Mercurial > hg > nginx-tests
annotate secure_link.t @ 327:dacd55fa2cde
Tests: added edge case tests for long hostname in referer.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 29 Aug 2013 19:02:08 +0400 |
parents | 07c600de2f90 |
children | dc2f8aac0553 |
rev | line source |
---|---|
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
2 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
3 # (C) Maxim Dounin |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
4 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
5 # Tests for nginx secure_link module. |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
6 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
7 ############################################################################### |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
8 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
9 use warnings; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
10 use strict; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
11 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
12 use Test::More; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
13 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
14 use Digest::MD5 qw/ md5 md5_hex /; |
161
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
15 use MIME::Base64 qw/ encode_base64 /; |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
16 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
17 BEGIN { use FindBin; chdir($FindBin::Bin); } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
18 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
19 use lib 'lib'; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
20 use Test::Nginx; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
21 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
22 ############################################################################### |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
23 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
24 select STDERR; $| = 1; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
25 select STDOUT; $| = 1; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
26 |
302
07c600de2f90
Tests: added missing rewrite prerequisites.
Sergey Kandaurov <pluknet@nginx.com>
parents:
276
diff
changeset
|
27 my $t = Test::Nginx->new()->has(qw/http secure_link rewrite/)->plan(9); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
28 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
29 $t->write_file_expand('nginx.conf', <<'EOF'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
30 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
31 %%TEST_GLOBALS%% |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
32 |
249
6a0d934950bc
Tests: remove extra spaces in "daemon off".
Maxim Dounin <mdounin@mdounin.ru>
parents:
161
diff
changeset
|
33 daemon off; |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
34 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
35 events { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
36 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
37 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
38 http { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
39 %%TEST_GLOBALS_HTTP%% |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
40 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
41 server { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
42 listen 127.0.0.1:8080; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
43 server_name localhost; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
44 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
45 location / { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
46 # new style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
47 # /test.html?hash=BASE64URL |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
48 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
49 secure_link $arg_hash; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
50 secure_link_md5 secret$uri; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
51 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
52 # invalid hash |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
53 if ($secure_link = "") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
54 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
55 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
56 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
57 # expired |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
58 if ($secure_link = "0") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
59 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
60 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
61 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
62 # $secure_link = "1" |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
63 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
64 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
65 location = /expires.html { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
66 # new style with expires |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
67 # /test.html?hash=BASE64URL&expires=12345678 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
68 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
69 secure_link $arg_hash,$arg_expires; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
70 secure_link_md5 secret$uri$arg_expires; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
71 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
72 # invalid hash |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
73 if ($secure_link = "") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
74 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
75 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
76 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
77 # expired |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
78 if ($secure_link = "0") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
79 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
80 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
81 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
82 # $secure_link = "1" |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
83 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
84 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
85 location /p/ { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
86 # old style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
87 # /p/d8e8fca2dc0f896fd7cb4cb0031ba249/test.html |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
88 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
89 secure_link_secret secret; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
90 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
91 if ($secure_link = "") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
92 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
93 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
94 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
95 rewrite ^ /$secure_link break; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
96 } |
255
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
97 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
98 location /inheritance/ { |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
99 secure_link_secret secret; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
100 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
101 location = /inheritance/test { |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
102 secure_link Xr4ilOzQ4PCOq3aQ0qbuaQ==; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
103 secure_link_md5 secret; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
104 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
105 if ($secure_link = "1") { |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
106 rewrite ^ /test.html break; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
107 } |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
108 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
109 return 403; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
110 } |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
111 } |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
112 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
113 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
114 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
115 EOF |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
116 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
117 $t->write_file('test.html', 'PASSED'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
118 $t->write_file('expires.html', 'PASSED'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
119 $t->run(); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
120 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
121 ############################################################################### |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
122 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
123 # new style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
124 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
125 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA=='), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
126 qr/PASSED/, 'request md5'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
127 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA'), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
128 qr/PASSED/, 'request md5 no padding'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
129 like(http_get('/test.html'), qr/^HTTP.*403/, 'request no hash'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
130 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
131 # new style with expires |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
132 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
133 my ($expires, $hash); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
134 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
135 $expires = time() + 86400; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
136 $hash = encode_base64url(md5("secret/expires.html$expires")); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
137 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
138 qr/PASSED/, 'request md5 not expired'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
139 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
140 $expires = time() - 86400; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
141 $hash = encode_base64url(md5("secret/expires.html$expires")); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
142 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
143 qr/^HTTP.*403/, 'request md5 expired'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
144 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
145 # old style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
146 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
147 like(http_get('/p/' . md5_hex('test.html' . 'secret') . '/test.html'), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
148 qr/PASSED/, 'request old style'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
149 like(http_get('/p/' . md5_hex('fake') . '/test.html'), qr/^HTTP.*403/, |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
150 'request old style fake hash'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
151 like(http_get('/p/test.html'), qr/^HTTP.*403/, 'request old style no hash'); |
255
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
152 like(http_get('/inheritance/test'), qr/PASSED/, 'inheritance'); |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
153 |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
154 ############################################################################### |
161
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
155 |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
156 sub encode_base64url { |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
157 my $e = encode_base64(shift, ""); |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
158 $e =~ s/=+\z//; |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
159 $e =~ tr[+/][-_]; |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
160 return $e; |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
161 } |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
162 |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
163 ############################################################################### |