1<testcase> 2<info> 3<keywords> 4HTTP 5cookies 6--resolve 7</keywords> 8</info> 9 10# 11# Server-side 12<reply> 13<data nocheck="yes"> 14HTTP/1.1 301 OK 15Date: Tue, 09 Nov 2010 14:49:00 GMT 16Server: test-server/fake 17Content-Length: 6 18Set-Cookie: SESSIONID=originaltoken; secure 19Set-Cookie: second=originaltoken; secure; path=/a 20Location: http://attack.invalid:%HTTPPORT/a/b/%TESTNUMBER0002 21 22-foo- 23</data> 24 25<data2> 26HTTP/1.1 301 OK 27Date: Tue, 09 Nov 2010 14:49:00 GMT 28Server: test-server/fake 29Content-Length: 6 30Set-Cookie: SESSIONID=hacker; domain=attack.invalid; 31Set-Cookie: second=replacement; path=/a/b 32Location: https://attack.invalid:%HTTPSPORT/a/b/%TESTNUMBER0003 33 34-foo- 35</data2> 36 37<data3> 38HTTP/1.1 200 OK 39Date: Tue, 09 Nov 2010 14:49:00 GMT 40Server: test-server/fake 41Content-Length: 6 42 43-foo- 44</data3> 45</reply> 46 47# 48# Client-side 49<client> 50<server> 51http 52https 53</server> 54<name> 55HTTPS sec-cookie, HTTP redirect, same name cookie, redirect back 56</name> 57<command> 58https://attack.invalid:%HTTPSPORT/a/b/%TESTNUMBER -k -c %LOGDIR/cookie%TESTNUMBER --resolve attack.invalid:%HTTPSPORT:%HOSTIP --resolve attack.invalid:%HTTPPORT:%HOSTIP -L 59</command> 60</client> 61 62# 63# Verify data after the test has been "shot" 64<verify> 65<protocol> 66GET /a/b/%TESTNUMBER HTTP/1.1 67Host: attack.invalid:%HTTPSPORT 68User-Agent: curl/%VERSION 69Accept: */* 70 71GET /a/b/%TESTNUMBER0002 HTTP/1.1 72Host: attack.invalid:%HTTPPORT 73User-Agent: curl/%VERSION 74Accept: */* 75 76GET /a/b/%TESTNUMBER0003 HTTP/1.1 77Host: attack.invalid:%HTTPSPORT 78User-Agent: curl/%VERSION 79Accept: */* 80Cookie: SESSIONID=originaltoken; second=originaltoken 81 82</protocol> 83</verify> 84</testcase> 85