From 6e07cdb870513270a3c08abc7ecdca64ad2af400 Mon Sep 17 00:00:00 2001
From: Ben Fuhrmannek
Date: Thu, 16 Sep 2021 11:32:41 +0200
Subject: ported server.strip and server.encode features from suhosin

---
 src/tests/filter/config/filter.ini  |  3 +++
 src/tests/filter/server_encode.phpt | 25 +++++++++++++++++++++++++
 src/tests/filter/server_strip.phpt  | 21 +++++++++++++++++++++
 3 files changed, 49 insertions(+)
 create mode 100644 src/tests/filter/config/filter.ini
 create mode 100644 src/tests/filter/server_encode.phpt
 create mode 100644 src/tests/filter/server_strip.phpt

(limited to 'src/tests/filter')

diff --git a/src/tests/filter/config/filter.ini b/src/tests/filter/config/filter.ini
new file mode 100644
index 0000000..5ebee61
--- /dev/null
+++ b/src/tests/filter/config/filter.ini
@@ -0,0 +1,3 @@
+sp.global.server_encode.enable();
+sp.global.server_strip.enable();
+
diff --git a/src/tests/filter/server_encode.phpt b/src/tests/filter/server_encode.phpt
new file mode 100644
index 0000000..f7cc233
--- /dev/null
+++ b/src/tests/filter/server_encode.phpt
@@ -0,0 +1,25 @@
+--TEST--
+input filter: server_encode
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/filter.ini
+display_errors=1
+display_startup_errors=1
+error_reporting=E_ALL
+--ENV--
+return <<<EOF
+REQUEST_URI=AAA<>"'`!AAA
+EOF;
+--COOKIE--
+--GET--
+BBB<>"'`!BBB
+--POST--
+--FILE--
+<?php
+var_dump($_SERVER['REQUEST_URI']);
+var_dump($_SERVER['QUERY_STRING']);
+--EXPECT--
+string(22) "AAA%3C%3E%22%27%60!AAA"
+string(22) "BBB%3C%3E%22%27%60!BBB"
+
diff --git a/src/tests/filter/server_strip.phpt b/src/tests/filter/server_strip.phpt
new file mode 100644
index 0000000..83072b4
--- /dev/null
+++ b/src/tests/filter/server_strip.phpt
@@ -0,0 +1,21 @@
+--TEST--
+input filter: server_strip
+--SKIPIF--
+<?php if (!extension_loaded("snuffleupagus")) print "skip"; ?>
+--INI--
+sp.configuration_file={PWD}/config/filter.ini
+display_errors=1
+display_startup_errors=1
+error_reporting=E_ALL
+--ENV--
+return <<<EOF
+HTTP_USER_AGENT=Mozilla/5.0 (Windows NT 6.0; rv:29.0) <script>alert('123');</script>Gecko/20100101 Firefox/29.0
+EOF;
+--COOKIE--
+--GET--
+--POST--
+--FILE--
+<?php
+var_dump($_SERVER['HTTP_USER_AGENT']);
+--EXPECT--
+string(95) "Mozilla/5.0 (Windows NT 6.0; rv:29.0) _script_alert(_123_);_/script_Gecko/20100101 Firefox/29.0"
-- 
cgit v1.3