summaryrefslogtreecommitdiff
path: root/tests/data
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2021-05-10 10:50:43 +0200
committerDaniel Stenberg <daniel@haxx.se>2021-08-10 11:20:21 +0200
commitc495dcd02e885fc3f35164b1c3c5f72fa4b60c46 (patch)
treea6627d788da7304db4dcd20e10180c7f6641a754 /tests/data
parentcfe36679d94f673a05d90ba3cd74da4a7efbac71 (diff)
downloadcurl-c495dcd02e885fc3f35164b1c3c5f72fa4b60c46.tar.gz
http: consider cookies over localhost to be secure
Updated test31. Added test 392 to verify secure cookies used for http://localhost Reviewed-by: Daniel Gustafsson Fixes #6733 Closes #7263
Diffstat (limited to 'tests/data')
-rw-r--r--tests/data/Makefile.inc2
-rw-r--r--tests/data/test31140
-rw-r--r--tests/data/test39261
3 files changed, 132 insertions, 71 deletions
diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc
index 163696962..7e915c0c1 100644
--- a/tests/data/Makefile.inc
+++ b/tests/data/Makefile.inc
@@ -62,7 +62,7 @@ test343 test344 test345 test346 test347 test348 test349 test350 test351 \
test352 test353 test354 test355 test356 test357 test358 test359 test360 \
test361 test362 test363 test364 \
\
-test393 test394 test395 test396 test397 \
+test392 test393 test394 test395 test396 test397 \
\
test400 test401 test402 test403 test404 test405 test406 test407 test408 \
test409 test410 \
diff --git a/tests/data/test31 b/tests/data/test31
index 2ccb03254..ac277264d 100644
--- a/tests/data/test31
+++ b/tests/data/test31
@@ -24,32 +24,32 @@ Content-Type: text/html
Funny-head: yesyes
%if !hyper
Set-Cookie: foobar=name; domain=anything.com; path=/ ; secure
-Set-Cookie:ismatch=this ; domain=127.0.0.1; path=/silly/
-Set-Cookie: overwrite=this ; domain=127.0.0.1; path=/overwrite/
-Set-Cookie: overwrite=this2 ; domain=127.0.0.1; path=/overwrite
-Set-Cookie: sec1value=secure1 ; domain=127.0.0.1; path=/secure1/ ; secure
-Set-Cookie: sec2value=secure2 ; domain=127.0.0.1; path=/secure2/ ; secure=
-Set-Cookie: sec3value=secure3 ; domain=127.0.0.1; path=/secure3/ ; secure=
-Set-Cookie: sec4value=secure4 ; secure=; domain=127.0.0.1; path=/secure4/ ;
-Set-Cookie: sec5value=secure5 ; secure; domain=127.0.0.1; path=/secure5/ ;
-Set-Cookie: sec6value=secure6 ; secure ; domain=127.0.0.1; path=/secure6/ ;
-Set-Cookie: sec7value=secure7 ; secure ; domain=127.0.0.1; path=/secure7/ ;
-Set-Cookie: sec8value=secure8 ; secure= ; domain=127.0.0.1; path=/secure8/ ;
-Set-Cookie: secure=very1 ; secure=; domain=127.0.0.1; path=/secure9/;
-Set-Cookie: httpo1=value1 ; domain=127.0.0.1; path=/p1/; httponly
-Set-Cookie: httpo2=value2 ; domain=127.0.0.1; path=/p2/; httponly=
-Set-Cookie: httpo3=value3 ; httponly; domain=127.0.0.1; path=/p3/;
-Set-Cookie: httpo4=value4 ; httponly=; domain=127.0.0.1; path=/p4/;
-Set-Cookie: httponly=myvalue1 ; domain=127.0.0.1; path=/p4/; httponly
-Set-Cookie: httpandsec=myvalue2 ; domain=127.0.0.1; path=/p4/; httponly; secure
-Set-Cookie: httpandsec2=myvalue3; domain=127.0.0.1; path=/p4/; httponly=; secure
-Set-Cookie: httpandsec3=myvalue4 ; domain=127.0.0.1; path=/p4/; httponly; secure=
-Set-Cookie: httpandsec4=myvalue5 ; domain=127.0.0.1; path=/p4/; httponly=; secure=
-Set-Cookie: httpandsec5=myvalue6 ; domain=127.0.0.1; path=/p4/; secure; httponly=
-Set-Cookie: httpandsec6=myvalue7 ; domain=127.0.0.1; path=/p4/; secure=; httponly=
-Set-Cookie: httpandsec7=myvalue8 ; domain=127.0.0.1; path=/p4/; secure; httponly
-Set-Cookie: httpandsec8=myvalue9; domain=127.0.0.1; path=/p4/; secure=; httponly
-Set-Cookie: partmatch=present; domain=127.0.0.1 ; path=/;
+Set-Cookie:ismatch=this ; domain=test31.curl; path=/silly/
+Set-Cookie: overwrite=this ; domain=test31.curl; path=/overwrite/
+Set-Cookie: overwrite=this2 ; domain=test31.curl; path=/overwrite
+Set-Cookie: sec1value=secure1 ; domain=test31.curl; path=/secure1/ ; secure
+Set-Cookie: sec2value=secure2 ; domain=test31.curl; path=/secure2/ ; secure=
+Set-Cookie: sec3value=secure3 ; domain=test31.curl; path=/secure3/ ; secure=
+Set-Cookie: sec4value=secure4 ; secure=; domain=test31.curl; path=/secure4/ ;
+Set-Cookie: sec5value=secure5 ; secure; domain=test31.curl; path=/secure5/ ;
+Set-Cookie: sec6value=secure6 ; secure ; domain=test31.curl; path=/secure6/ ;
+Set-Cookie: sec7value=secure7 ; secure ; domain=test31.curl; path=/secure7/ ;
+Set-Cookie: sec8value=secure8 ; secure= ; domain=test31.curl; path=/secure8/ ;
+Set-Cookie: secure=very1 ; secure=; domain=test31.curl; path=/secure9/;
+Set-Cookie: httpo1=value1 ; domain=test31.curl; path=/p1/; httponly
+Set-Cookie: httpo2=value2 ; domain=test31.curl; path=/p2/; httponly=
+Set-Cookie: httpo3=value3 ; httponly; domain=test31.curl; path=/p3/;
+Set-Cookie: httpo4=value4 ; httponly=; domain=test31.curl; path=/p4/;
+Set-Cookie: httponly=myvalue1 ; domain=test31.curl; path=/p4/; httponly
+Set-Cookie: httpandsec=myvalue2 ; domain=test31.curl; path=/p4/; httponly; secure
+Set-Cookie: httpandsec2=myvalue3; domain=test31.curl; path=/p4/; httponly=; secure
+Set-Cookie: httpandsec3=myvalue4 ; domain=test31.curl; path=/p4/; httponly; secure=
+Set-Cookie: httpandsec4=myvalue5 ; domain=test31.curl; path=/p4/; httponly=; secure=
+Set-Cookie: httpandsec5=myvalue6 ; domain=test31.curl; path=/p4/; secure; httponly=
+Set-Cookie: httpandsec6=myvalue7 ; domain=test31.curl; path=/p4/; secure=; httponly=
+Set-Cookie: httpandsec7=myvalue8 ; domain=test31.curl; path=/p4/; secure; httponly
+Set-Cookie: httpandsec8=myvalue9; domain=test31.curl; path=/p4/; secure=; httponly
+Set-Cookie: partmatch=present; domain=test31.curl ; path=/;
Set-Cookie:eat=this; domain=moo.foo.moo;
Set-Cookie: eat=this-too; domain=.foo.moo;
Set-Cookie: nodomainnovalue
@@ -58,7 +58,7 @@ Set-Cookie: novalue; domain=reallysilly
Set-Cookie: test=yes; domain=foo.com; expires=Sat Feb 2 11:56:27 GMT 2030
Set-Cookie: test2=yes; domain=se; expires=Sat Feb 2 11:56:27 GMT 2030
Set-Cookie: magic=yessir; path=/silly/; HttpOnly
-Set-Cookie: blexp=yesyes; domain=127.0.0.1; domain=127.0.0.1; expiry=totally bad;
+Set-Cookie: blexp=yesyes; domain=test31.curl; domain=test31.curl; expiry=totally bad;
Set-Cookie: partialip=nono; domain=.0.0.1;
Set-Cookie: withspaces= yes within and around ;
Set-Cookie: withspaces2 =before equals;
@@ -66,32 +66,32 @@ Set-Cookie: prespace= yes before;
Set-Cookie: securewithspace=after ; secure =
%else
Set-Cookie: foobar=name; domain=anything.com; path=/ ; secure
-Set-Cookie: ismatch=this ; domain=127.0.0.1; path=/silly/
-Set-Cookie: overwrite=this ; domain=127.0.0.1; path=/overwrite/
-Set-Cookie: overwrite=this2 ; domain=127.0.0.1; path=/overwrite
-Set-Cookie: sec1value=secure1 ; domain=127.0.0.1; path=/secure1/ ; secure
-Set-Cookie: sec2value=secure2 ; domain=127.0.0.1; path=/secure2/ ; secure=
-Set-Cookie: sec3value=secure3 ; domain=127.0.0.1; path=/secure3/ ; secure=
-Set-Cookie: sec4value=secure4 ; secure=; domain=127.0.0.1; path=/secure4/ ;
-Set-Cookie: sec5value=secure5 ; secure; domain=127.0.0.1; path=/secure5/ ;
-Set-Cookie: sec6value=secure6 ; secure ; domain=127.0.0.1; path=/secure6/ ;
-Set-Cookie: sec7value=secure7 ; secure ; domain=127.0.0.1; path=/secure7/ ;
-Set-Cookie: sec8value=secure8 ; secure= ; domain=127.0.0.1; path=/secure8/ ;
-Set-Cookie: secure=very1 ; secure=; domain=127.0.0.1; path=/secure9/;
-Set-Cookie: httpo1=value1 ; domain=127.0.0.1; path=/p1/; httponly
-Set-Cookie: httpo2=value2 ; domain=127.0.0.1; path=/p2/; httponly=
-Set-Cookie: httpo3=value3 ; httponly; domain=127.0.0.1; path=/p3/;
-Set-Cookie: httpo4=value4 ; httponly=; domain=127.0.0.1; path=/p4/;
-Set-Cookie: httponly=myvalue1 ; domain=127.0.0.1; path=/p4/; httponly
-Set-Cookie: httpandsec=myvalue2 ; domain=127.0.0.1; path=/p4/; httponly; secure
-Set-Cookie: httpandsec2=myvalue3; domain=127.0.0.1; path=/p4/; httponly=; secure
-Set-Cookie: httpandsec3=myvalue4 ; domain=127.0.0.1; path=/p4/; httponly; secure=
-Set-Cookie: httpandsec4=myvalue5 ; domain=127.0.0.1; path=/p4/; httponly=; secure=
-Set-Cookie: httpandsec5=myvalue6 ; domain=127.0.0.1; path=/p4/; secure; httponly=
-Set-Cookie: httpandsec6=myvalue7 ; domain=127.0.0.1; path=/p4/; secure=; httponly=
-Set-Cookie: httpandsec7=myvalue8 ; domain=127.0.0.1; path=/p4/; secure; httponly
-Set-Cookie: httpandsec8=myvalue9; domain=127.0.0.1; path=/p4/; secure=; httponly
-Set-Cookie: partmatch=present; domain=127.0.0.1 ; path=/;
+Set-Cookie: ismatch=this ; domain=test31.curl; path=/silly/
+Set-Cookie: overwrite=this ; domain=test31.curl; path=/overwrite/
+Set-Cookie: overwrite=this2 ; domain=test31.curl; path=/overwrite
+Set-Cookie: sec1value=secure1 ; domain=test31.curl; path=/secure1/ ; secure
+Set-Cookie: sec2value=secure2 ; domain=test31.curl; path=/secure2/ ; secure=
+Set-Cookie: sec3value=secure3 ; domain=test31.curl; path=/secure3/ ; secure=
+Set-Cookie: sec4value=secure4 ; secure=; domain=test31.curl; path=/secure4/ ;
+Set-Cookie: sec5value=secure5 ; secure; domain=test31.curl; path=/secure5/ ;
+Set-Cookie: sec6value=secure6 ; secure ; domain=test31.curl; path=/secure6/ ;
+Set-Cookie: sec7value=secure7 ; secure ; domain=test31.curl; path=/secure7/ ;
+Set-Cookie: sec8value=secure8 ; secure= ; domain=test31.curl; path=/secure8/ ;
+Set-Cookie: secure=very1 ; secure=; domain=test31.curl; path=/secure9/;
+Set-Cookie: httpo1=value1 ; domain=test31.curl; path=/p1/; httponly
+Set-Cookie: httpo2=value2 ; domain=test31.curl; path=/p2/; httponly=
+Set-Cookie: httpo3=value3 ; httponly; domain=test31.curl; path=/p3/;
+Set-Cookie: httpo4=value4 ; httponly=; domain=test31.curl; path=/p4/;
+Set-Cookie: httponly=myvalue1 ; domain=test31.curl; path=/p4/; httponly
+Set-Cookie: httpandsec=myvalue2 ; domain=test31.curl; path=/p4/; httponly; secure
+Set-Cookie: httpandsec2=myvalue3; domain=test31.curl; path=/p4/; httponly=; secure
+Set-Cookie: httpandsec3=myvalue4 ; domain=test31.curl; path=/p4/; httponly; secure=
+Set-Cookie: httpandsec4=myvalue5 ; domain=test31.curl; path=/p4/; httponly=; secure=
+Set-Cookie: httpandsec5=myvalue6 ; domain=test31.curl; path=/p4/; secure; httponly=
+Set-Cookie: httpandsec6=myvalue7 ; domain=test31.curl; path=/p4/; secure=; httponly=
+Set-Cookie: httpandsec7=myvalue8 ; domain=test31.curl; path=/p4/; secure; httponly
+Set-Cookie: httpandsec8=myvalue9; domain=test31.curl; path=/p4/; secure=; httponly
+Set-Cookie: partmatch=present; domain=test31.curl ; path=/;
Set-Cookie: eat=this; domain=moo.foo.moo;
Set-Cookie: eat=this-too; domain=.foo.moo;
Set-Cookie: nodomainnovalue
@@ -100,7 +100,7 @@ Set-Cookie: novalue; domain=reallysilly
Set-Cookie: test=yes; domain=foo.com; expires=Sat Feb 2 11:56:27 GMT 2030
Set-Cookie: test2=yes; domain=se; expires=Sat Feb 2 11:56:27 GMT 2030
Set-Cookie: magic=yessir; path=/silly/; HttpOnly
-Set-Cookie: blexp=yesyes; domain=127.0.0.1; domain=127.0.0.1; expiry=totally bad;
+Set-Cookie: blexp=yesyes; domain=test31.curl; domain=test31.curl; expiry=totally bad;
Set-Cookie: partialip=nono; domain=.0.0.1;
Set-Cookie: withspaces= yes within and around ;
Set-Cookie: withspaces2 =before equals;
@@ -127,7 +127,7 @@ HTTP with weirdly formatted cookies and cookiejar storage
TZ=GMT
</setenv>
<command>
-http://%HOSTIP:%HTTPPORT/we/want/%TESTNUMBER -b none -c log/jar%TESTNUMBER.txt
+http://test31.curl:%HTTPPORT/we/want/%TESTNUMBER -b none -c log/jar%TESTNUMBER.txt --resolve test31.curl:%HTTPPORT:127.0.0.1
</command>
<precheck>
perl -e "print 'Test requires default test server host' if ( '%HOSTIP' ne '127.0.0.1' );"
@@ -138,7 +138,7 @@ perl -e "print 'Test requires default test server host' if ( '%HOSTIP' ne '127.0
<verify>
<protocol>
GET /we/want/%TESTNUMBER HTTP/1.1
-Host: %HOSTIP:%HTTPPORT
+Host: test31.curl:%HTTPPORT
User-Agent: curl/%VERSION
Accept: */*
@@ -148,20 +148,20 @@ Accept: */*
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
-127.0.0.1 FALSE /we/want/ FALSE 0 prespace yes before
-127.0.0.1 FALSE /we/want/ FALSE 0 withspaces2 before equals
-127.0.0.1 FALSE /we/want/ FALSE 0 withspaces yes within and around
-127.0.0.1 FALSE /we/want/ FALSE 0 blexp yesyes
-#HttpOnly_127.0.0.1 FALSE /silly/ FALSE 0 magic yessir
-127.0.0.1 FALSE /we/want/ FALSE 2118138987 nodomain value
-127.0.0.1 FALSE / FALSE 0 partmatch present
-#HttpOnly_127.0.0.1 FALSE /p4/ FALSE 0 httponly myvalue1
-#HttpOnly_127.0.0.1 FALSE /p4/ FALSE 0 httpo4 value4
-#HttpOnly_127.0.0.1 FALSE /p3/ FALSE 0 httpo3 value3
-#HttpOnly_127.0.0.1 FALSE /p2/ FALSE 0 httpo2 value2
-#HttpOnly_127.0.0.1 FALSE /p1/ FALSE 0 httpo1 value1
-127.0.0.1 FALSE /overwrite FALSE 0 overwrite this2
-127.0.0.1 FALSE /silly/ FALSE 0 ismatch this
+test31.curl FALSE /we/want/ FALSE 0 prespace yes before
+test31.curl FALSE /we/want/ FALSE 0 withspaces2 before equals
+test31.curl FALSE /we/want/ FALSE 0 withspaces yes within and around
+.test31.curl TRUE /we/want/ FALSE 0 blexp yesyes
+#HttpOnly_test31.curl FALSE /silly/ FALSE 0 magic yessir
+test31.curl FALSE /we/want/ FALSE 2118138987 nodomain value
+.test31.curl TRUE / FALSE 0 partmatch present
+#HttpOnly_.test31.curl TRUE /p4/ FALSE 0 httponly myvalue1
+#HttpOnly_.test31.curl TRUE /p4/ FALSE 0 httpo4 value4
+#HttpOnly_.test31.curl TRUE /p3/ FALSE 0 httpo3 value3
+#HttpOnly_.test31.curl TRUE /p2/ FALSE 0 httpo2 value2
+#HttpOnly_.test31.curl TRUE /p1/ FALSE 0 httpo1 value1
+.test31.curl TRUE /overwrite FALSE 0 overwrite this2
+.test31.curl TRUE /silly/ FALSE 0 ismatch this
</file>
</verify>
</testcase>
diff --git a/tests/data/test392 b/tests/data/test392
new file mode 100644
index 000000000..24430c131
--- /dev/null
+++ b/tests/data/test392
@@ -0,0 +1,61 @@
+<testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+cookies
+secure
+</keywords>
+</info>
+
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Tue, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 4
+Content-Type: text/html
+Funny-head: yesyes
+Set-Cookie: foobar=name; path=/; secure
+
+boo
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+http
+</server>
+ <name>
+HTTP secure cookies over localhost
+ </name>
+
+<setenv>
+TZ=GMT
+</setenv>
+ <command>
+http://localhost:%HTTPPORT/%TESTNUMBER -b none http://localhost:%HTTPPORT/%TESTNUMBER
+</command>
+<precheck>
+perl -e "print 'Test requires default test server host' if ( '%HOSTIP' ne '127.0.0.1' );"
+</precheck>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+GET /%TESTNUMBER HTTP/1.1
+Host: localhost:%HTTPPORT
+User-Agent: curl/%VERSION
+Accept: */*
+
+GET /%TESTNUMBER HTTP/1.1
+Host: localhost:%HTTPPORT
+User-Agent: curl/%VERSION
+Accept: */*
+Cookie: foobar=name
+
+</protocol>
+</verify>
+</testcase>