debian/perl-framework/t/security/CVE-2011-3368-rewrite.t


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

use strict;
use warnings FATAL => 'all';

use Apache::Test;
use Apache::TestRequest;
use Apache::TestUtil;

plan tests => 3, need 'rewrite';

Apache::TestRequest::module("cve_2011_3368_rewrite");
         
my $sock = Apache::TestRequest::vhost_socket();
ok $sock && $sock->connected;

my $req = "GET @"."localhost/foobar.html HTTP/1.1\r\n".
   "Host: " . Apache::TestRequest::hostport() . "\r\n".
    "\r\n"; 

ok $sock->print($req);

my $line = Apache::TestRequest::getline($sock) || '';

ok t_cmp($line, qr{^HTTP/1\.. 400 Bad Request}, "got 400 error");