use strict;
use warnings FATAL => 'all';

use Apache::Test;
use Apache::TestRequest;
use Apache::TestUtil;

## mod_rewrite tests
##
## extra.conf.in:

my @map = qw(txt rnd prg); #dbm XXX: howto determine dbm support is available?
my @num = qw(1 2 3 4 5 6);
my @url = qw(forbidden gone perm temp);
my @todo;
my $r;

if (!have_min_apache_version('2.4.19')) {
    # PR 50447, server context
    push @todo, 26
}
if (!have_min_apache_version('2.4')) {
    # PR 50447, directory context (r1044673)
    push @todo, 24
}

# Specific tests for PR 58231
my $vary_header_tests = (have_min_apache_version("2.4.30") ? 9 : 0) + (have_min_apache_version("2.4.29") ? 4 : 0);
my $cookie_tests = have_min_apache_version("2.4.47") ? 6 : 0;

plan tests => @map * @num + 16 + $vary_header_tests + $cookie_tests, todo => \@todo, need_module 'rewrite';

foreach (@map) {
    foreach my $n (@num) {
        ## throw $_ into upper case just so we can test out internal
        ## 'tolower' map in mod_rewrite
        $_=uc($_);

        $r = GET_BODY("/modules/rewrite/$n", 'Accept' => $_);
        chomp $r;
	$r =~ s/\r//g;

        if ($_ eq 'RND') {
            ## check that $r is just a single digit.
            unless ($r =~ /^[\d]$/) {
                ok 0;
                next;
            }

            ok ($r =~ /^[$r-6]$/);
        } else {
            ok ($r eq $n);
        }
    }
}

$r = GET_BODY("/modules/rewrite/", 'Accept' => 7);
chomp $r;
$r =~ s/\r//g;
ok ($r eq "BIG");
$r = GET_BODY("/modules/rewrite/", 'Accept' => 0);
chomp $r;
$r =~ s/\r//g;
ok ($r eq "ZERO");
$r = GET_BODY("/modules/rewrite/", 'Accept' => 'lucky13');
chomp $r;
$r =~ s/\r//g;
ok ($r eq "JACKPOT");

$r = GET_BODY("/modules/rewrite/qsa.html?baz=bee");
chomp $r;
ok t_cmp($r, qr/\nQUERY_STRING = foo=bar\&baz=bee\n/s, "query-string append test");

# PR 50447 (double URL-escaping of the query string)
my $hostport = Apache::TestRequest::hostport();

$r = GET("/modules/rewrite/redirect-dir.html?q=%25", redirect_ok => 0);
ok t_cmp($r->code, 301, "per-dir redirect response code is OK");
ok t_cmp($r->header("Location"), "http://$hostport/foobar.html?q=%25",
         "per-dir query-string escaping is OK");

$r = GET("/modules/rewrite/redirect.html?q=%25", redirect_ok => 0);
ok t_cmp($r->code, 301, "redirect response code is OK");
ok t_cmp($r->header("Location"), "http://$hostport/foobar.html?q=%25",
         "query-string escaping is OK");

if (have_module('mod_proxy')) {
    $r = GET_BODY("/modules/rewrite/proxy.html");
    chomp $r;
    ok t_cmp($r, "JACKPOT", "request was proxied");

    # PR 46428
    $r = GET_BODY("/modules/proxy/rewrite/foo bar.html");
    chomp $r;
    ok t_cmp($r, "foo bar", "per-dir proxied rewrite escaping worked");
} else {
    skip "Skipping rewrite to proxy; no proxy module." foreach (1..2);
}

if (have_module('mod_proxy') && have_cgi) {
    # regression in 1.3.32, see PR 14518
    $r = GET_BODY("/modules/rewrite/proxy2/env.pl?fish=fowl");
    chomp $r;
    ok t_cmp($r, qr/QUERY_STRING = fish=fowl\n/s, "QUERY_STRING passed OK");

    ok t_cmp(GET_RC("/modules/rewrite/proxy3/env.pl?horse=norman"), 404,
             "RewriteCond QUERY_STRING test");
    
    $r = GET_BODY("/modules/rewrite/proxy3/env.pl?horse=trigger");
    chomp $r;
    ok t_cmp($r, qr/QUERY_STRING = horse=trigger\n/s, "QUERY_STRING passed OK");

    $r = GET("/modules/rewrite/proxy-qsa.html?bloo=blar");
    ok t_cmp($r->code, 200, "proxy/QSA test success");
    
    ok t_cmp($r->as_string, qr/QUERY_STRING = foo=bar\&bloo=blar\n/s,
             "proxy/QSA test appended args correctly");
} else {
    skip "Skipping rewrite QUERY_STRING test; missing proxy or CGI module" foreach (1..5);
}

if (have_min_apache_version('2.4')) {
    # See PR 60478 and the corresponding config in extra.conf
    $r = GET("/modules/rewrite/pr60478-rewrite-loop/a/X/b/c");
    ok t_cmp($r->code, 500, "PR 60478 rewrite loop is halted");
} else {
    skip "Skipping PR 60478 test; requires ap_expr in version 2.4"
}

if (have_min_apache_version("2.4.29")) {
    # PR 58231: Vary:Host header (was) mistakenly added to the response
    $r = GET("/modules/rewrite/vary1.html", "Host" => "test1");
    ok t_cmp($r->content, qr/VARY2/, "Correct internal redirect happened, OK");
    ok t_cmp($r->header("Vary"), qr/(?!.*Host.*)/, "Vary:Host header not added, OK");

    $r = GET("/modules/rewrite/vary1.html", "Host" => "test2");
    ok t_cmp($r->content, qr/VARY2/, "Correct internal redirect happened, OK");
    ok t_cmp($r->header("Vary"), qr/(?!.*Host.*)/, "Vary:Host header not added, OK");
}

if (have_min_apache_version("2.4.30")) {
    # PR 58231: Vary header added when a condition evaluates to true and
    # the RewriteRule happens in a directory context.
    $r = GET("/modules/rewrite/vary3.html", "User-Agent" => "directory-agent");
    ok t_cmp($r->content, qr/VARY4/, "Correct internal redirect happened, OK");
    ok t_cmp($r->header("Vary"), qr/User-Agent/, "Vary:User-Agent header added, OK");

    # Corner cases in which two RewriteConds are joined using the [OR]
    # operator (or similar).
    # 1) First RewriteCond condition evaluates to true, so only the related
    #    header value is added to the Vary list even though the second condition
    #    evaluates to true as well.
    $r = GET("/modules/rewrite/vary3.html",
             "Referer" => "directory-referer",
             "Accept" => "directory-accept");
    ok t_cmp($r->content, qr/VARY4/, "Correct internal redirect happened, OK");
    ok t_cmp($r->header("Vary"), qr/Accept/, "Vary:Accept header added, OK");
    # 2) First RewriteCond condition evaluates to false and the second to true,
    #    so only the second condition's header value is added to the Vary list.
    $r = GET("/modules/rewrite/vary3.html",
             "Referer" => "directory-referer",
             "Accept" => "this-is-not-the-value-in-the-rewritecond");
    ok t_cmp($r->content, qr/VARY4/, "Correct internal redirect happened, OK");
    ok t_cmp($r->header("Vary"), qr/Referer/, "Vary:Referer header added, OK");
    ok t_cmp($r->header("Vary"), qr/(?!.*Accept.*)/, "Vary:Accept header not added, OK");

    # Vary:Host header (was) mistakenly added to the response
    $r = GET("/modules/rewrite/vary3.html", "Host" => "directory-domain");
    ok t_cmp($r->content, qr/VARY4/, "Correct internal redirect happened, OK");
    ok t_cmp($r->header("Vary"), qr/(?!.*Host.*)/, "Vary:Host header not added, OK");
}

if (have_min_apache_version("2.4.47")) {
    $r = GET("/modules/rewrite/cookie/");
    ok t_cmp($r->header("Set-Cookie"), qr/(?!.*SameSite=.*)/, "samesite not present with no arg");
    $r = GET("/modules/rewrite/cookie/0");
    ok t_cmp($r->header("Set-Cookie"), qr/(?!.*SameSite=.*)/, "samesite not present with 0");
    $r = GET("/modules/rewrite/cookie/false");
    ok t_cmp($r->header("Set-Cookie"), qr/(?!.*SameSite=.*)/, "samesite not present with false");
    $r = GET("/modules/rewrite/cookie/none");
    ok t_cmp($r->header("Set-Cookie"), qr/SameSite=none/, "samesite=none");
    $r = GET("/modules/rewrite/cookie/lax");
    ok t_cmp($r->header("Set-Cookie"), qr/SameSite=lax/, "samesite=lax");
    $r = GET("/modules/rewrite/cookie/foo");
    ok t_cmp($r->header("Set-Cookie"), qr/SameSite=foo/, "samesite=foo");
}