blob: 733be051cd7d6210f55377858df4c5d5a35c8ca8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
# vi:filetype=
use lib 'lib';
use Test::Nginx::Socket;
repeat_each(2);
plan tests => repeat_each() * (4 * blocks());
#no_long_string();
log_level 'warn';
run_tests();
#no_diff();
__DATA__
=== TEST 1: used
--- config
location = /t {
echo hello;
xss_get on;
xss_callback_arg c;
}
--- more_headers
Accept-Encoding: gzip
--- request
GET /t
--- stap
F(ngx_http_xss_header_filter) {
println("xss header filter")
}
F(ngx_http_xss_body_filter) {
println("xss body filter")
}
--- stap_out
xss header filter
xss body filter
xss body filter
--- response_body
hello
--- no_error_log
[error]
=== TEST 2: not used
--- config
location = /t {
echo hello;
}
--- more_headers
Accept-Encoding: gzip
--- request
GET /t
--- stap
F(ngx_http_xss_header_filter) {
println("xss header filter")
}
F(ngx_http_xss_body_filter) {
println("xss body filter")
}
--- stap_out
--- response_body
hello
--- no_error_log
[error]
=== TEST 3: used (multiple http {} blocks)
This test case won't run with nginx 1.9.3+ since duplicate http {} blocks
have been prohibited since then.
--- SKIP
--- config
location = /t {
default_type application/json;
xss_callback_arg 'callback';
echo -n hello;
xss_get on;
}
--- more_headers
Accept-Encoding: gzip
--- request
GET /t?callback=foo
--- stap
F(ngx_http_xss_header_filter) {
println("xss header filter")
}
F(ngx_http_xss_body_filter) {
println("xss body filter")
}
--- stap_out
xss header filter
xss body filter
xss body filter
--- post_main_config
http {
}
--- response_body chop
foo(hello);
--- no_error_log
[error]
|
