Extract test subs for each site. No change meant.
Amitai Schlair
parent
508457fc05
commit
47fff754c8
702
t/relativity.t
702
t/relativity.t
|
|
@ -14,12 +14,8 @@ use IkiWiki;
|
|||
use Cwd qw(getcwd);
|
||||
use Errno qw(ENOENT);
|
||||
|
||||
my $pwd = getcwd();
|
||||
|
||||
# Black-box (ish) test for relative linking between CGI and static content
|
||||
|
||||
my %bits;
|
||||
|
||||
sub parse_cgi_content {
|
||||
my $content = shift;
|
||||
my %bits;
|
||||
|
|
@ -38,10 +34,6 @@ sub parse_cgi_content {
|
|||
return %bits;
|
||||
}
|
||||
|
||||
ok(! system("make -s ikiwiki.out"));
|
||||
ok(! system("rm -rf t/tmp"));
|
||||
ok(! system("mkdir t/tmp"));
|
||||
|
||||
sub write_old_file {
|
||||
my $name = shift;
|
||||
my $content = shift;
|
||||
|
|
@ -50,15 +42,6 @@ sub write_old_file {
|
|||
ok(utime(333333333, 333333333, "t/tmp/in/$name"));
|
||||
}
|
||||
|
||||
write_old_file("a.mdwn", "A");
|
||||
write_old_file("a/b.mdwn", "B");
|
||||
write_old_file("a/b/c.mdwn",
|
||||
"* A: [[a]]\n".
|
||||
"* B: [[b]]\n".
|
||||
"* E: [[a/d/e]]\n");
|
||||
write_old_file("a/d.mdwn", "D");
|
||||
write_old_file("a/d/e.mdwn", "E");
|
||||
|
||||
sub write_setup_file {
|
||||
my (%args) = @_;
|
||||
my $urlline = defined $args{url} ? "url: $args{url}" : "";
|
||||
|
|
@ -148,370 +131,391 @@ sub run_cgi {
|
|||
return $out;
|
||||
}
|
||||
|
||||
#######################################################################
|
||||
# site 1: a perfectly ordinary ikiwiki
|
||||
sub test_startup {
|
||||
ok(! system("make -s ikiwiki.out"));
|
||||
ok(! system("rm -rf t/tmp"));
|
||||
ok(! system("mkdir t/tmp"));
|
||||
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => "http://example.com/wiki/",
|
||||
cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host so the cgiurl is host-relative
|
||||
check_generated_content(qr{<a[^>]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
%bits = parse_cgi_content(run_cgi());
|
||||
is($bits{basehref}, "http://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# when accessed via HTTPS, links are secure
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1));
|
||||
is($bits{basehref}, "https://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# when accessed via a different hostname, links stay on that host
|
||||
%bits = parse_cgi_content(run_cgi(HTTP_HOST => 'staging.example.net'));
|
||||
is($bits{basehref}, "http://staging.example.net/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:http:)?//staging.example.net)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1));
|
||||
is($bits{basehref}, "http://example.com/wiki/a/b/c/");
|
||||
like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# in html5, the <base> is allowed to be relative, and we take full
|
||||
# advantage of that
|
||||
write_setup_file(
|
||||
html5 => 1,
|
||||
url => "http://example.com/wiki/",
|
||||
cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host so the cgiurl is host-relative
|
||||
check_generated_content(qr{<a[^>]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
%bits = parse_cgi_content(run_cgi());
|
||||
is($bits{basehref}, "/wiki/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
is($bits{tophref}, "/wiki/");
|
||||
is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
|
||||
|
||||
# when accessed via HTTPS, links are secure - this is easy because under
|
||||
# html5 they're independent of the URL at which the CGI was accessed
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1));
|
||||
is($bits{basehref}, "/wiki/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
is($bits{tophref}, "/wiki/");
|
||||
is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
|
||||
|
||||
# when accessed via a different hostname, links stay on that host -
|
||||
# this is really easy in html5 because we can use relative URLs
|
||||
%bits = parse_cgi_content(run_cgi(HTTP_HOST => 'staging.example.net'));
|
||||
is($bits{basehref}, "/wiki/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
is($bits{tophref}, "/wiki/");
|
||||
is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
|
||||
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1));
|
||||
is($bits{basehref}, "/wiki/a/b/c/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
|
||||
|
||||
#######################################################################
|
||||
# site 2: static content and CGI are on different servers
|
||||
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => "http://static.example.com/",
|
||||
cgiurl => "http://cgi.example.com/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are not on the same host so the cgiurl has to be
|
||||
# protocol-relative or absolute
|
||||
check_generated_content(qr{<a[^>]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
%bits = parse_cgi_content(run_cgi(SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
|
||||
like($bits{basehref}, qr{^http://static.example.com/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com)?/style.css$});
|
||||
like($bits{tophref}, qr{^(?:http:)?//static.example.com/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//cgi.example.com)?/ikiwiki.cgi$});
|
||||
|
||||
# when accessed via HTTPS, links are secure
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
|
||||
like($bits{basehref}, qr{^https://static.example.com/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//static.example.com)?/style.css$});
|
||||
like($bits{tophref}, qr{^(?:https:)?//static.example.com/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//cgi.example.com)?/ikiwiki.cgi$});
|
||||
|
||||
# when accessed via a different hostname, links to the CGI (only) should
|
||||
# stay on that host?
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'staging.example.net'));
|
||||
like($bits{basehref}, qr{^http://static.example.com/a/b/c/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/style.css$});
|
||||
like($bits{tophref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//(?:staging\.example\.net|cgi\.example\.com))?/ikiwiki.cgi$});
|
||||
TODO: {
|
||||
local $TODO = "use self-referential CGI URL?";
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/ikiwiki.cgi$});
|
||||
write_old_file("a.mdwn", "A");
|
||||
write_old_file("a/b.mdwn", "B");
|
||||
write_old_file("a/b/c.mdwn",
|
||||
"* A: [[a]]\n".
|
||||
"* B: [[b]]\n".
|
||||
"* E: [[a/d/e]]\n");
|
||||
write_old_file("a/d.mdwn", "D");
|
||||
write_old_file("a/d/e.mdwn", "E");
|
||||
}
|
||||
|
||||
write_setup_file(
|
||||
html5 => 1,
|
||||
url => "http://static.example.com/",
|
||||
cgiurl => "http://cgi.example.com/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are not on the same host so the cgiurl has to be
|
||||
# protocol-relative or absolute
|
||||
check_generated_content(qr{<a[^>]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"});
|
||||
sub test_site1_perfectly_ordinary_ikiwiki {
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => "http://example.com/wiki/",
|
||||
cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host so the cgiurl is host-relative
|
||||
check_generated_content(qr{<a[^>]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
my %bits = parse_cgi_content(run_cgi());
|
||||
is($bits{basehref}, "http://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
%bits = parse_cgi_content(run_cgi(SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
|
||||
is($bits{basehref}, "//static.example.com/");
|
||||
is($bits{stylehref}, "//static.example.com/style.css");
|
||||
is($bits{tophref}, "//static.example.com/");
|
||||
is($bits{cgihref}, "//cgi.example.com/ikiwiki.cgi");
|
||||
# when accessed via HTTPS, links are secure
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1));
|
||||
is($bits{basehref}, "https://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# when accessed via HTTPS, links are secure - in fact they're exactly the
|
||||
# same as when accessed via HTTP
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
|
||||
is($bits{basehref}, "//static.example.com/");
|
||||
is($bits{stylehref}, "//static.example.com/style.css");
|
||||
is($bits{tophref}, "//static.example.com/");
|
||||
is($bits{cgihref}, "//cgi.example.com/ikiwiki.cgi");
|
||||
# when accessed via a different hostname, links stay on that host
|
||||
%bits = parse_cgi_content(run_cgi(HTTP_HOST => 'staging.example.net'));
|
||||
is($bits{basehref}, "http://staging.example.net/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:http:)?//staging.example.net)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# when accessed via a different hostname, links to the CGI (only) should
|
||||
# stay on that host?
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'staging.example.net'));
|
||||
is($bits{basehref}, "//static.example.com/a/b/c/");
|
||||
is($bits{stylehref}, "//static.example.com/style.css");
|
||||
is($bits{tophref}, "../../../");
|
||||
like($bits{cgihref}, qr{//(?:staging\.example\.net|cgi\.example\.com)/ikiwiki\.cgi});
|
||||
TODO: {
|
||||
local $TODO = "use self-referential CGI URL maybe?";
|
||||
is($bits{cgihref}, "//staging.example.net/ikiwiki.cgi");
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1));
|
||||
is($bits{basehref}, "http://example.com/wiki/a/b/c/");
|
||||
like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# in html5, the <base> is allowed to be relative, and we take full
|
||||
# advantage of that
|
||||
write_setup_file(
|
||||
html5 => 1,
|
||||
url => "http://example.com/wiki/",
|
||||
cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host so the cgiurl is host-relative
|
||||
check_generated_content(qr{<a[^>]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
%bits = parse_cgi_content(run_cgi());
|
||||
is($bits{basehref}, "/wiki/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
is($bits{tophref}, "/wiki/");
|
||||
is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
|
||||
|
||||
# when accessed via HTTPS, links are secure - this is easy because under
|
||||
# html5 they're independent of the URL at which the CGI was accessed
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1));
|
||||
is($bits{basehref}, "/wiki/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
is($bits{tophref}, "/wiki/");
|
||||
is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
|
||||
|
||||
# when accessed via a different hostname, links stay on that host -
|
||||
# this is really easy in html5 because we can use relative URLs
|
||||
%bits = parse_cgi_content(run_cgi(HTTP_HOST => 'staging.example.net'));
|
||||
is($bits{basehref}, "/wiki/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
is($bits{tophref}, "/wiki/");
|
||||
is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
|
||||
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1));
|
||||
is($bits{basehref}, "/wiki/a/b/c/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
|
||||
}
|
||||
|
||||
#######################################################################
|
||||
# site 3: we specifically want everything to be secure
|
||||
sub test_site2_static_content_and_cgi_on_different_servers {
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => "http://static.example.com/",
|
||||
cgiurl => "http://cgi.example.com/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are not on the same host so the cgiurl has to be
|
||||
# protocol-relative or absolute
|
||||
check_generated_content(qr{<a[^>]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => "https://example.com/wiki/",
|
||||
cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host so the cgiurl is host-relative
|
||||
check_generated_content(qr{<a[^>]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
my %bits = parse_cgi_content(run_cgi(SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
|
||||
like($bits{basehref}, qr{^http://static.example.com/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com)?/style.css$});
|
||||
like($bits{tophref}, qr{^(?:http:)?//static.example.com/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//cgi.example.com)?/ikiwiki.cgi$});
|
||||
|
||||
# when accessed via HTTPS, links are secure
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1));
|
||||
is($bits{basehref}, "https://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
# when accessed via HTTPS, links are secure
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
|
||||
like($bits{basehref}, qr{^https://static.example.com/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//static.example.com)?/style.css$});
|
||||
like($bits{tophref}, qr{^(?:https:)?//static.example.com/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//cgi.example.com)?/ikiwiki.cgi$});
|
||||
|
||||
# when not accessed via HTTPS, links should still be secure
|
||||
# (but if this happens, that's a sign of web server misconfiguration)
|
||||
%bits = parse_cgi_content(run_cgi());
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
TODO: {
|
||||
local $TODO = "treat https in configured url, cgiurl as required?";
|
||||
is($bits{basehref}, "https://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
}
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
# when accessed via a different hostname, links to the CGI (only) should
|
||||
# stay on that host?
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'staging.example.net'));
|
||||
like($bits{basehref}, qr{^http://static.example.com/a/b/c/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/style.css$});
|
||||
like($bits{tophref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//(?:staging\.example\.net|cgi\.example\.com))?/ikiwiki.cgi$});
|
||||
TODO: {
|
||||
local $TODO = "use self-referential CGI URL?";
|
||||
like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/ikiwiki.cgi$});
|
||||
}
|
||||
|
||||
# when accessed via a different hostname, links stay on that host
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net'));
|
||||
is($bits{basehref}, "https://staging.example.net/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
|
||||
write_setup_file(
|
||||
html5 => 1,
|
||||
url => "http://static.example.com/",
|
||||
cgiurl => "http://cgi.example.com/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are not on the same host so the cgiurl has to be
|
||||
# protocol-relative or absolute
|
||||
check_generated_content(qr{<a[^>]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1));
|
||||
is($bits{basehref}, "https://example.com/wiki/a/b/c/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
%bits = parse_cgi_content(run_cgi(SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
|
||||
is($bits{basehref}, "//static.example.com/");
|
||||
is($bits{stylehref}, "//static.example.com/style.css");
|
||||
is($bits{tophref}, "//static.example.com/");
|
||||
is($bits{cgihref}, "//cgi.example.com/ikiwiki.cgi");
|
||||
|
||||
# not testing html5: 0 here because that ends up identical to site 1
|
||||
# when accessed via HTTPS, links are secure - in fact they're exactly the
|
||||
# same as when accessed via HTTP
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
|
||||
is($bits{basehref}, "//static.example.com/");
|
||||
is($bits{stylehref}, "//static.example.com/style.css");
|
||||
is($bits{tophref}, "//static.example.com/");
|
||||
is($bits{cgihref}, "//cgi.example.com/ikiwiki.cgi");
|
||||
|
||||
#######################################################################
|
||||
# site 4 (NetBSD wiki): CGI is secure, static content doesn't have to be
|
||||
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => "http://example.com/wiki/",
|
||||
cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host but different schemes
|
||||
check_generated_content(qr{<a[^>]+href="https://example.com/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
# when accessed via HTTPS, links are secure (to avoid mixed-content)
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1));
|
||||
is($bits{basehref}, "https://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# when not accessed via HTTPS, ???
|
||||
%bits = parse_cgi_content(run_cgi());
|
||||
like($bits{basehref}, qr{^https?://example.com/wiki/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:https?:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:(?:https?://example.com)?/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# when accessed via a different hostname, links stay on that host
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net'));
|
||||
# because the static and dynamic stuff is on the same server, we assume that
|
||||
# both are also on the staging server
|
||||
like($bits{basehref}, qr{^https://staging.example.net/wiki/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:(?:(?:https:)?//staging.example.net)?/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//(?:staging\.example\.net|example\.com))?/cgi-bin/ikiwiki.cgi$});
|
||||
TODO: {
|
||||
local $TODO = "this should really point back to itself but currently points to example.com";
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
|
||||
# when accessed via a different hostname, links to the CGI (only) should
|
||||
# stay on that host?
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'staging.example.net'));
|
||||
is($bits{basehref}, "//static.example.com/a/b/c/");
|
||||
is($bits{stylehref}, "//static.example.com/style.css");
|
||||
is($bits{tophref}, "../../../");
|
||||
like($bits{cgihref}, qr{//(?:staging\.example\.net|cgi\.example\.com)/ikiwiki\.cgi});
|
||||
TODO: {
|
||||
local $TODO = "use self-referential CGI URL maybe?";
|
||||
is($bits{cgihref}, "//staging.example.net/ikiwiki.cgi");
|
||||
}
|
||||
}
|
||||
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1));
|
||||
is($bits{basehref}, "https://example.com/wiki/a/b/c/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
sub test_site3_we_specifically_want_everything_to_be_secure {
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => "https://example.com/wiki/",
|
||||
cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host so the cgiurl is host-relative
|
||||
check_generated_content(qr{<a[^>]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
write_setup_file(
|
||||
html5 => 1,
|
||||
url => "http://example.com/wiki/",
|
||||
cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host but different schemes
|
||||
check_generated_content(qr{<a[^>]+href="https://example.com/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
# when accessed via HTTPS, links are secure
|
||||
my %bits = parse_cgi_content(run_cgi(is_https => 1));
|
||||
is($bits{basehref}, "https://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# when accessed via HTTPS, links are secure (to avoid mixed-content)
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1));
|
||||
is($bits{basehref}, "/wiki/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
is($bits{tophref}, "/wiki/");
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
# when not accessed via HTTPS, links should still be secure
|
||||
# (but if this happens, that's a sign of web server misconfiguration)
|
||||
%bits = parse_cgi_content(run_cgi());
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
TODO: {
|
||||
local $TODO = "treat https in configured url, cgiurl as required?";
|
||||
is($bits{basehref}, "https://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
}
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# when not accessed via HTTPS, ???
|
||||
%bits = parse_cgi_content(run_cgi());
|
||||
like($bits{basehref}, qr{^(?:https?://example.com)?/wiki/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:https?:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:(?:https?://example.com)?/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
# when accessed via a different hostname, links stay on that host
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net'));
|
||||
is($bits{basehref}, "https://staging.example.net/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# when accessed via a different hostname, links stay on that host
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net'));
|
||||
# because the static and dynamic stuff is on the same server, we assume that
|
||||
# both are also on the staging server
|
||||
is($bits{basehref}, "/wiki/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//(?:example\.com|staging\.example\.net))?/cgi-bin/ikiwiki.cgi$});
|
||||
TODO: {
|
||||
local $TODO = "this should really point back to itself but currently points to example.com";
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1));
|
||||
is($bits{basehref}, "https://example.com/wiki/a/b/c/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# not testing html5: 0 here because that ends up identical to site 1
|
||||
}
|
||||
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1));
|
||||
is($bits{basehref}, "/wiki/a/b/c/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
sub test_site4_cgi_is_secure_static_content_doesnt_have_to_be {
|
||||
# (NetBSD wiki)
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => "http://example.com/wiki/",
|
||||
cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host but different schemes
|
||||
check_generated_content(qr{<a[^>]+href="https://example.com/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
# Deliberately not testing https static content with http cgiurl,
|
||||
# because that makes remarkably little sense.
|
||||
# when accessed via HTTPS, links are secure (to avoid mixed-content)
|
||||
my %bits = parse_cgi_content(run_cgi(is_https => 1));
|
||||
is($bits{basehref}, "https://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
#######################################################################
|
||||
# site 5: w3mmode, as documented in [[w3mmode]]
|
||||
# when not accessed via HTTPS, ???
|
||||
%bits = parse_cgi_content(run_cgi());
|
||||
like($bits{basehref}, qr{^https?://example.com/wiki/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:https?:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:(?:https?://example.com)?/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => undef,
|
||||
cgiurl => "ikiwiki.cgi",
|
||||
w3mmode => 1,
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# FIXME: does /$LIB/ikiwiki-w3m.cgi work under w3m?
|
||||
check_generated_content(qr{<a[^>]+href="(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi\?do=prefs"});
|
||||
# when accessed via a different hostname, links stay on that host
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net'));
|
||||
# because the static and dynamic stuff is on the same server, we assume that
|
||||
# both are also on the staging server
|
||||
like($bits{basehref}, qr{^https://staging.example.net/wiki/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:(?:(?:https:)?//staging.example.net)?/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//(?:staging\.example\.net|example\.com))?/cgi-bin/ikiwiki.cgi$});
|
||||
TODO: {
|
||||
local $TODO = "this should really point back to itself but currently points to example.com";
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
|
||||
}
|
||||
|
||||
%bits = parse_cgi_content(run_cgi(PATH_INFO => '/ikiwiki.cgi', SCRIPT_NAME => '/cgi-bin/ikiwiki-w3m.cgi'));
|
||||
like($bits{tophref}, qr{^(?:\Q$pwd\E/t/tmp/out|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi$});
|
||||
like($bits{basehref}, qr{^(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out|\.)/style.css$});
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1));
|
||||
is($bits{basehref}, "https://example.com/wiki/a/b/c/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
write_setup_file(
|
||||
html5 => 1,
|
||||
url => undef,
|
||||
cgiurl => "ikiwiki.cgi",
|
||||
w3mmode => 1,
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# FIXME: does /$LIB/ikiwiki-w3m.cgi work under w3m?
|
||||
check_generated_content(qr{<a[^>]+href="(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi\?do=prefs"});
|
||||
write_setup_file(
|
||||
html5 => 1,
|
||||
url => "http://example.com/wiki/",
|
||||
cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host but different schemes
|
||||
check_generated_content(qr{<a[^>]+href="https://example.com/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
%bits = parse_cgi_content(run_cgi(PATH_INFO => '/ikiwiki.cgi', SCRIPT_NAME => '/cgi-bin/ikiwiki-w3m.cgi'));
|
||||
like($bits{tophref}, qr{^(?:\Q$pwd\E/t/tmp/out|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi$});
|
||||
like($bits{basehref}, qr{^(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out|\.)/style.css$});
|
||||
# when accessed via HTTPS, links are secure (to avoid mixed-content)
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1));
|
||||
is($bits{basehref}, "/wiki/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
is($bits{tophref}, "/wiki/");
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
#######################################################################
|
||||
# site 6: we're behind a reverse-proxy
|
||||
# when not accessed via HTTPS, ???
|
||||
%bits = parse_cgi_content(run_cgi());
|
||||
like($bits{basehref}, qr{^(?:https?://example.com)?/wiki/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:https?:)?//example.com)?/wiki/style.css$});
|
||||
like($bits{tophref}, qr{^(?:(?:https?://example.com)?/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => "https://example.com/wiki/",
|
||||
cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
|
||||
reverse_proxy => 1,
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host so the cgiurl is host-relative
|
||||
check_generated_content(qr{<a[^>]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
# when accessed via a different hostname, links stay on that host
|
||||
%bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net'));
|
||||
# because the static and dynamic stuff is on the same server, we assume that
|
||||
# both are also on the staging server
|
||||
is($bits{basehref}, "/wiki/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//(?:example\.com|staging\.example\.net))?/cgi-bin/ikiwiki.cgi$});
|
||||
TODO: {
|
||||
local $TODO = "this should really point back to itself but currently points to example.com";
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
|
||||
}
|
||||
|
||||
# because we are behind a reverse-proxy we must assume that
|
||||
# we're being accessed by the configured cgiurl
|
||||
%bits = parse_cgi_content(run_cgi(HTTP_HOST => 'localhost'));
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
is($bits{basehref}, "https://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1));
|
||||
is($bits{basehref}, "/wiki/a/b/c/");
|
||||
is($bits{stylehref}, "/wiki/style.css");
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, HTTP_HOST => 'localhost'));
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
is($bits{basehref}, "https://example.com/wiki/a/b/c/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
# Deliberately not testing https static content with http cgiurl,
|
||||
# because that makes remarkably little sense.
|
||||
}
|
||||
|
||||
# not testing html5: 1 because it would be the same as site 1 -
|
||||
# the reverse_proxy config option is unnecessary under html5
|
||||
sub test_site5_w3mmode {
|
||||
# as documented in [[w3mmode]]
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => undef,
|
||||
cgiurl => "ikiwiki.cgi",
|
||||
w3mmode => 1,
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# FIXME: does /$LIB/ikiwiki-w3m.cgi work under w3m?
|
||||
check_generated_content(qr{<a[^>]+href="(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
done_testing;
|
||||
my %bits = parse_cgi_content(run_cgi(PATH_INFO => '/ikiwiki.cgi', SCRIPT_NAME => '/cgi-bin/ikiwiki-w3m.cgi'));
|
||||
my $pwd = getcwd();
|
||||
like($bits{tophref}, qr{^(?:\Q$pwd\E/t/tmp/out|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi$});
|
||||
like($bits{basehref}, qr{^(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out|\.)/style.css$});
|
||||
|
||||
write_setup_file(
|
||||
html5 => 1,
|
||||
url => undef,
|
||||
cgiurl => "ikiwiki.cgi",
|
||||
w3mmode => 1,
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# FIXME: does /$LIB/ikiwiki-w3m.cgi work under w3m?
|
||||
check_generated_content(qr{<a[^>]+href="(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
%bits = parse_cgi_content(run_cgi(PATH_INFO => '/ikiwiki.cgi', SCRIPT_NAME => '/cgi-bin/ikiwiki-w3m.cgi'));
|
||||
like($bits{tophref}, qr{^(?:\Q$pwd\E/t/tmp/out|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi$});
|
||||
like($bits{basehref}, qr{^(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out/$});
|
||||
like($bits{stylehref}, qr{^(?:(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out|\.)/style.css$});
|
||||
}
|
||||
|
||||
sub test_site6_behind_reverse_proxy {
|
||||
write_setup_file(
|
||||
html5 => 0,
|
||||
url => "https://example.com/wiki/",
|
||||
cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
|
||||
reverse_proxy => 1,
|
||||
);
|
||||
thoroughly_rebuild();
|
||||
check_cgi_mode_bits();
|
||||
# url and cgiurl are on the same host so the cgiurl is host-relative
|
||||
check_generated_content(qr{<a[^>]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
|
||||
|
||||
# because we are behind a reverse-proxy we must assume that
|
||||
# we're being accessed by the configured cgiurl
|
||||
my %bits = parse_cgi_content(run_cgi(HTTP_HOST => 'localhost'));
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
is($bits{basehref}, "https://example.com/wiki/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
|
||||
# previewing a page
|
||||
%bits = parse_cgi_content(run_cgi(is_preview => 1, HTTP_HOST => 'localhost'));
|
||||
like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
|
||||
like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
|
||||
is($bits{basehref}, "https://example.com/wiki/a/b/c/");
|
||||
like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
|
||||
|
||||
# not testing html5: 1 because it would be the same as site 1 -
|
||||
# the reverse_proxy config option is unnecessary under html5
|
||||
}
|
||||
|
||||
test_startup();
|
||||
|
||||
test_site1_perfectly_ordinary_ikiwiki();
|
||||
test_site2_static_content_and_cgi_on_different_servers();
|
||||
test_site3_we_specifically_want_everything_to_be_secure();
|
||||
test_site4_cgi_is_secure_static_content_doesnt_have_to_be();
|
||||
test_site5_w3mmode();
|
||||
test_site6_behind_reverse_proxy();
|
||||
|
||||
done_testing();
|
||||
|
|
|
|||
Loading…
Reference in New Issue