-
-
Notifications
You must be signed in to change notification settings - Fork 6.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
transfer: clear credentials when redirecting to absolute URL
To make sure the user and password for the secondf request is taken from the redirected-to URL. The -u option only sets credentials for the specified URL, not the redirected-to if the redirect is absolute. Add test case 899 to verify. Adjusted test 234. Reported-by: James Lucas Fixes #11410
- Loading branch information
Showing
4 changed files
with
88 additions
and
24 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
<testcase> | ||
<info> | ||
<keywords> | ||
HTTP | ||
HTTP GET | ||
Basic | ||
</keywords> | ||
</info> | ||
|
||
# | ||
# Server-side | ||
<reply> | ||
<data crlf="yes" nocheck="yes"> | ||
HTTP/1.1 302 go go go | ||
Content-Length: 8 | ||
Location: http://user:pass@%HOSTIP:%HTTPPORT/basic-auth/user/%TESTNUMBER0002 | ||
Content-Type: text/html | ||
Funny-head: yesyes | ||
|
||
notreal | ||
</data> | ||
<data2 crlf="yes"> | ||
HTTP/1.1 200 OK | ||
Content-Length: 6 | ||
Content-Type: text/html | ||
Funny-head: yesyes | ||
|
||
final | ||
</data2> | ||
</reply> | ||
|
||
# | ||
# Client-side | ||
<client> | ||
<server> | ||
http | ||
</server> | ||
<name> | ||
URL with credentials redirects to URL with different credentials | ||
</name> | ||
<command> | ||
http://first:secret@%HOSTIP:%HTTPPORT/%TESTNUMBER -L | ||
</command> | ||
</client> | ||
|
||
# | ||
# Verify data after the test has been "shot" | ||
<verify> | ||
<protocol crlf="yes"> | ||
GET /%TESTNUMBER HTTP/1.1 | ||
Host: %HOSTIP:%HTTPPORT | ||
Authorization: Basic Zmlyc3Q6c2VjcmV0 | ||
User-Agent: curl/%VERSION | ||
Accept: */* | ||
|
||
GET /basic-auth/user/%TESTNUMBER0002 HTTP/1.1 | ||
Host: %HOSTIP:%HTTPPORT | ||
Authorization: Basic dXNlcjpwYXNz | ||
User-Agent: curl/%VERSION | ||
Accept: */* | ||
|
||
</protocol> | ||
</verify> | ||
</testcase> |