summaryrefslogtreecommitdiffstats
path: root/src/fluent-bit/lib/monkey/qa/path_traversal03.htt
diff options
context:
space:
mode:
Diffstat (limited to 'src/fluent-bit/lib/monkey/qa/path_traversal03.htt')
-rw-r--r--src/fluent-bit/lib/monkey/qa/path_traversal03.htt27
1 files changed, 27 insertions, 0 deletions
diff --git a/src/fluent-bit/lib/monkey/qa/path_traversal03.htt b/src/fluent-bit/lib/monkey/qa/path_traversal03.htt
new file mode 100644
index 000000000..37e165330
--- /dev/null
+++ b/src/fluent-bit/lib/monkey/qa/path_traversal03.htt
@@ -0,0 +1,27 @@
+################################################################################
+# DESCRIPTION
+# Test against directory traversal (client must not be allowed to "get out" of
+# DocumentRoot.
+#
+# AUTHOR
+# Carlos Ghan <charlie.brown.uy@gmail.com>
+#
+# DATE
+# March 08 2010
+#
+# COMMENTS
+# Mixing dots and %2e
+################################################################################
+
+
+INCLUDE __CONFIG
+
+CLIENT
+_REQ $HOST $PORT
+__GET /%2e%2e/../%2e./.%2e/../%2e%2e/../../%2e./.%2e/etc/motd $HTTPVER
+__Host: $HOST
+__Connection: close
+__
+_EXPECT . "HTTP/1.1 403 Forbidden"
+_WAIT
+END
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-31 08:58:21 +0000