $hash = encode_base64url(md5("secret/expires.html$expires")); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
159 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), |
590
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
160 qr/PASSED/, 'request md5 not expired'); |
695
da20b4389038
Tests: added secure_link_expires variable test.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
590
diff
changeset
|
161 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), |
da20b4389038
Tests: added secure_link_expires variable test.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
590
diff
changeset
|
162 qr/X-Expires: $expires/, 'secure_link_expires variable'); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
163 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
164 $expires = time() - 86400; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
165 $hash = encode_base64url(md5("secret/expires.html$expires")); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
166 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), |
590
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
167 qr/^HTTP.*403/, 'request md5 expired'); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
168 |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
169 $expires = 0; |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
170 $hash = encode_base64url(md5("secret/expires.html$expires")); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
171 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
172 qr/^HTTP.*403/, 'request md5 invalid expiration'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
173 |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
174 # old style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
175 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
176 like(http_get('/p/' . md5_hex('test.html' . 'secret') . '/test.html'), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
177 qr/PASSED/, 'request old style'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
178 like(http_get('/p/' . md5_hex('fake') . '/test.html'), qr/^HTTP.*403/, |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
179 'request old style fake hash'); |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
180 like(http_get('/p/' . 'foo' . '/test.html'), qr/^HTTP.*403/, |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
181 'request old style short hash'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
182 like(http_get('/p/' . 'x' x 32 . '/test.html'), qr/^HTTP.*403/, |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
183 'request old style corrupt hash'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
184 like(http_get('/p%2f'), qr/^HTTP.*403/, 'request old style bad uri'); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
185 like(http_get('/p/test.html'), qr/^HTTP.*403/, 'request old style no hash'); |
255
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
186 like(http_get('/inheritance/test'), qr/PASSED/, 'inheritance'); |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
187 |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
188 like(http_get('/stub'), qr/xx/, 'secure_link not found'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
189 |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
190 ############################################################################### |
161
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
191 |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
192 sub encode_base64url { |
590
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
193 my $e = encode_base64(shift, ""); |
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
194 $e =~ s/=+\z//; |
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
195 $e =~ tr[+/][-_]; |
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
196 return $e; |
161
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
197 } |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
198 |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
199 ############################################################################### |