1# vi:filetype= 2 3use lib 'lib'; 4use Test::Nginx::Socket; 5 6repeat_each(2); 7 8plan tests => repeat_each() * (2 * blocks() + 6); 9 10#$Test::Nginx::LWP::LogLevel = 'debug'; 11 12run_tests(); 13 14__DATA__ 15 16=== TEST 1: sanity 17--- config 18 location /echo { 19 echo hello; 20 } 21--- request 22 GET /echo 23--- response_body 24hello 25 26 27 28=== TEST 2: multiple args 29--- config 30 location /echo { 31 echo say hello world; 32 } 33--- request 34 GET /echo 35--- response_body 36say hello world 37 38 39 40=== TEST 3: multiple directive instances 41--- config 42 location /echo { 43 echo say that; 44 echo hello; 45 echo world !; 46 } 47--- request 48 GET /echo 49--- response_body 50say that 51hello 52world ! 53 54 55 56=== TEST 4: echo without arguments 57--- config 58 location /echo { 59 echo; 60 echo; 61 } 62--- request 63 GET /echo 64--- response_body eval 65"\n\n" 66 67 68 69=== TEST 5: escaped newline 70--- config 71 location /echo { 72 echo "hello\nworld"; 73 } 74--- request 75 GET /echo 76--- response_body 77hello 78world 79 80 81 82=== TEST 6: escaped tabs and \r and " wihtin "..." 83--- config 84 location /echo { 85 echo "i say \"hello\tworld\"\r"; 86 } 87--- request 88 GET /echo 89--- response_body eval: "i say \"hello\tworld\"\r\n" 90 91 92 93=== TEST 7: escaped tabs and \r and " in single quotes 94--- config 95 location /echo { 96 echo 'i say \"hello\tworld\"\r'; 97 } 98--- request 99 GET /echo 100--- response_body eval: "i say \"hello\tworld\"\r\n" 101 102 103 104=== TEST 8: escaped tabs and \r and " w/o any quotes 105--- config 106 location /echo { 107 echo i say \"hello\tworld\"\r; 108 } 109--- request 110 GET /echo 111--- response_body eval: "i say \"hello\tworld\"\r\n" 112 113 114 115=== TEST 9: escaping $ 116As of Nginx 0.8.20, there's still no way to escape the '$' character. 117--- config 118 location /echo { 119 echo \$; 120 } 121--- request 122 GET /echo 123--- response_body 124$ 125--- SKIP 126 127 128 129=== TEST 10: XSS 130--- config 131 location /blah { 132 echo_duplicate 1 "$arg_callback("; 133 echo_location_async "/data?$uri"; 134 echo_duplicate 1 ")"; 135 } 136 location /data { 137 echo_duplicate 1 '{"dog":"$query_string"}'; 138 } 139--- request 140 GET /blah/9999999.json?callback=ding1111111 141--- response_body chomp 142ding1111111({"dog":"/blah/9999999.json"}) 143 144 145 146=== TEST 11: XSS - filter version 147--- config 148 location /blah { 149 echo_before_body "$arg_callback("; 150 151 echo_duplicate 1 '{"dog":"$uri"}'; 152 153 echo_after_body ")"; 154 } 155--- request 156 GET /blah/9999999.json?callback=ding1111111 157--- response_body 158ding1111111( 159{"dog":"/blah/9999999.json"}) 160 161 162 163=== TEST 12: if 164--- config 165location /first { 166 echo "before"; 167 echo_location_async /second $request_uri; 168 echo "after"; 169} 170 171location = /second { 172 if ($query_string ~ '([^?]+)') { 173 set $memcached_key $1; # needing this to be keyed on the request_path, not the entire uri 174 echo $memcached_key; 175 } 176} 177--- request 178 GET /first/9999999.json?callback=ding1111111 179--- response_body 180before 181/first/9999999.json 182after 183 184 185 186=== TEST 13: echo -n 187--- config 188 location /echo { 189 echo -n hello; 190 echo -n world; 191 } 192--- request 193 GET /echo 194--- response_body chop 195helloworld 196 197 198 199=== TEST 14: echo a -n 200--- config 201 location /echo { 202 echo a -n hello; 203 echo b -n world; 204 } 205--- request 206 GET /echo 207--- response_body 208a -n hello 209b -n world 210 211 212 213=== TEST 15: -n in a var 214--- config 215 location /echo { 216 set $opt -n; 217 echo $opt hello; 218 echo $opt world; 219 } 220--- request 221 GET /echo 222--- response_body 223-n hello 224-n world 225 226 227 228=== TEST 16: -n only 229--- config 230 location /echo { 231 echo -n; 232 echo -n; 233 } 234--- request 235 GET /echo 236--- response_body chop 237 238 239 240=== TEST 17: -n with an empty string 241--- config 242 location /echo { 243 echo -n ""; 244 set $empty ""; 245 echo -n $empty; 246 } 247--- request 248 GET /echo 249--- response_body chop 250 251 252 253=== TEST 18: -- -n 254--- config 255 location /echo { 256 echo -- -n hello; 257 echo -- -n world; 258 } 259--- request 260 GET /echo 261--- response_body 262-n hello 263-n world 264 265 266 267=== TEST 19: -n -n 268--- config 269 location /echo { 270 echo -n -n hello; 271 echo -n -n world; 272 } 273--- request 274 GET /echo 275--- response_body chop 276helloworld 277 278 279 280=== TEST 20: -n -- -n 281--- config 282 location /echo { 283 echo -n -- -n hello; 284 echo -n -- -n world; 285 } 286--- request 287 GET /echo 288--- response_body chop 289-n hello-n world 290 291 292 293=== TEST 21: proxy 294--- config 295 location /main { 296 proxy_pass http://127.0.0.1:$server_port/echo; 297 } 298 location /echo { 299 echo hello; 300 echo world; 301 } 302--- request 303 GET /main 304--- response_headers 305!Content-Length 306--- response_body 307hello 308world 309 310 311 312=== TEST 22: if is evil 313--- config 314 location /test { 315 set $a 3; 316 set_by_lua $a ' 317 if ngx.var.a == "3" then 318 return 4 319 end 320 '; 321 echo $a; 322 } 323--- request 324 GET /test 325--- response_body 3264 327--- SKIP 328 329 330 331=== TEST 23: HEAD 332--- config 333 location /echo { 334 echo hello; 335 echo world; 336 } 337--- request 338 HEAD /echo 339--- response_body 340 341 342 343=== TEST 24: POST 344--- config 345 location /echo { 346 echo hello; 347 echo world; 348 } 349--- pipelined_requests eval 350["POST /echo 351blah blah", "POST /echo 352foo bar baz"] 353--- response_body eval 354["hello\nworld\n","hello\nworld\n"] 355 356 357 358=== TEST 25: POST 359--- config 360 location /echo { 361 echo_sleep 0.001; 362 echo hello; 363 echo world; 364 } 365--- pipelined_requests eval 366["POST /echo 367blah blah", "POST /echo 368foo bar baz"] 369--- response_body eval 370["hello\nworld\n","hello\nworld\n"] 371 372 373 374=== TEST 26: empty arg after -n (github issue #33) 375--- config 376 location = /t { 377 set $empty ""; 378 echo -n $empty hello world; 379 } 380--- request 381 GET /t 382--- response_body chop 383 hello world 384 385 386 387=== TEST 27: image filter 388--- config 389 location = /gif { 390 empty_gif; 391 } 392 393 location = /t { 394 default_type image/gif; 395 image_filter resize 10 10; 396 set $gif1 ''; 397 set $gif2 ''; 398 rewrite_by_lua ' 399 local res = ngx.location.capture("/gif") 400 local data = res.body 401 ngx.var.gif1 = string.sub(data, 1, #data - 1) 402 ngx.var.gif2 = string.sub(data, #data) 403 '; 404 echo -n $gif1; 405 echo -n $gif2; 406 } 407--- request 408 GET /t 409--- stap 410F(ngx_http_image_header_filter) { 411 println("image header filter") 412} 413--- stap_out 414image header filter 415--- response_body_like: . 416 417