Commit e92a911e authored by Abiola Ibrahim's avatar Abiola Ibrahim

Add more tests.

parent 84845a66
...@@ -141,6 +141,7 @@ func (fh fileHandler) isHidden(name string) bool { ...@@ -141,6 +141,7 @@ func (fh fileHandler) isHidden(name string) bool {
name = strings.TrimSpace(name) name = strings.TrimSpace(name)
for strings.HasSuffix(name, ".") { for strings.HasSuffix(name, ".") {
name = name[:len(name)-1] name = name[:len(name)-1]
name = strings.TrimSpace(name)
} }
} }
// If the file is supposed to be hidden, return a 404 // If the file is supposed to be hidden, return a 404
......
...@@ -112,6 +112,26 @@ func TestServeHTTP(t *testing.T) { ...@@ -112,6 +112,26 @@ func TestServeHTTP(t *testing.T) {
expectedStatus: http.StatusMovedPermanently, expectedStatus: http.StatusMovedPermanently,
expectedBodyContent: movedPermanently, expectedBodyContent: movedPermanently,
}, },
// Test 11 - attempt to bypass hidden file
{
url: "https://foo/dir/hidden.html%20",
expectedStatus: http.StatusNotFound,
},
// Test 12 - attempt to bypass hidden file
{
url: "https://foo/dir/hidden.html.",
expectedStatus: http.StatusNotFound,
},
// Test 13 - attempt to bypass hidden file
{
url: "https://foo/dir/hidden.html.%20",
expectedStatus: http.StatusNotFound,
},
// Test 14 - attempt to bypass hidden file
{
url: "https://foo/dir/hidden.html%20.",
expectedStatus: http.StatusNotFound,
},
} }
for i, test := range tests { for i, test := range tests {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment