зеркало из https://github.com/mono/xsp.git
513773e993
2007-01-08 Sebastien Pouliot <sebastien@ximian.com> * ChangeLog: Track changes in tests. * Makefile: Build/run unit tests. * FileExtensionsTest.cs: Tests that try, by messing with the file extensions, to retrieve the original source code of the web page. * DirectoryTraversalTest.cs: Tests that try, by messing with the path, to retrieve a file outside the webroot. * WebTestHelper.cs: Base class with helper methods for tests. In .: 2007-01-08 Sebastien Pouliot <sebastien@ximian.com> * webroot/*: Web files used for the tests. * NOACCESS: Test file that resides outside the web root directory. * README: Instruction about how to run the tests. svn path=/trunk/xsp/; revision=70662 |
||
|---|---|---|
| .. | ||
| Tests.XSP.Security | ||
| webroot | ||
| ChangeLog | ||
| NOACCESS | ||
| README | ||
README
This directory contains a small test suite to check for any regressions in XSP that could cause security vulnerability. Contributions are welcome! Directory structure for the tests /NOACCESS /webroot/ index.aspx Some tests tries to access index.aspx to retrieve it's source code. Other tests tries to access the file NOACCESS that resides outside the root of the web server. * Tests execution (using the same computer) From a terminal window: cd xsp/unittests/webroot xsp From another terminal window: cd xsp/unittests/Tests.XSP.Security make run-test-local * Tests execution (using different computers) From the server computer (e.g. named "server.test.my"): cd xsp/unittests/webroot xsp --port 80 From the client computer cd xsp/unittests/Tests.XSP.Security XSP_TEST_HOST=server.test.my:80 make run-test