diff options
author | Jan Pazdziora <jpazdziora@redhat.com> | 2022-01-30 15:35:01 +0100 |
---|---|---|
committer | Jan Pazdziora <jpazdziora@redhat.com> | 2022-01-30 15:35:01 +0100 |
commit | 1318fe0d783a75e1b9e1f1f5289dea86c329130c (patch) | |
tree | 7babdd60e63695444e472a31a05abbdba4d7ba45 | |
parent | 9e34613fc3ebaee5d6b11a3be201cfe9ed479c29 (diff) | |
download | mod_intercept_form_submit-1318fe0d783a75e1b9e1f1f5289dea86c329130c.tar.gz mod_intercept_form_submit-1318fe0d783a75e1b9e1f1f5289dea86c329130c.tar.xz mod_intercept_form_submit-1318fe0d783a75e1b9e1f1f5289dea86c329130c.zip |
Check that password is redacted in the POSTed data even if authentication failed.
-rwxr-xr-x | tests/run.sh | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/tests/run.sh b/tests/run.sh index a78351a..978ea62 100755 --- a/tests/run.sh +++ b/tests/run.sh @@ -26,6 +26,7 @@ curl --data "login=$XNAME&password=myši+& zaj%c3%adci" -si http://localhost/aut curl --data "login=$XNAME&password=myši %26%20zaj%c3%adci" -si http://localhost/auth1 | tee /dev/stderr | grep -F -e "REMOTE_USER=[$NAME]" -e "login=$XNAME&password=myši %26%20zaj%c3%adci" | wc -l | grep -q 2 curl --data 'something=somewhere&password=heslo1&something=else&login=user1' -si http://localhost/auth1 | tee /dev/stderr | grep -F -e 'REMOTE_USER=[user1]' -e 'something=somewhere&password=heslo1&something=else&login=user1' | wc -l | grep -q 2 curl --data 'login=user1&password=heslo1' -si http://localhost/auth1r | tee /dev/stderr | grep -F -e 'REMOTE_USER=[user1]' -e 'login=user1&password=[REDACTED]' | wc -l | grep -q 2 +curl --data 'password=xheslo&login=user1&something=extra' -si http://localhost/auth1r | tee /dev/stderr | grep -F -e 'REMOTE_USER=[]' -e 'password=[REDACTED]&login=user1&something=extra' | wc -l | grep -q 2 curl --data 'something=somewhere&password=heslo1&something=else&login=user1' -si http://localhost/auth1r | tee /dev/stderr | grep -F -e 'REMOTE_USER=[user1]' -e 'something=somewhere&password=[REDACTED]&something=else&login=user1' | wc -l | grep -q 2 curl --data 'login=user1&password=heslo1' -si http://localhost/auth1s | tee /dev/stderr | grep -F -e 'REMOTE_USER=[user1]' -e 'login=user1&password=[REDACTED]' | wc -l | grep -q 2 |