Test for suhosin.cookie.disallow_ws

author: Stefan Esser 2014-02-12 19:40:41 +0100
committer: Stefan Esser 2014-02-12 19:40:41 +0100
commit: 0d720940a4eb2f26a49de1bffcea6ecaf2938808 (patch)
tree: 91176f051fdf4893c5f6b38f8612b7c33525b6b4 /tests/filter
parent: a1eed98e5bb049456ee327de34c9b678c17032db (diff)
1 files changed, 28 insertions, 0 deletions
diff --git a/tests/filter/get_filter_cookie_disallow_ws.phpt b/tests/filter/get_filter_cookie_disallow_ws.phpt
new file mode 100644
index 0000000..4da6716
--- /dev/null
+++ b/tests/filter/get_filter_cookie_disallow_ws.phpt
@@ -0,0 +1,28 @@
+--TEST--
+suhosin input filter (suhosin.cookie.disallow_ws)
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+suhosin.cookie.disallow_ws=1
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--COOKIE--
+var1=1;var2=2;%20var3=3; var4=4;
+--GET--
+--POST--
+--FILE--
+<?php
+var_dump($_COOKIE);
+?>
+--EXPECTF--
+array(2) {
+  ["var2"]=>
+  string(1) "2"
+  ["var4"]=>
+  string(1) "4"
+}
+ALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' var1' (attacker 'REMOTE_ADDR not set', file '%s')
+ALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' var3' (attacker 'REMOTE_ADDR not set', file '%s')
+ALERT - dropped 2 request variables - (0 in GET, 0 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')
+\ No newline at end of file
author	Stefan Esser	2014-02-12 19:40:41 +0100
committer	Stefan Esser	2014-02-12 19:40:41 +0100
commit	0d720940a4eb2f26a49de1bffcea6ecaf2938808 (patch)
tree	91176f051fdf4893c5f6b38f8612b7c33525b6b4 /tests/filter
parent	a1eed98e5bb049456ee327de34c9b678c17032db (diff)

diff --git a/tests/filter/get_filter_cookie_disallow_ws.phpt b/tests/filter/get_filter_cookie_disallow_ws.phpt new file mode 100644 index 0000000..4da6716 --- /dev/null +++ b/tests/filter/get_filter_cookie_disallow_ws.phpt
@@ -0,0 +1,28 @@
	1	--TEST--
	2	suhosin input filter (suhosin.cookie.disallow_ws)
	3	--INI--
	4	suhosin.log.syslog=0
	5	suhosin.log.sapi=0
	6	suhosin.log.stdout=255
	7	suhosin.log.script=0
	8	suhosin.cookie.disallow_ws=1
	9	--SKIPIF--
	10	<?php include('skipif.inc'); ?>
	11	--COOKIE--
	12	+var1=1;var2=2;%20var3=3; var4=4;
	13	--GET--
	14	--POST--
	15	--FILE--
	16	<?php
	17	var_dump($_COOKIE);
	18	?>
	19	--EXPECTF--
	20	array(2) {
	21	["var2"]=>
	22	string(1) "2"
	23	["var4"]=>
	24	string(1) "4"
	25	}
	26	ALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' var1' (attacker 'REMOTE_ADDR not set', file '%s')
	27	ALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' var3' (attacker 'REMOTE_ADDR not set', file '%s')
	28	ALERT - dropped 2 request variables - (0 in GET, 0 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s') \ No newline at end of file