Inicio Explorar Ayuda
Iniciar sesión
OWEALs
/
curl
espejo de https://github.com/curl/curl.git
2
0
Fork 0
Archivos Incidencias 8 Wiki
Árbol: 84a6579132
Ramas Etiquetas
curl
/
tests
/
data
/
test442

test442 13 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213 
  1. <testcase>
    2. 

  2. # perl:
    3. 

  3. #
    4. 

  4. # for(1 .. 151) {
    5. 

  5. #    print join("\t",
    6. 

  6. #               "attack.invalid", "TRUE", "/", "FALSE", "0",
    7. 

  7. #               "name$_", "could-be-large-$_")."\n";
    8. 

  8. # }
    9. 

  9. #
    10. 

  10. <info>
    11. 

  11. <keywords>
    12. 

  12. HTTP
    13. 

  13. cookies
    14. 

  14. --resolve
    15. 

  15. </keywords>
    16. 

  16. </info>
    17. 

  17. 

  18. #
    19. 

  19. # Server-side
    20. 

  20. <reply>
    21. 

  21. <data>
    22. 

  22. HTTP/1.1 200 OK
    23. 

  23. Date: Tue, 09 Nov 2010 14:49:00 GMT
    24. 

  24. Server: test-server/fake
    25. 

  25. Content-Length: 6
    26. 

  26. 

  27. -foo-
    28. 

  28. </data>
    29. 

  29. </reply>
    30. 

  30. 

  31. #
    32. 

  32. # Client-side
    33. 

  33. <client>
    34. 

  34. <server>
    35. 

  35. http
    36. 

  36. </server>
    37. 

  37. <name>
    38. 

  38. Send capped huge number of matching cookies
    39. 

  39. </name>
    40. 

  40. <command>
    41. 

  41. http://attack.invalid:%HTTPPORT/a/b/%TESTNUMBER -b %LOGDIR/cookie%TESTNUMBER --resolve attack.invalid:%HTTPPORT:%HOSTIP -L
    42. 

  42. </command>
    43. 

  43. <file name="%LOGDIR/cookie%TESTNUMBER" mode="text">
    44. 

  44. attack.invalid	TRUE	/	FALSE	0	name1	could-be-large-1
    45. 

  45. attack.invalid	TRUE	/	FALSE	0	name2	could-be-large-2
    46. 

  46. attack.invalid	TRUE	/	FALSE	0	name3	could-be-large-3
    47. 

  47. attack.invalid	TRUE	/	FALSE	0	name4	could-be-large-4
    48. 

  48. attack.invalid	TRUE	/	FALSE	0	name5	could-be-large-5
    49. 

  49. attack.invalid	TRUE	/	FALSE	0	name6	could-be-large-6
    50. 

  50. attack.invalid	TRUE	/	FALSE	0	name7	could-be-large-7
    51. 

  51. attack.invalid	TRUE	/	FALSE	0	name8	could-be-large-8
    52. 

  52. attack.invalid	TRUE	/	FALSE	0	name9	could-be-large-9
    53. 

  53. attack.invalid	TRUE	/	FALSE	0	name10	could-be-large-10
    54. 

  54. attack.invalid	TRUE	/	FALSE	0	name11	could-be-large-11
    55. 

  55. attack.invalid	TRUE	/	FALSE	0	name12	could-be-large-12
    56. 

  56. attack.invalid	TRUE	/	FALSE	0	name13	could-be-large-13
    57. 

  57. attack.invalid	TRUE	/	FALSE	0	name14	could-be-large-14
    58. 

  58. attack.invalid	TRUE	/	FALSE	0	name15	could-be-large-15
    59. 

  59. attack.invalid	TRUE	/	FALSE	0	name16	could-be-large-16
    60. 

  60. attack.invalid	TRUE	/	FALSE	0	name17	could-be-large-17
    61. 

  61. attack.invalid	TRUE	/	FALSE	0	name18	could-be-large-18
    62. 

  62. attack.invalid	TRUE	/	FALSE	0	name19	could-be-large-19
    63. 

  63. attack.invalid	TRUE	/	FALSE	0	name20	could-be-large-20
    64. 

  64. attack.invalid	TRUE	/	FALSE	0	name21	could-be-large-21
    65. 

  65. attack.invalid	TRUE	/	FALSE	0	name22	could-be-large-22
    66. 

  66. attack.invalid	TRUE	/	FALSE	0	name23	could-be-large-23
    67. 

  67. attack.invalid	TRUE	/	FALSE	0	name24	could-be-large-24
    68. 

  68. attack.invalid	TRUE	/	FALSE	0	name25	could-be-large-25
    69. 

  69. attack.invalid	TRUE	/	FALSE	0	name26	could-be-large-26
    70. 

  70. attack.invalid	TRUE	/	FALSE	0	name27	could-be-large-27
    71. 

  71. attack.invalid	TRUE	/	FALSE	0	name28	could-be-large-28
    72. 

  72. attack.invalid	TRUE	/	FALSE	0	name29	could-be-large-29
    73. 

  73. attack.invalid	TRUE	/	FALSE	0	name30	could-be-large-30
    74. 

  74. attack.invalid	TRUE	/	FALSE	0	name31	could-be-large-31
    75. 

  75. attack.invalid	TRUE	/	FALSE	0	name32	could-be-large-32
    76. 

  76. attack.invalid	TRUE	/	FALSE	0	name33	could-be-large-33
    77. 

  77. attack.invalid	TRUE	/	FALSE	0	name34	could-be-large-34
    78. 

  78. attack.invalid	TRUE	/	FALSE	0	name35	could-be-large-35
    79. 

  79. attack.invalid	TRUE	/	FALSE	0	name36	could-be-large-36
    80. 

  80. attack.invalid	TRUE	/	FALSE	0	name37	could-be-large-37
    81. 

  81. attack.invalid	TRUE	/	FALSE	0	name38	could-be-large-38
    82. 

  82. attack.invalid	TRUE	/	FALSE	0	name39	could-be-large-39
    83. 

  83. attack.invalid	TRUE	/	FALSE	0	name40	could-be-large-40
    84. 

  84. attack.invalid	TRUE	/	FALSE	0	name41	could-be-large-41
    85. 

  85. attack.invalid	TRUE	/	FALSE	0	name42	could-be-large-42
    86. 

  86. attack.invalid	TRUE	/	FALSE	0	name43	could-be-large-43
    87. 

  87. attack.invalid	TRUE	/	FALSE	0	name44	could-be-large-44
    88. 

  88. attack.invalid	TRUE	/	FALSE	0	name45	could-be-large-45
    89. 

  89. attack.invalid	TRUE	/	FALSE	0	name46	could-be-large-46
    90. 

  90. attack.invalid	TRUE	/	FALSE	0	name47	could-be-large-47
    91. 

  91. attack.invalid	TRUE	/	FALSE	0	name48	could-be-large-48
    92. 

  92. attack.invalid	TRUE	/	FALSE	0	name49	could-be-large-49
    93. 

  93. attack.invalid	TRUE	/	FALSE	0	name50	could-be-large-50
    94. 

  94. attack.invalid	TRUE	/	FALSE	0	name51	could-be-large-51
    95. 

  95. attack.invalid	TRUE	/	FALSE	0	name52	could-be-large-52
    96. 

  96. attack.invalid	TRUE	/	FALSE	0	name53	could-be-large-53
    97. 

  97. attack.invalid	TRUE	/	FALSE	0	name54	could-be-large-54
    98. 

  98. attack.invalid	TRUE	/	FALSE	0	name55	could-be-large-55
    99. 

  99. attack.invalid	TRUE	/	FALSE	0	name56	could-be-large-56
    100. 

  100. attack.invalid	TRUE	/	FALSE	0	name57	could-be-large-57
    101. 

  101. attack.invalid	TRUE	/	FALSE	0	name58	could-be-large-58
    102. 

  102. attack.invalid	TRUE	/	FALSE	0	name59	could-be-large-59
    103. 

  103. attack.invalid	TRUE	/	FALSE	0	name60	could-be-large-60
    104. 

  104. attack.invalid	TRUE	/	FALSE	0	name61	could-be-large-61
    105. 

  105. attack.invalid	TRUE	/	FALSE	0	name62	could-be-large-62
    106. 

  106. attack.invalid	TRUE	/	FALSE	0	name63	could-be-large-63
    107. 

  107. attack.invalid	TRUE	/	FALSE	0	name64	could-be-large-64
    108. 

  108. attack.invalid	TRUE	/	FALSE	0	name65	could-be-large-65
    109. 

  109. attack.invalid	TRUE	/	FALSE	0	name66	could-be-large-66
    110. 

  110. attack.invalid	TRUE	/	FALSE	0	name67	could-be-large-67
    111. 

  111. attack.invalid	TRUE	/	FALSE	0	name68	could-be-large-68
    112. 

  112. attack.invalid	TRUE	/	FALSE	0	name69	could-be-large-69
    113. 

  113. attack.invalid	TRUE	/	FALSE	0	name70	could-be-large-70
    114. 

  114. attack.invalid	TRUE	/	FALSE	0	name71	could-be-large-71
    115. 

  115. attack.invalid	TRUE	/	FALSE	0	name72	could-be-large-72
    116. 

  116. attack.invalid	TRUE	/	FALSE	0	name73	could-be-large-73
    117. 

  117. attack.invalid	TRUE	/	FALSE	0	name74	could-be-large-74
    118. 

  118. attack.invalid	TRUE	/	FALSE	0	name75	could-be-large-75
    119. 

  119. attack.invalid	TRUE	/	FALSE	0	name76	could-be-large-76
    120. 

  120. attack.invalid	TRUE	/	FALSE	0	name77	could-be-large-77
    121. 

  121. attack.invalid	TRUE	/	FALSE	0	name78	could-be-large-78
    122. 

  122. attack.invalid	TRUE	/	FALSE	0	name79	could-be-large-79
    123. 

  123. attack.invalid	TRUE	/	FALSE	0	name80	could-be-large-80
    124. 

  124. attack.invalid	TRUE	/	FALSE	0	name81	could-be-large-81
    125. 

  125. attack.invalid	TRUE	/	FALSE	0	name82	could-be-large-82
    126. 

  126. attack.invalid	TRUE	/	FALSE	0	name83	could-be-large-83
    127. 

  127. attack.invalid	TRUE	/	FALSE	0	name84	could-be-large-84
    128. 

  128. attack.invalid	TRUE	/	FALSE	0	name85	could-be-large-85
    129. 

  129. attack.invalid	TRUE	/	FALSE	0	name86	could-be-large-86
    130. 

  130. attack.invalid	TRUE	/	FALSE	0	name87	could-be-large-87
    131. 

  131. attack.invalid	TRUE	/	FALSE	0	name88	could-be-large-88
    132. 

  132. attack.invalid	TRUE	/	FALSE	0	name89	could-be-large-89
    133. 

  133. attack.invalid	TRUE	/	FALSE	0	name90	could-be-large-90
    134. 

  134. attack.invalid	TRUE	/	FALSE	0	name91	could-be-large-91
    135. 

  135. attack.invalid	TRUE	/	FALSE	0	name92	could-be-large-92
    136. 

  136. attack.invalid	TRUE	/	FALSE	0	name93	could-be-large-93
    137. 

  137. attack.invalid	TRUE	/	FALSE	0	name94	could-be-large-94
    138. 

  138. attack.invalid	TRUE	/	FALSE	0	name95	could-be-large-95
    139. 

  139. attack.invalid	TRUE	/	FALSE	0	name96	could-be-large-96
    140. 

  140. attack.invalid	TRUE	/	FALSE	0	name97	could-be-large-97
    141. 

  141. attack.invalid	TRUE	/	FALSE	0	name98	could-be-large-98
    142. 

  142. attack.invalid	TRUE	/	FALSE	0	name99	could-be-large-99
    143. 

  143. attack.invalid	TRUE	/	FALSE	0	name100	could-be-large-100
    144. 

  144. attack.invalid	TRUE	/	FALSE	0	name101	could-be-large-101
    145. 

  145. attack.invalid	TRUE	/	FALSE	0	name102	could-be-large-102
    146. 

  146. attack.invalid	TRUE	/	FALSE	0	name103	could-be-large-103
    147. 

  147. attack.invalid	TRUE	/	FALSE	0	name104	could-be-large-104
    148. 

  148. attack.invalid	TRUE	/	FALSE	0	name105	could-be-large-105
    149. 

  149. attack.invalid	TRUE	/	FALSE	0	name106	could-be-large-106
    150. 

  150. attack.invalid	TRUE	/	FALSE	0	name107	could-be-large-107
    151. 

  151. attack.invalid	TRUE	/	FALSE	0	name108	could-be-large-108
    152. 

  152. attack.invalid	TRUE	/	FALSE	0	name109	could-be-large-109
    153. 

  153. attack.invalid	TRUE	/	FALSE	0	name110	could-be-large-110
    154. 

  154. attack.invalid	TRUE	/	FALSE	0	name111	could-be-large-111
    155. 

  155. attack.invalid	TRUE	/	FALSE	0	name112	could-be-large-112
    156. 

  156. attack.invalid	TRUE	/	FALSE	0	name113	could-be-large-113
    157. 

  157. attack.invalid	TRUE	/	FALSE	0	name114	could-be-large-114
    158. 

  158. attack.invalid	TRUE	/	FALSE	0	name115	could-be-large-115
    159. 

  159. attack.invalid	TRUE	/	FALSE	0	name116	could-be-large-116
    160. 

  160. attack.invalid	TRUE	/	FALSE	0	name117	could-be-large-117
    161. 

  161. attack.invalid	TRUE	/	FALSE	0	name118	could-be-large-118
    162. 

  162. attack.invalid	TRUE	/	FALSE	0	name119	could-be-large-119
    163. 

  163. attack.invalid	TRUE	/	FALSE	0	name120	could-be-large-120
    164. 

  164. attack.invalid	TRUE	/	FALSE	0	name121	could-be-large-121
    165. 

  165. attack.invalid	TRUE	/	FALSE	0	name122	could-be-large-122
    166. 

  166. attack.invalid	TRUE	/	FALSE	0	name123	could-be-large-123
    167. 

  167. attack.invalid	TRUE	/	FALSE	0	name124	could-be-large-124
    168. 

  168. attack.invalid	TRUE	/	FALSE	0	name125	could-be-large-125
    169. 

  169. attack.invalid	TRUE	/	FALSE	0	name126	could-be-large-126
    170. 

  170. attack.invalid	TRUE	/	FALSE	0	name127	could-be-large-127
    171. 

  171. attack.invalid	TRUE	/	FALSE	0	name128	could-be-large-128
    172. 

  172. attack.invalid	TRUE	/	FALSE	0	name129	could-be-large-129
    173. 

  173. attack.invalid	TRUE	/	FALSE	0	name130	could-be-large-130
    174. 

  174. attack.invalid	TRUE	/	FALSE	0	name131	could-be-large-131
    175. 

  175. attack.invalid	TRUE	/	FALSE	0	name132	could-be-large-132
    176. 

  176. attack.invalid	TRUE	/	FALSE	0	name133	could-be-large-133
    177. 

  177. attack.invalid	TRUE	/	FALSE	0	name134	could-be-large-134
    178. 

  178. attack.invalid	TRUE	/	FALSE	0	name135	could-be-large-135
    179. 

  179. attack.invalid	TRUE	/	FALSE	0	name136	could-be-large-136
    180. 

  180. attack.invalid	TRUE	/	FALSE	0	name137	could-be-large-137
    181. 

  181. attack.invalid	TRUE	/	FALSE	0	name138	could-be-large-138
    182. 

  182. attack.invalid	TRUE	/	FALSE	0	name139	could-be-large-139
    183. 

  183. attack.invalid	TRUE	/	FALSE	0	name140	could-be-large-140
    184. 

  184. attack.invalid	TRUE	/	FALSE	0	name141	could-be-large-141
    185. 

  185. attack.invalid	TRUE	/	FALSE	0	name142	could-be-large-142
    186. 

  186. attack.invalid	TRUE	/	FALSE	0	name143	could-be-large-143
    187. 

  187. attack.invalid	TRUE	/	FALSE	0	name144	could-be-large-144
    188. 

  188. attack.invalid	TRUE	/	FALSE	0	name145	could-be-large-145
    189. 

  189. attack.invalid	TRUE	/	FALSE	0	name146	could-be-large-146
    190. 

  190. attack.invalid	TRUE	/	FALSE	0	name147	could-be-large-147
    191. 

  191. attack.invalid	TRUE	/	FALSE	0	name148	could-be-large-148
    192. 

  192. attack.invalid	TRUE	/	FALSE	0	name149	could-be-large-149
    193. 

  193. attack.invalid	TRUE	/	FALSE	0	name150	could-be-large-150
    194. 

  194. attack.invalid	TRUE	/	FALSE	0	name151	could-be-large-151
    195. 

  195. </file>
    196. 

  196. <features>
    197. 

  197. cookies
    198. 

  198. </features>
    199. 

  199. </client>
    200. 

  200. 

  201. #
    202. 

  202. # Verify data after the test has been "shot"
    203. 

  203. <verify>
    204. 

  204. <protocol>
    205. 

  205. GET /a/b/%TESTNUMBER HTTP/1.1
    206. 

  206. Host: attack.invalid:%HTTPPORT
    207. 

  207. User-Agent: curl/%VERSION
    208. 

  208. Accept: */*
    209. 

  209. Cookie: name150=could-be-large-150; name149=could-be-large-149; name148=could-be-large-148; name147=could-be-large-147; name146=could-be-large-146; name145=could-be-large-145; name144=could-be-large-144; name143=could-be-large-143; name142=could-be-large-142; name141=could-be-large-141; name140=could-be-large-140; name139=could-be-large-139; name138=could-be-large-138; name137=could-be-large-137; name136=could-be-large-136; name135=could-be-large-135; name134=could-be-large-134; name133=could-be-large-133; name132=could-be-large-132; name131=could-be-large-131; name130=could-be-large-130; name129=could-be-large-129; name128=could-be-large-128; name127=could-be-large-127; name126=could-be-large-126; name125=could-be-large-125; name124=could-be-large-124; name123=could-be-large-123; name122=could-be-large-122; name121=could-be-large-121; name120=could-be-large-120; name119=could-be-large-119; name118=could-be-large-118; name117=could-be-large-117; name116=could-be-large-116; name115=could-be-large-115; name114=could-be-large-114; name113=could-be-large-113; name112=could-be-large-112; name111=could-be-large-111; name110=could-be-large-110; name109=could-be-large-109; name108=could-be-large-108; name107=could-be-large-107; name106=could-be-large-106; name105=could-be-large-105; name104=could-be-large-104; name103=could-be-large-103; name102=could-be-large-102; name101=could-be-large-101; name100=could-be-large-100; name99=could-be-large-99; name98=could-be-large-98; name97=could-be-large-97; name96=could-be-large-96; name95=could-be-large-95; name94=could-be-large-94; name93=could-be-large-93; name92=could-be-large-92; name91=could-be-large-91; name90=could-be-large-90; name89=could-be-large-89; name88=could-be-large-88; name87=could-be-large-87; name86=could-be-large-86; name85=could-be-large-85; name84=could-be-large-84; name83=could-be-large-83; name82=could-be-large-82; name81=could-be-large-81; name80=could-be-large-80; name79=could-be-large-79; name78=could-be-large-78; name77=could-be-large-77; name76=could-be-large-76; name75=could-be-large-75; name74=could-be-large-74; name73=could-be-large-73; name72=could-be-large-72; name71=could-be-large-71; name70=could-be-large-70; name69=could-be-large-69; name68=could-be-large-68; name67=could-be-large-67; name66=could-be-large-66; name65=could-be-large-65; name64=could-be-large-64; name63=could-be-large-63; name62=could-be-large-62; name61=could-be-large-61; name60=could-be-large-60; name59=could-be-large-59; name58=could-be-large-58; name57=could-be-large-57; name56=could-be-large-56; name55=could-be-large-55; name54=could-be-large-54; name53=could-be-large-53; name52=could-be-large-52; name51=could-be-large-51; name50=could-be-large-50; name49=could-be-large-49; name48=could-be-large-48; name47=could-be-large-47; name46=could-be-large-46; name45=could-be-large-45; name44=could-be-large-44; name43=could-be-large-43; name42=could-be-large-42; name41=could-be-large-41; name40=could-be-large-40; name39=could-be-large-39; name38=could-be-large-38; name37=could-be-large-37; name36=could-be-large-36; name35=could-be-large-35; name34=could-be-large-34; name33=could-be-large-33; name32=could-be-large-32; name31=could-be-large-31; name30=could-be-large-30; name29=could-be-large-29; name28=could-be-large-28; name27=could-be-large-27; name26=could-be-large-26; name25=could-be-large-25; name24=could-be-large-24; name23=could-be-large-23; name22=could-be-large-22; name21=could-be-large-21; name20=could-be-large-20; name19=could-be-large-19; name18=could-be-large-18; name17=could-be-large-17; name16=could-be-large-16; name15=could-be-large-15; name14=could-be-large-14; name13=could-be-large-13; name12=could-be-large-12; name11=could-be-large-11; name10=could-be-large-10; name9=could-be-large-9; name8=could-be-large-8; name7=could-be-large-7; name6=could-be-large-6; name5=could-be-large-5; name4=could-be-large-4; name3=could-be-large-3; name2=could-be-large-2; name1=could-be-large-1
    210. 

  210. 

  211. </protocol>
    212. 

  212. </verify>
    213. 

  213. </testcase>
    214.