1<testcase> 2# 3# This test is crafted to reproduce oss-fuzz bug 4# https://crbug.com/oss-fuzz/17954 5# 6<info> 7<keywords> 8HTTP 9HTTP GET 10HTTP proxy 11followlocation 12</keywords> 13</info> 14# 15# Server-side 16<reply> 17<data> 18HTTP/1.1 302 OK 19Location: http://example.net/there/it/is/../../tes t case=/%TESTNUMBER0002? yes no 20Date: Tue, 09 Nov 2010 14:49:00 GMT 21Content-Length: 0 22 23</data> 24<data2> 25HTTP/1.1 200 OK 26Location: this should be ignored 27Date: Tue, 09 Nov 2010 14:49:00 GMT 28Content-Length: 5 29 30body 31</data2> 32<datacheck> 33HTTP/1.1 302 OK 34Location: http://example.net/there/it/is/../../tes t case=/%TESTNUMBER0002? yes no 35Date: Tue, 09 Nov 2010 14:49:00 GMT 36Content-Length: 0 37 38HTTP/1.1 200 OK 39Location: this should be ignored 40Date: Tue, 09 Nov 2010 14:49:00 GMT 41Content-Length: 5 42 43body 44</datacheck> 45</reply> 46 47# 48# Client-side 49<client> 50<server> 51http 52</server> 53<name> 54HTTP redirect with dotdots and whitespaces in absolute Location: URL 55</name> 56<command> 57http://example.com/please/../gimme/%TESTNUMBER?foobar#hello -L -x http://%HOSTIP:%HTTPPORT 58</command> 59<features> 60proxy 61</features> 62</client> 63 64# 65# Verify data after the test has been "shot" 66<verify> 67<protocol> 68GET http://example.com/gimme/%TESTNUMBER?foobar HTTP/1.1 69Host: example.com 70User-Agent: curl/%VERSION 71Accept: */* 72Proxy-Connection: Keep-Alive 73 74GET http://example.net/there/tes%20t%20case=/%TESTNUMBER0002?+yes+no HTTP/1.1 75Host: example.net 76User-Agent: curl/%VERSION 77Accept: */* 78Proxy-Connection: Keep-Alive 79 80</protocol> 81</verify> 82</testcase> 83
