summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Esser2014-02-12 19:32:05 +0100
committerStefan Esser2014-02-12 19:32:05 +0100
commit7ac74540af7598e25b6970f2eb32abb12297b704 (patch)
tree2545c5f99e5d7975cbfc60418817f16218bfddaa
parent0b6f0ba5feeef8b7f5069736db795c184ae9ff57 (diff)
Test for suhosin.request.disallow_ws
-rw-r--r--tests/filter/get_filter_request_disallow_ws.phpt27
1 files changed, 27 insertions, 0 deletions
diff --git a/tests/filter/get_filter_request_disallow_ws.phpt b/tests/filter/get_filter_request_disallow_ws.phpt
new file mode 100644
index 0000000..fd22d62
--- /dev/null
+++ b/tests/filter/get_filter_request_disallow_ws.phpt
@@ -0,0 +1,27 @@
1--TEST--
2suhosin input filter (suhosin.request.disallow_ws)
3--INI--
4suhosin.log.syslog=0
5suhosin.log.sapi=0
6suhosin.log.stdout=255
7suhosin.log.script=0
8suhosin.request.disallow_ws=1
9--SKIPIF--
10<?php include('skipif.inc'); ?>
11--COOKIE--
12--GET--
13+var1=1&var2=2&%20var3=3& var4=4&
14--POST--
15--FILE--
16<?php
17var_dump($_GET);
18?>
19--EXPECTF--
20array(1) {
21 ["var2"]=>
22 string(1) "2"
23}
24ALERT - request variable name begins with disallowed whitespace - dropped variable ' var1' (attacker 'REMOTE_ADDR not set', file '%s')
25ALERT - request variable name begins with disallowed whitespace - dropped variable ' var3' (attacker 'REMOTE_ADDR not set', file '%s')
26ALERT - request variable name begins with disallowed whitespace - dropped variable ' var4' (attacker 'REMOTE_ADDR not set', file '%s')
27ALERT - dropped 3 request variables - (3 in GET, 0 in POST, 0 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s') \ No newline at end of file