1# vi:filetype= 2 3use lib 'lib'; 4use Test::Nginx::Socket; 5 6repeat_each(2); 7 8plan tests => repeat_each() * (4 * blocks()); 9 10#no_long_string(); 11log_level 'warn'; 12 13run_tests(); 14 15#no_diff(); 16 17__DATA__ 18 19=== TEST 1: used 20--- config 21 location = /t { 22 echo hello; 23 xss_get on; 24 xss_callback_arg c; 25 } 26--- more_headers 27Accept-Encoding: gzip 28--- request 29 GET /t 30--- stap 31F(ngx_http_xss_header_filter) { 32 println("xss header filter") 33} 34F(ngx_http_xss_body_filter) { 35 println("xss body filter") 36} 37 38--- stap_out 39xss header filter 40xss body filter 41xss body filter 42 43--- response_body 44hello 45--- no_error_log 46[error] 47 48 49 50=== TEST 2: not used 51--- config 52 location = /t { 53 echo hello; 54 } 55--- more_headers 56Accept-Encoding: gzip 57--- request 58 GET /t 59--- stap 60F(ngx_http_xss_header_filter) { 61 println("xss header filter") 62} 63F(ngx_http_xss_body_filter) { 64 println("xss body filter") 65} 66 67--- stap_out 68--- response_body 69hello 70--- no_error_log 71[error] 72 73 74 75=== TEST 3: used (multiple http {} blocks) 76This test case won't run with nginx 1.9.3+ since duplicate http {} blocks 77have been prohibited since then. 78--- SKIP 79--- config 80 location = /t { 81 default_type application/json; 82 xss_callback_arg 'callback'; 83 echo -n hello; 84 xss_get on; 85 } 86--- more_headers 87Accept-Encoding: gzip 88--- request 89 GET /t?callback=foo 90--- stap 91F(ngx_http_xss_header_filter) { 92 println("xss header filter") 93} 94F(ngx_http_xss_body_filter) { 95 println("xss body filter") 96} 97 98--- stap_out 99xss header filter 100xss body filter 101xss body filter 102 103--- post_main_config 104 http { 105 } 106 107--- response_body chop 108foo(hello); 109--- no_error_log 110[error] 111 112