From 1318fe0d783a75e1b9e1f1f5289dea86c329130c Mon Sep 17 00:00:00 2001
From: Jan Pazdziora <jpazdziora@redhat.com>
Date: Sun, 30 Jan 2022 15:35:01 +0100
Subject: Check that password is redacted in the POSTed data even if
 authentication failed.

---
 tests/run.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/run.sh b/tests/run.sh
index a78351a..978ea62 100755
--- a/tests/run.sh
+++ b/tests/run.sh
@@ -26,6 +26,7 @@ curl --data "login=$XNAME&password=myši+& zaj%c3%adci" -si http://localhost/aut
 curl --data "login=$XNAME&password=myši %26%20zaj%c3%adci" -si http://localhost/auth1 | tee /dev/stderr | grep -F -e "REMOTE_USER=[$NAME]" -e "login=$XNAME&password=myši %26%20zaj%c3%adci" | wc -l | grep -q 2
 curl --data 'something=somewhere&password=heslo1&something=else&login=user1' -si http://localhost/auth1 | tee /dev/stderr | grep -F -e 'REMOTE_USER=[user1]' -e 'something=somewhere&password=heslo1&something=else&login=user1' | wc -l | grep -q 2
 curl --data 'login=user1&password=heslo1' -si http://localhost/auth1r | tee /dev/stderr | grep -F -e 'REMOTE_USER=[user1]' -e 'login=user1&password=[REDACTED]' | wc -l | grep -q 2
+curl --data 'password=xheslo&login=user1&something=extra' -si http://localhost/auth1r | tee /dev/stderr | grep -F -e 'REMOTE_USER=[]' -e 'password=[REDACTED]&login=user1&something=extra' | wc -l | grep -q 2
 curl --data 'something=somewhere&password=heslo1&something=else&login=user1' -si http://localhost/auth1r | tee /dev/stderr | grep -F -e 'REMOTE_USER=[user1]' -e 'something=somewhere&password=[REDACTED]&something=else&login=user1' | wc -l | grep -q 2
 
 curl --data 'login=user1&password=heslo1' -si http://localhost/auth1s | tee /dev/stderr | grep -F -e 'REMOTE_USER=[user1]' -e 'login=user1&password=[REDACTED]' | wc -l | grep -q 2
-- 
cgit