File: testing_app.t

package info (click to toggle)
libmojolicious-perl 8.12%2Bdfsg-1
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 3,720 kB
  • sloc: perl: 12,099; makefile: 14
file content (76 lines) | stat: -rw-r--r-- 2,779 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
 
use Mojo::Base -strict;

BEGIN {
  $ENV{MOJO_MODE}    = 'testing';
  $ENV{MOJO_REACTOR} = 'Mojo::Reactor::Poll';
}

use Test::Mojo;
use Test::More;

use FindBin;
use lib "$FindBin::Bin/lib";

my $t       = Test::Mojo->new('MojoliciousTest');
my $success = '';
$t->or(sub { $success .= 'one' })->success(1)->or(sub { $success .= 'two' })
  ->success(!1)->or(sub { $success .= shift->app->mode });
is $success, 'onetesting', 'two callbacks have been executed';
ok $t->get_ok('/')->success, 'test was successful';

# SyntaxError::foo in testing mode (syntax error in controller)
$t->get_ok('/syntax_error/foo')->status_is(500)
  ->header_is(Server => 'Mojolicious (Perl)')
  ->content_like(qr/Testing Missing/);

# Foo::syntaxerror in testing mode (syntax error in template)
$t->get_ok('/foo/syntaxerror')->status_is(500)
  ->header_is(Server => 'Mojolicious (Perl)')
  ->content_like(qr/Testing Missing/);

# Static file /hello.txt in testing mode
$t->get_ok('/hello.txt')->status_is(200)
  ->header_is(Server => 'Mojolicious (Perl)')
  ->content_like(qr/Hello Mojo from a static file!/);

# Foo::bar in testing mode (missing action)
$t->get_ok('/foo/baz')->status_is(404)
  ->header_is(Server => 'Mojolicious (Perl)')
  ->content_like(qr/Testing not found/);

# Try to access a file which is not under the web root via path traversal in
# testing mode
$t->get_ok('/../../mojolicious/secret.txt')->status_is(404)
  ->header_is(Server => 'Mojolicious (Perl)')
  ->content_like(qr/Testing not found/);

# Try to access a file which is not under the web root via path traversal in
# testing mode (goes back and forth one directory)
$t->get_ok('/another/../../../mojolicious/secret.txt')->status_is(404)
  ->header_is(Server => 'Mojolicious (Perl)')
  ->content_like(qr/Testing not found/);

# Try to access a file which is not under the web root via path traversal in
# testing mode (triple dot)
$t->get_ok('/.../mojolicious/secret.txt')->status_is(404)
  ->header_is(Server => 'Mojolicious (Perl)')
  ->content_like(qr/Testing not found/);

# Try to access a file which is not under the web root via path traversal in
# testing mode (backslashes)
$t->get_ok('/..\\..\\mojolicious\\secret.txt')->status_is(404)
  ->header_is(Server => 'Mojolicious (Perl)')
  ->content_like(qr/Testing not found/);

# Try to access a file which is not under the web root via path traversal in
# testing mode (escaped backslashes)
$t->get_ok('/..%5C..%5Cmojolicious%5Csecret.txt')->status_is(404)
  ->header_is(Server => 'Mojolicious (Perl)')
  ->content_like(qr/Testing not found/);

# Check that backslashes in query or fragment parts don't block access in
# testing mode
$t->get_ok('/hello.txt?one=\\1#two=\\2')->status_is(200)
  ->content_like(qr/Hello Mojo from a static file!/);

done_testing();