From 0d720940a4eb2f26a49de1bffcea6ecaf2938808 Mon Sep 17 00:00:00 2001
From: Stefan Esser
Date: Wed, 12 Feb 2014 19:40:41 +0100
Subject: Test for suhosin.cookie.disallow_ws

---
 tests/filter/get_filter_cookie_disallow_ws.phpt | 28 +++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 tests/filter/get_filter_cookie_disallow_ws.phpt

(limited to 'tests')

diff --git a/tests/filter/get_filter_cookie_disallow_ws.phpt b/tests/filter/get_filter_cookie_disallow_ws.phpt
new file mode 100644
index 0000000..4da6716
--- /dev/null
+++ b/tests/filter/get_filter_cookie_disallow_ws.phpt
@@ -0,0 +1,28 @@
+--TEST--
+suhosin input filter (suhosin.cookie.disallow_ws)
+--INI--
+suhosin.log.syslog=0
+suhosin.log.sapi=0
+suhosin.log.stdout=255
+suhosin.log.script=0
+suhosin.cookie.disallow_ws=1
+--SKIPIF--
+<?php include('skipif.inc'); ?>
+--COOKIE--
++var1=1;var2=2;%20var3=3; var4=4;
+--GET--
+--POST--
+--FILE--
+<?php
+var_dump($_COOKIE);
+?>
+--EXPECTF--
+array(2) {
+  ["var2"]=>
+  string(1) "2"
+  ["var4"]=>
+  string(1) "4"
+}
+ALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' var1' (attacker 'REMOTE_ADDR not set', file '%s')
+ALERT - COOKIE variable name begins with disallowed whitespace - dropped variable ' var3' (attacker 'REMOTE_ADDR not set', file '%s')
+ALERT - dropped 2 request variables - (0 in GET, 0 in POST, 2 in COOKIE) (attacker 'REMOTE_ADDR not set', file '%s')
\ No newline at end of file
-- 
cgit v1.3