1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
<?xml version="1.0" encoding="US-ASCII"?>
<testcase>
# perl:
#for(1 .. 20) {
# print join("\t",
# "attack.invalid", "TRUE", "/", "FALSE", "0",
# "huge-$_", ('a' x 500)."-$_")."\n";
#}
<info>
<keywords>
HTTP
cookies
--resolve
</keywords>
</info>
# Server-side
<reply>
<data>
HTTP/1.1 200 OK
Date: Tue, 09 Nov 2010 14:49:00 GMT
Server: test-server/fake
Content-Length: 6
-foo-
</data>
</reply>
# Client-side
<client>
<server>
http
</server>
<name>
Cookie header in request no longer than 8K
</name>
<command>
http://attack.invalid:%HTTPPORT/a/b/%TESTNUMBER -b %LOGDIR/cookie%TESTNUMBER --resolve attack.invalid:%HTTPPORT:%HOSTIP -L
</command>
<file name="%LOGDIR/cookie%TESTNUMBER" mode="text">
attack.invalid TRUE / FALSE 0 huge-1 %repeat[500 x a]%-1
attack.invalid TRUE / FALSE 0 huge-2 %repeat[500 x a]%-2
attack.invalid TRUE / FALSE 0 huge-3 %repeat[500 x a]%-3
attack.invalid TRUE / FALSE 0 huge-4 %repeat[500 x a]%-4
attack.invalid TRUE / FALSE 0 huge-5 %repeat[500 x a]%-5
attack.invalid TRUE / FALSE 0 huge-6 %repeat[500 x a]%-6
attack.invalid TRUE / FALSE 0 huge-7 %repeat[500 x a]%-7
attack.invalid TRUE / FALSE 0 huge-8 %repeat[500 x a]%-8
attack.invalid TRUE / FALSE 0 huge-9 %repeat[500 x a]%-9
attack.invalid TRUE / FALSE 0 huge-10 %repeat[500 x a]%-10
attack.invalid TRUE / FALSE 0 huge-11 %repeat[500 x a]%-11
attack.invalid TRUE / FALSE 0 huge-12 %repeat[500 x a]%-12
attack.invalid TRUE / FALSE 0 huge-13 %repeat[500 x a]%-13
attack.invalid TRUE / FALSE 0 huge-14 %repeat[500 x a]%-14
attack.invalid TRUE / FALSE 0 huge-15 %repeat[500 x a]%-15
attack.invalid TRUE / FALSE 0 huge-16 %repeat[500 x a]%-16
attack.invalid TRUE / FALSE 0 huge-17 %repeat[500 x a]%-17
attack.invalid TRUE / FALSE 0 huge-18 %repeat[500 x a]%-18
attack.invalid TRUE / FALSE 0 huge-19 %repeat[500 x a]%-19
attack.invalid TRUE / FALSE 0 huge-20 %repeat[500 x a]%-20
</file>
<features>
cookies
</features>
</client>
# Verify data after the test has been "shot"
<verify>
<protocol crlf="headers">
GET /a/b/%TESTNUMBER HTTP/1.1
Host: attack.invalid:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*
Cookie: huge-20=%repeat[500 x a]%-20; huge-19=%repeat[500 x a]%-19; huge-18=%repeat[500 x a]%-18; huge-17=%repeat[500 x a]%-17; huge-16=%repeat[500 x a]%-16; huge-15=%repeat[500 x a]%-15; huge-14=%repeat[500 x a]%-14; huge-13=%repeat[500 x a]%-13; huge-12=%repeat[500 x a]%-12; huge-11=%repeat[500 x a]%-11; huge-10=%repeat[500 x a]%-10; huge-9=%repeat[500 x a]%-9; huge-8=%repeat[500 x a]%-8; huge-7=%repeat[500 x a]%-7; huge-6=%repeat[500 x a]%-6
</protocol>
</verify>
</testcase>
|
