Some "incomplete" tests for suhosin.server.strip and suhosin.server.encode

author: Stefan Esser 2014-02-15 20:59:01 +0100
committer: Stefan Esser 2014-02-15 20:59:01 +0100
commit: 7336a8080e8b1611795d8038e2b816340ce3e4e1 (patch)
tree: e6772b0343f0b32672da261346b4cb34ced27e97 /tests
parent: a0eeb895a3e0a5205c819c9dbadd44f92b38c1ce (diff)
4 files changed, 115 insertions, 0 deletions
diff --git a/tests/filter/server_encode_off.phpt b/tests/filter/server_encode_off.phpt
new file mode 100644
index 0000000..8daccea
--- /dev/null
+++ b/tests/filter/server_encode_off.phpt
@@ -0,0 +1,31 @@
+--TEST--
+Testing: suhosin.server.encode=Off
+--DESCRIPTION--
+This test is incomplete but at the moment we cannot do better with the standard test framework.
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+suhosin.server.encode=Off
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--ENV--
+return <<<END
+REQUEST_URI=AAA<>"'`!AAA
+END;
+--COOKIE--
+--GET--
+BBB<>"'`!BBB
+--POST--
+--FILE--
+<?php
+// THIS TEST IS INCOMPLETE!!! SEE DESCRIPTION
+var_dump($_SERVER['REQUEST_URI']);
+var_dump($_SERVER['QUERY_STRING']);
+?>
+--EXPECTF--
+string(12) "AAA<>"'`!AAA"
+string(12) "BBB<>"'`!BBB"
diff --git a/tests/filter/server_encode_on.phpt b/tests/filter/server_encode_on.phpt
new file mode 100644
index 0000000..4cd7a66
--- /dev/null
+++ b/tests/filter/server_encode_on.phpt
@@ -0,0 +1,30 @@
+--TEST--
+Testing: suhosin.server.encode=On
+--DESCRIPTION--
+This test is incomplete but at the moment we cannot do better with the standard test framework.
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+suhosin.server.encode=On
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--ENV--
+return <<<END
+REQUEST_URI=AAA<>"'`!AAA
+END;
+--COOKIE--
+--GET--
+BBB<>"'`!BBB
+--POST--
+--FILE--
+<?php
+// THIS TEST IS INCOMPLETE!!! SEE DESCRIPTION
+var_dump($_SERVER['REQUEST_URI']);
+var_dump($_SERVER['QUERY_STRING']);
+?>
+--EXPECTF--
+string(22) "AAA%3C%3E%22%27%60!AAA"
+string(22) "BBB%3C%3E%22%27%60!BBB"
diff --git a/tests/filter/server_strip_off.phpt b/tests/filter/server_strip_off.phpt
new file mode 100644
index 0000000..75c326e
--- /dev/null
+++ b/tests/filter/server_strip_off.phpt
@@ -0,0 +1,27 @@
+--TEST--
+Testing: suhosin.server.strip=Off
+--DESCRIPTION--
+This test is incomplete but at the moment we cannot do better with the standard test framework.
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+suhosin.server.strip=Off
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--ENV--
+return <<<END
+SCRIPT_NAME=X/index.php/THIS_IS_A_FAKE_NAME<>"'`!AAA
+END;
+--COOKIE--
+--GET--
+A=B
+--POST--
+--FILE--
+<?php
+// THIS TEST IS INCOMPLETE!!! SEE DESCRIPTION
+var_dump($_SERVER['PHP_SELF']);
+?>
+--EXPECTF--
+string(40) "X/index.php/THIS_IS_A_FAKE_NAME<>"'`!AAA"
diff --git a/tests/filter/server_strip_on.phpt b/tests/filter/server_strip_on.phpt
new file mode 100644
index 0000000..c595e95
--- /dev/null
+++ b/tests/filter/server_strip_on.phpt
@@ -0,0 +1,27 @@
+--TEST--
+Testing: suhosin.server.strip=On
+--DESCRIPTION--
+This test is incomplete but at the moment we cannot do better with the standard test framework.
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+suhosin.server.strip=On
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--ENV--
+return <<<END
+SCRIPT_NAME=X/index.php/THIS_IS_A_FAKE_NAME<>"'`!AAA
+END;
+--COOKIE--
+--GET--
+A=B
+--POST--
+--FILE--
+<?php
+// THIS TEST IS INCOMPLETE!!! SEE DESCRIPTION
+var_dump($_SERVER['PHP_SELF']);
+?>
+--EXPECTF--
+string(40) "X/index.php/THIS_IS_A_FAKE_NAME?????!AAA"
author	Stefan Esser	2014-02-15 20:59:01 +0100
committer	Stefan Esser	2014-02-15 20:59:01 +0100
commit	7336a8080e8b1611795d8038e2b816340ce3e4e1 (patch)
tree	e6772b0343f0b32672da261346b4cb34ced27e97 /tests
parent	a0eeb895a3e0a5205c819c9dbadd44f92b38c1ce (diff)

diff --git a/tests/filter/server_encode_off.phpt b/tests/filter/server_encode_off.phpt new file mode 100644 index 0000000..8daccea --- /dev/null +++ b/tests/filter/server_encode_off.phpt
@@ -0,0 +1,31 @@
	1	--TEST--
	2	Testing: suhosin.server.encode=Off
	3	--DESCRIPTION--
	4	This test is incomplete but at the moment we cannot do better with the standard test framework.
	5	--INI--
	6	suhosin.log.syslog=0
	7	suhosin.log.sapi=0
	8	suhosin.log.stdout=255
	9	suhosin.log.script=0
	10	suhosin.server.encode=Off
	11	--SKIPIF--
	12	<?php include('skipif.inc'); ?>
	13	--ENV--
	14	return <<<END
	15	REQUEST_URI=AAA<>"'`!AAA
	16	END;
	17	--COOKIE--
	18	--GET--
	19	BBB<>"'`!BBB
	20	--POST--
	21	--FILE--
	22	<?php
	23	// THIS TEST IS INCOMPLETE!!! SEE DESCRIPTION
	24	var_dump($_SERVER['REQUEST_URI']);
	25	var_dump($_SERVER['QUERY_STRING']);
	26	?>
	27	--EXPECTF--
	28	string(12) "AAA<>"'`!AAA"
	29	string(12) "BBB<>"'`!BBB"
	30
	31


diff --git a/tests/filter/server_encode_on.phpt b/tests/filter/server_encode_on.phpt new file mode 100644 index 0000000..4cd7a66 --- /dev/null +++ b/tests/filter/server_encode_on.phpt
@@ -0,0 +1,30 @@
	1	--TEST--
	2	Testing: suhosin.server.encode=On
	3	--DESCRIPTION--
	4	This test is incomplete but at the moment we cannot do better with the standard test framework.
	5	--INI--
	6	suhosin.log.syslog=0
	7	suhosin.log.sapi=0
	8	suhosin.log.stdout=255
	9	suhosin.log.script=0
	10	suhosin.server.encode=On
	11	--SKIPIF--
	12	<?php include('skipif.inc'); ?>
	13	--ENV--
	14	return <<<END
	15	REQUEST_URI=AAA<>"'`!AAA
	16	END;
	17	--COOKIE--
	18	--GET--
	19	BBB<>"'`!BBB
	20	--POST--
	21	--FILE--
	22	<?php
	23	// THIS TEST IS INCOMPLETE!!! SEE DESCRIPTION
	24	var_dump($_SERVER['REQUEST_URI']);
	25	var_dump($_SERVER['QUERY_STRING']);
	26	?>
	27	--EXPECTF--
	28	string(22) "AAA%3C%3E%22%27%60!AAA"
	29	string(22) "BBB%3C%3E%22%27%60!BBB"
	30


diff --git a/tests/filter/server_strip_off.phpt b/tests/filter/server_strip_off.phpt new file mode 100644 index 0000000..75c326e --- /dev/null +++ b/tests/filter/server_strip_off.phpt
@@ -0,0 +1,27 @@
	1	--TEST--
	2	Testing: suhosin.server.strip=Off
	3	--DESCRIPTION--
	4	This test is incomplete but at the moment we cannot do better with the standard test framework.
	5	--INI--
	6	suhosin.log.syslog=0
	7	suhosin.log.sapi=0
	8	suhosin.log.stdout=255
	9	suhosin.log.script=0
	10	suhosin.server.strip=Off
	11	--SKIPIF--
	12	<?php include('skipif.inc'); ?>
	13	--ENV--
	14	return <<<END
	15	SCRIPT_NAME=X/index.php/THIS_IS_A_FAKE_NAME<>"'`!AAA
	16	END;
	17	--COOKIE--
	18	--GET--
	19	A=B
	20	--POST--
	21	--FILE--
	22	<?php
	23	// THIS TEST IS INCOMPLETE!!! SEE DESCRIPTION
	24	var_dump($_SERVER['PHP_SELF']);
	25	?>
	26	--EXPECTF--
	27	string(40) "X/index.php/THIS_IS_A_FAKE_NAME<>"'`!AAA"


diff --git a/tests/filter/server_strip_on.phpt b/tests/filter/server_strip_on.phpt new file mode 100644 index 0000000..c595e95 --- /dev/null +++ b/tests/filter/server_strip_on.phpt
@@ -0,0 +1,27 @@
	1	--TEST--
	2	Testing: suhosin.server.strip=On
	3	--DESCRIPTION--
	4	This test is incomplete but at the moment we cannot do better with the standard test framework.
	5	--INI--
	6	suhosin.log.syslog=0
	7	suhosin.log.sapi=0
	8	suhosin.log.stdout=255
	9	suhosin.log.script=0
	10	suhosin.server.strip=On
	11	--SKIPIF--
	12	<?php include('skipif.inc'); ?>
	13	--ENV--
	14	return <<<END
	15	SCRIPT_NAME=X/index.php/THIS_IS_A_FAKE_NAME<>"'`!AAA
	16	END;
	17	--COOKIE--
	18	--GET--
	19	A=B
	20	--POST--
	21	--FILE--
	22	<?php
	23	// THIS TEST IS INCOMPLETE!!! SEE DESCRIPTION
	24	var_dump($_SERVER['PHP_SELF']);
	25	?>
	26	--EXPECTF--
	27	string(40) "X/index.php/THIS_IS_A_FAKE_NAME?????!AAA"