worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Unit test for #2535

Browse Source
increase-RDBI-perf
Maxime Besson 4 years ago
parent 3b8222ae8a
commit d287efb343
1 changed files with 24 additions and 1 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 25
      lemonldap-ng-portal/t/66-CDA.t

25
lemonldap-ng-portal/t/66-CDA.t
Unescape View File

@ -24,7 +24,10 @@ my $client = LLNG::Manager::Test->new( {
ok(
$res = $client->_get(
'/',
query => 'url=aHR0cDovL3Rlc3QuZXhhbXBsZS5vcmcv',
query => buildForm( {
url => encodeUrl('http://test.example.org/'),
}
),
accept => 'text/html',
),
'Unauth CDA request'
@ -44,10 +47,30 @@ ok(
'Post credentials'
);
count(1);
my $id = expectCookie($res);
($query) =
expectRedirection( $res, qr#^http://test.example.org/\?(lemonldapcda=.*)$# );
# Check URLs are correctly filtered
ok(
$res = $client->_get(
'/',
query => buildForm( {
url => encodeUrl(
'http://your-untrusted-domain.com/?attack=http://test.example.org/'
),
}
),
cookie => "lemonldap=$id",
accept => 'text/html',
),
'Dangerous request'
);
count(1);
expectPortalError( $res, 37, "Untrusted URL denied by portal" );
# Handler part
use_ok('Lemonldap::NG::Handler::Server');
use_ok('Lemonldap::NG::Common::PSGI::Cli::Lib');

Write Preview
Loading…
Cancel
Save