-#######################################################################
-# site 1: a perfectly ordinary ikiwiki
-
-write_setup_file(
- html5 => 0,
- url => "http://example.com/wiki/",
- cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi",
-);
-thoroughly_rebuild();
-check_cgi_mode_bits();
-# url and cgiurl are on the same host so the cgiurl is host-relative
-check_generated_content(qr{<a[^>]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
-
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'example.com';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "http://example.com/wiki/");
-like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-# when accessed via HTTPS, links are secure
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'example.com';
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "https://example.com/wiki/");
-like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-# when accessed via a different hostname, links stay on that host
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'staging.example.net';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "http://staging.example.net/wiki/");
-like($bits{stylehref}, qr{^(?:(?:http:)?//staging.example.net)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
-
-# previewing a page
-$in = 'do=edit&page=a/b/c&Preview';
-run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'POST';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{HTTP_HOST} = 'example.com';
- $ENV{CONTENT_LENGTH} = length $in;
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "http://example.com/wiki/a/b/c/");
-like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
-like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-# in html5, the <base> is allowed to be relative, and we take full
-# advantage of that
-write_setup_file(
- html5 => 1,
- url => "http://example.com/wiki/",
- cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi",
-);
-thoroughly_rebuild();
-check_cgi_mode_bits();
-# url and cgiurl are on the same host so the cgiurl is host-relative
-check_generated_content(qr{<a[^>]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
-
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'example.com';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "/wiki/");
-is($bits{stylehref}, "/wiki/style.css");
-is($bits{tophref}, "/wiki/");
-is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
-
-# when accessed via HTTPS, links are secure - this is easy because under
-# html5 they're independent of the URL at which the CGI was accessed
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'example.com';
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "/wiki/");
-is($bits{stylehref}, "/wiki/style.css");
-is($bits{tophref}, "/wiki/");
-is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
-
-# when accessed via a different hostname, links stay on that host -
-# this is really easy in html5 because we can use relative URLs
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'staging.example.net';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "/wiki/");
-is($bits{stylehref}, "/wiki/style.css");
-is($bits{tophref}, "/wiki/");
-is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
-
-# previewing a page
-$in = 'do=edit&page=a/b/c&Preview';
-run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'POST';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{HTTP_HOST} = 'example.com';
- $ENV{CONTENT_LENGTH} = length $in;
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "/wiki/a/b/c/");
-is($bits{stylehref}, "/wiki/style.css");
-like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
-is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
-
-#######################################################################
-# site 2: static content and CGI are on different servers
-
-write_setup_file(
- html5 => 0,
- url => "http://static.example.com/",
- cgiurl => "http://cgi.example.com/ikiwiki.cgi",
-);
-thoroughly_rebuild();
-check_cgi_mode_bits();
-# url and cgiurl are not on the same host so the cgiurl has to be
-# protocol-relative or absolute
-check_generated_content(qr{<a[^>]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"});
-
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'cgi.example.com';
-});
-%bits = parse_cgi_content($content);
-like($bits{basehref}, qr{^http://static.example.com/$});
-like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com)?/style.css$});
-like($bits{tophref}, qr{^(?:http:)?//static.example.com/$});
-like($bits{cgihref}, qr{^(?:(?:http:)?//cgi.example.com)?/ikiwiki.cgi$});
-
-# when accessed via HTTPS, links are secure
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'cgi.example.com';
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-like($bits{basehref}, qr{^https://static.example.com/$});
-like($bits{stylehref}, qr{^(?:(?:https:)?//static.example.com)?/style.css$});
-like($bits{tophref}, qr{^(?:https:)?//static.example.com/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//cgi.example.com)?/ikiwiki.cgi$});
-
-# when accessed via a different hostname, links to the CGI (only) should
-# stay on that host?
-$in = 'do=edit&page=a/b/c&Preview';
-run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'POST';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/ikiwiki.cgi';
- $ENV{HTTP_HOST} = 'staging.example.net';
- $ENV{CONTENT_LENGTH} = length $in;
-});
-%bits = parse_cgi_content($content);
-like($bits{basehref}, qr{^http://static.example.com/a/b/c/$});
-like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/style.css$});
-like($bits{tophref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/$});
-like($bits{cgihref}, qr{^(?:(?:http:)?//(?:staging\.example\.net|cgi\.example\.com))?/ikiwiki.cgi$});
-TODO: {
-local $TODO = "use self-referential CGI URL?";
-like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/ikiwiki.cgi$});