X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/7d82570fe09a8f588565873a0da5aaaf95a2d361..aa02f160ccdd844751cc4d637a71107d3d434309:/t/relativity.t diff --git a/t/relativity.t b/t/relativity.t index c3c4fcf1e..0b8b6eb4b 100755 --- a/t/relativity.t +++ b/t/relativity.t @@ -14,14 +14,24 @@ use IkiWiki; use Cwd qw(getcwd); use Errno qw(ENOENT); -my $pwd = getcwd(); - # Black-box (ish) test for relative linking between CGI and static content -my $blob; -my ($content, $in, %bits); +my $installed = $ENV{INSTALLED_TESTS}; + +my @command; +if ($installed) { + @command = qw(ikiwiki); +} +else { + ok(! system("make -s ikiwiki.out")); + @command = ("perl", "-I".getcwd, qw(./ikiwiki.out + --underlaydir=underlays/basewiki + --set underlaydirbase=underlays + --templatedir=templates)); +} sub parse_cgi_content { + my $content = shift; my %bits; if ($content =~ qr{}) { $bits{basehref} = $1; @@ -38,10 +48,6 @@ sub parse_cgi_content { return %bits; } -ok(! system("make -s ikiwiki.out")); -ok(! system("rm -rf t/tmp")); -ok(! system("mkdir t/tmp")); - sub write_old_file { my $name = shift; my $content = shift; @@ -50,15 +56,6 @@ sub write_old_file { ok(utime(333333333, 333333333, "t/tmp/in/$name")); } -write_old_file("a.mdwn", "A"); -write_old_file("a/b.mdwn", "B"); -write_old_file("a/b/c.mdwn", -"* A: [[a]]\n". -"* B: [[b]]\n". -"* E: [[a/d/e]]\n"); -write_old_file("a/d.mdwn", "D"); -write_old_file("a/d/e.mdwn", "E"); - sub write_setup_file { my (%args) = @_; my $urlline = defined $args{url} ? "url: $args{url}" : ""; @@ -70,13 +67,11 @@ sub write_setup_file { wikiname: this is the name of my wiki srcdir: t/tmp/in destdir: t/tmp/out -templatedir: templates $urlline cgiurl: $args{cgiurl} $w3mmodeline cgi_wrapper: t/tmp/ikiwiki.cgi cgi_wrappermode: 0754 -html5: $args{html5} # make it easier to test previewing add_plugins: - anonok @@ -87,760 +82,344 @@ EOF ); } -####################################################################### -# site 1: a perfectly ordinary ikiwiki - -write_setup_file( - html5 => 0, - url => "http://example.com/wiki/", - cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi", -); - -ok(unlink("t/tmp/ikiwiki.cgi") || $!{ENOENT}); -ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers")); - -# CGI wrapper should be exactly the requested mode -my (undef, undef, $mode, undef, undef, - undef, undef, undef, undef, undef, - undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); -is($mode & 07777, 0754); - -ok(-e "t/tmp/out/a/b/c/index.html"); -$content = readfile("t/tmp/out/a/b/c/index.html"); -# no on static HTML -unlike($content, qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"}); -# cross-links between static pages are relative -like($content, qr{
  • A: a
  • }); -like($content, qr{
  • B: b
  • }); -like($content, qr{
  • E: e
  • }); - -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'example.com'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "http://example.com/wiki/"); -like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# when accessed via HTTPS, links are secure -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'example.com'; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "https://example.com/wiki/"); -like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# when accessed via a different hostname, links stay on that host -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'staging.example.net'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "http://staging.example.net/wiki/"); -like($bits{stylehref}, qr{^(?:(?:http:)?//staging.example.net)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$}); - -# previewing a page -$in = 'do=edit&page=a/b/c&Preview'; -run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'POST'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{HTTP_HOST} = 'example.com'; - $ENV{CONTENT_LENGTH} = length $in; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "http://example.com/wiki/a/b/c/"); -like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$}); -like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# in html5, the is allowed to be relative, and we take full -# advantage of that -write_setup_file( - html5 => 1, - url => "http://example.com/wiki/", - cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi", -); - -ok(unlink("t/tmp/ikiwiki.cgi") || $!{ENOENT}); -ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers")); - -# CGI wrapper should be exactly the requested mode -(undef, undef, $mode, undef, undef, - undef, undef, undef, undef, undef, - undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); -is($mode & 07777, 0754); - -ok(-e "t/tmp/out/a/b/c/index.html"); -$content = readfile("t/tmp/out/a/b/c/index.html"); -# no on static HTML -unlike($content, qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"}); -# cross-links between static pages are relative -like($content, qr{
  • A: a
  • }); -like($content, qr{
  • B: b
  • }); -like($content, qr{
  • E: e
  • }); - -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'example.com'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "/wiki/"); -is($bits{stylehref}, "/wiki/style.css"); -is($bits{tophref}, "/wiki/"); -is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi"); - -# when accessed via HTTPS, links are secure - this is easy because under -# html5 they're independent of the URL at which the CGI was accessed -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'example.com'; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "/wiki/"); -is($bits{stylehref}, "/wiki/style.css"); -is($bits{tophref}, "/wiki/"); -is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi"); - -# when accessed via a different hostname, links stay on that host - -# this is really easy in html5 because we can use relative URLs -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'staging.example.net'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "/wiki/"); -is($bits{stylehref}, "/wiki/style.css"); -is($bits{tophref}, "/wiki/"); -is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi"); - -# previewing a page -$in = 'do=edit&page=a/b/c&Preview'; -run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'POST'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{HTTP_HOST} = 'example.com'; - $ENV{CONTENT_LENGTH} = length $in; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "/wiki/a/b/c/"); -is($bits{stylehref}, "/wiki/style.css"); -like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$}); -is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi"); - -####################################################################### -# site 2: static content and CGI are on different servers - -write_setup_file( - html5 => 0, - url => "http://static.example.com/", - cgiurl => "http://cgi.example.com/ikiwiki.cgi", -); - -ok(unlink("t/tmp/ikiwiki.cgi")); -ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers")); - -# CGI wrapper should be exactly the requested mode -(undef, undef, $mode, undef, undef, - undef, undef, undef, undef, undef, - undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); -is($mode & 07777, 0754); - -ok(-e "t/tmp/out/a/b/c/index.html"); -$content = readfile("t/tmp/out/a/b/c/index.html"); -# no on static HTML -unlike($content, qr{]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"}); -# cross-links between static pages are still relative -like($content, qr{
  • A: a
  • }); -like($content, qr{
  • B: b
  • }); -like($content, qr{
  • E: e
  • }); - -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'cgi.example.com'; -}); -%bits = parse_cgi_content($content); -like($bits{basehref}, qr{^http://static.example.com/$}); -like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com)?/style.css$}); -like($bits{tophref}, qr{^(?:http:)?//static.example.com/$}); -like($bits{cgihref}, qr{^(?:(?:http:)?//cgi.example.com)?/ikiwiki.cgi$}); - -# when accessed via HTTPS, links are secure -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'cgi.example.com'; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -like($bits{basehref}, qr{^https://static.example.com/$}); -like($bits{stylehref}, qr{^(?:(?:https:)?//static.example.com)?/style.css$}); -like($bits{tophref}, qr{^(?:https:)?//static.example.com/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//cgi.example.com)?/ikiwiki.cgi$}); - -# when accessed via a different hostname, links to the CGI (only) should -# stay on that host? -$in = 'do=edit&page=a/b/c&Preview'; -run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'POST'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/ikiwiki.cgi'; - $ENV{HTTP_HOST} = 'staging.example.net'; - $ENV{CONTENT_LENGTH} = length $in; -}); -%bits = parse_cgi_content($content); -like($bits{basehref}, qr{^http://static.example.com/a/b/c/$}); -like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/style.css$}); -like($bits{tophref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/$}); -like($bits{cgihref}, qr{^(?:(?:http:)?//(?:staging\.example\.net|cgi\.example\.com))?/ikiwiki.cgi$}); -TODO: { -local $TODO = "use self-referential CGI URL?"; -like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/ikiwiki.cgi$}); +sub thoroughly_rebuild { + ok(unlink("t/tmp/ikiwiki.cgi") || $!{ENOENT}); + ok(! system(@command, qw(--setup t/tmp/test.setup --rebuild --wrappers))); +} + +sub check_cgi_mode_bits { + my (undef, undef, $mode, undef, undef, + undef, undef, undef, undef, undef, + undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); + is($mode & 07777, 0754); +} + +sub check_generated_content { + my $cgiurl_regex = shift; + ok(-e "t/tmp/out/a/b/c/index.html"); + my $content = readfile("t/tmp/out/a/b/c/index.html"); + # no on static HTML + unlike($content, qr{A: a}); + like($content, qr{
  • B: b
  • }); + like($content, qr{
  • E: e
  • }); +} + +sub run_cgi { + my (%args) = @_; + my ($in, $out); + my $is_preview = delete $args{is_preview}; + my $is_https = delete $args{is_https}; + my $goto = delete $args{goto}; + my %defaults = ( + SCRIPT_NAME => '/cgi-bin/ikiwiki.cgi', + HTTP_HOST => 'example.com', + ); + if (defined $goto) { + $defaults{REQUEST_METHOD} = 'GET'; + $defaults{QUERY_STRING} = 'do=goto&page=a/b/c'; + } + elsif (defined $is_preview) { + $defaults{REQUEST_METHOD} = 'POST'; + $in = 'do=edit&page=a/b/c&Preview'; + $defaults{CONTENT_LENGTH} = length $in; + } else { + $defaults{REQUEST_METHOD} = 'GET'; + $defaults{QUERY_STRING} = 'do=prefs'; + } + if (defined $is_https) { + $defaults{SERVER_PORT} = '443'; + $defaults{HTTPS} = 'on'; + } else { + $defaults{SERVER_PORT} = '80'; + } + my %envvars = ( + %defaults, + %args, + ); + run(["./t/tmp/ikiwiki.cgi"], \$in, \$out, init => sub { + map { + $ENV{$_} = $envvars{$_} + } keys(%envvars); + }); + + return $out; +} + +sub check_goto { + my $expected = shift; + my $redirect = run_cgi(goto => 1, @_); + ok($redirect =~ m/^Status:\s*302\s+/m); + ok($redirect =~ m/^Location:\s*(\S*)\r?\n/m); + my $location = $1; + like($location, $expected); } -write_setup_file( - html5 => 1, - url => "http://static.example.com/", - cgiurl => "http://cgi.example.com/ikiwiki.cgi", -); - -ok(unlink("t/tmp/ikiwiki.cgi")); -ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers")); - -# CGI wrapper should be exactly the requested mode -(undef, undef, $mode, undef, undef, - undef, undef, undef, undef, undef, - undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); -is($mode & 07777, 0754); - -ok(-e "t/tmp/out/a/b/c/index.html"); -$content = readfile("t/tmp/out/a/b/c/index.html"); -# no on static HTML -unlike($content, qr{]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"}); -# cross-links between static pages are still relative -like($content, qr{
  • A: a
  • }); -like($content, qr{
  • B: b
  • }); -like($content, qr{
  • E: e
  • }); - -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'cgi.example.com'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "//static.example.com/"); -is($bits{stylehref}, "//static.example.com/style.css"); -is($bits{tophref}, "//static.example.com/"); -is($bits{cgihref}, "//cgi.example.com/ikiwiki.cgi"); - -# when accessed via HTTPS, links are secure - in fact they're exactly the -# same as when accessed via HTTP -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'cgi.example.com'; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "//static.example.com/"); -is($bits{stylehref}, "//static.example.com/style.css"); -is($bits{tophref}, "//static.example.com/"); -is($bits{cgihref}, "//cgi.example.com/ikiwiki.cgi"); - -# when accessed via a different hostname, links to the CGI (only) should -# stay on that host? -$in = 'do=edit&page=a/b/c&Preview'; -run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'POST'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/ikiwiki.cgi'; - $ENV{HTTP_HOST} = 'staging.example.net'; - $ENV{CONTENT_LENGTH} = length $in; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "//static.example.com/a/b/c/"); -is($bits{stylehref}, "//static.example.com/style.css"); -is($bits{tophref}, "../../../"); -like($bits{cgihref}, qr{//(?:staging\.example\.net|cgi\.example\.com)/ikiwiki\.cgi}); -TODO: { -local $TODO = "use self-referential CGI URL maybe?"; -is($bits{cgihref}, "//staging.example.net/ikiwiki.cgi"); +sub test_startup { + ok(! system("rm -rf t/tmp")); + ok(! system("mkdir t/tmp")); + + write_old_file("a.mdwn", "A"); + write_old_file("a/b.mdwn", "B"); + write_old_file("a/b/c.mdwn", + "* A: [[a]]\n". + "* B: [[b]]\n". + "* E: [[a/d/e]]\n"); + write_old_file("a/d.mdwn", "D"); + write_old_file("a/d/e.mdwn", "E"); } -####################################################################### -# site 3: we specifically want everything to be secure - -write_setup_file( - html5 => 0, - url => "https://example.com/wiki/", - cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi", -); - -ok(unlink("t/tmp/ikiwiki.cgi")); -ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers")); - -# CGI wrapper should be exactly the requested mode -(undef, undef, $mode, undef, undef, - undef, undef, undef, undef, undef, - undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); -is($mode & 07777, 0754); - -ok(-e "t/tmp/out/a/b/c/index.html"); -$content = readfile("t/tmp/out/a/b/c/index.html"); -# no on static HTML -unlike($content, qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"}); -# cross-links between static pages are relative -like($content, qr{
  • A: a
  • }); -like($content, qr{
  • B: b
  • }); -like($content, qr{
  • E: e
  • }); - -# when accessed via HTTPS, links are secure -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'example.com'; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "https://example.com/wiki/"); -like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# when not accessed via HTTPS, links should still be secure -# (but if this happens, that's a sign of web server misconfiguration) -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'example.com'; -}); -%bits = parse_cgi_content($content); -like($bits{tophref}, qr{^(?:/wiki|\.)/$}); -TODO: { -local $TODO = "treat https in configured url, cgiurl as required?"; -is($bits{basehref}, "https://example.com/wiki/"); -like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); +sub test_site1_perfectly_ordinary_ikiwiki { + diag("test_site1_perfectly_ordinary_ikiwiki"); + write_setup_file( + url => "http://example.com/wiki/", + cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi", + ); + thoroughly_rebuild(); + check_cgi_mode_bits(); + # url and cgiurl are on the same host so the cgiurl is host-relative + check_generated_content(qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"}); + check_goto(qr{^http://example\.com/wiki/a/b/c/$}); + my %bits = parse_cgi_content(run_cgi()); + like($bits{basehref}, qr{^(?:(?:http:)?//example\.com)?/wiki/$}); + like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:/wiki|\.)/$}); + like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); + + # when accessed via HTTPS, links are secure + %bits = parse_cgi_content(run_cgi(is_https => 1)); + like($bits{basehref}, qr{^(?:(?:https:)?//example\.com)?/wiki/$}); + like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:/wiki|\.)/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); + check_goto(qr{^https://example\.com/wiki/a/b/c/$}, is_https => 1); + + # when accessed via a different hostname, links stay on that host + %bits = parse_cgi_content(run_cgi(HTTP_HOST => 'staging.example.net')); + like($bits{basehref}, qr{^(?:(?:http:)?//staging\.example\.net)?/wiki/$}); + like($bits{stylehref}, qr{^(?:(?:http:)?//staging.example.net)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:/wiki|\.)/$}); + like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$}); + TODO: { + local $TODO = "hostname should be copied to redirects' Location"; + check_goto(qr{^https://staging\.example\.net/wiki/a/b/c/$}, is_https => 1); + } + + # previewing a page + %bits = parse_cgi_content(run_cgi(is_preview => 1)); + like($bits{basehref}, qr{^(?:(?:http:)?//example\.com)?/wiki/a/b/c/$}); + like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$}); + like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); } -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# when accessed via a different hostname, links stay on that host -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'staging.example.net'; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "https://staging.example.net/wiki/"); -like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$}); - -# previewing a page -$in = 'do=edit&page=a/b/c&Preview'; -run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'POST'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{HTTP_HOST} = 'example.com'; - $ENV{CONTENT_LENGTH} = length $in; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "https://example.com/wiki/a/b/c/"); -like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# not testing html5: 0 here because that ends up identical to site 1 - -####################################################################### -# site 4 (NetBSD wiki): CGI is secure, static content doesn't have to be - -write_setup_file( - html5 => 0, - url => "http://example.com/wiki/", - cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi", -); - -ok(unlink("t/tmp/ikiwiki.cgi")); -ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers")); - -# CGI wrapper should be exactly the requested mode -(undef, undef, $mode, undef, undef, - undef, undef, undef, undef, undef, - undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); -is($mode & 07777, 0754); - -ok(-e "t/tmp/out/a/b/c/index.html"); -$content = readfile("t/tmp/out/a/b/c/index.html"); -# no on static HTML -unlike($content, qr{]+href="https://example.com/cgi-bin/ikiwiki.cgi\?do=prefs"}); -# cross-links between static pages are relative -like($content, qr{
  • A: a
  • }); -like($content, qr{
  • B: b
  • }); -like($content, qr{
  • E: e
  • }); - -# when accessed via HTTPS, links are secure (to avoid mixed-content) -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'example.com'; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "https://example.com/wiki/"); -like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# when not accessed via HTTPS, ??? -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'example.com'; -}); -%bits = parse_cgi_content($content); -like($bits{basehref}, qr{^https?://example.com/wiki/$}); -like($bits{stylehref}, qr{^(?:(?:https?:)?//example.com)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:(?:https?://example.com)?/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# when accessed via a different hostname, links stay on that host -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'staging.example.net'; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -# because the static and dynamic stuff is on the same server, we assume that -# both are also on the staging server -like($bits{basehref}, qr{^https://staging.example.net/wiki/$}); -like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:(?:(?:https:)?//staging.example.net)?/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//(?:staging\.example\.net|example\.com))?/cgi-bin/ikiwiki.cgi$}); -TODO: { -local $TODO = "this should really point back to itself but currently points to example.com"; -like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$}); + +sub test_site2_static_content_and_cgi_on_different_servers { + diag("test_site2_static_content_and_cgi_on_different_servers"); + write_setup_file( + url => "http://static.example.com/", + cgiurl => "http://cgi.example.com/ikiwiki.cgi", + ); + thoroughly_rebuild(); + check_cgi_mode_bits(); + # url and cgiurl are not on the same host so the cgiurl has to be + # protocol-relative or absolute + check_generated_content(qr{]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"}); + check_goto(qr{^http://static\.example\.com/a/b/c/$}); + + my %bits = parse_cgi_content(run_cgi(SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com')); + like($bits{basehref}, qr{^(?:(?:http:)?//static.example.com)?/$}); + like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com)?/style.css$}); + like($bits{tophref}, qr{^(?:http:)?//static.example.com/$}); + like($bits{cgihref}, qr{^(?:(?:http:)?//cgi.example.com)?/ikiwiki.cgi$}); + + # when accessed via HTTPS, links are secure + %bits = parse_cgi_content(run_cgi(is_https => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com')); + like($bits{basehref}, qr{^(?:https:)?//static\.example\.com/$}); + like($bits{stylehref}, qr{^(?:(?:https:)?//static.example.com)?/style.css$}); + like($bits{tophref}, qr{^(?:https:)?//static.example.com/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//cgi.example.com)?/ikiwiki.cgi$}); + check_goto(qr{^https://static\.example\.com/a/b/c/$}, is_https => 1, + HTTP_HOST => 'cgi.example.com', SCRIPT_NAME => '/ikiwiki.cgi'); + + # when accessed via a different hostname, links to the CGI (only) should + # stay on that host? + %bits = parse_cgi_content(run_cgi(is_preview => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'staging.example.net')); + like($bits{basehref}, qr{^(?:http:)?//static\.example\.com/a/b/c/$}); + like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/style.css$}); + like($bits{tophref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/$}); + like($bits{cgihref}, qr{^(?:(?:http:)?//(?:staging\.example\.net|cgi\.example\.com))?/ikiwiki.cgi$}); + TODO: { + local $TODO = "use self-referential CGI URL?"; + like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/ikiwiki.cgi$}); + } + check_goto(qr{^https://static\.example\.com/a/b/c/$}, is_https => 1, + HTTP_HOST => 'staging.example.net', SCRIPT_NAME => '/ikiwiki.cgi'); } -# previewing a page -$in = 'do=edit&page=a/b/c&Preview'; -run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'POST'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{HTTP_HOST} = 'example.com'; - $ENV{CONTENT_LENGTH} = length $in; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "https://example.com/wiki/a/b/c/"); -like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -write_setup_file( - html5 => 1, - url => "http://example.com/wiki/", - cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi", -); - -ok(unlink("t/tmp/ikiwiki.cgi")); -ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers")); - -# CGI wrapper should be exactly the requested mode -(undef, undef, $mode, undef, undef, - undef, undef, undef, undef, undef, - undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); -is($mode & 07777, 0754); - -ok(-e "t/tmp/out/a/b/c/index.html"); -$content = readfile("t/tmp/out/a/b/c/index.html"); -# no on static HTML -unlike($content, qr{]+href="https://example.com/cgi-bin/ikiwiki.cgi\?do=prefs"}); -# cross-links between static pages are relative -like($content, qr{
  • A: a
  • }); -like($content, qr{
  • B: b
  • }); -like($content, qr{
  • E: e
  • }); - -# when accessed via HTTPS, links are secure (to avoid mixed-content) -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'example.com'; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "/wiki/"); -is($bits{stylehref}, "/wiki/style.css"); -is($bits{tophref}, "/wiki/"); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# when not accessed via HTTPS, ??? -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'example.com'; -}); -%bits = parse_cgi_content($content); -like($bits{basehref}, qr{^(?:https?://example.com)?/wiki/$}); -like($bits{stylehref}, qr{^(?:(?:https?:)?//example.com)?/wiki/style.css$}); -like($bits{tophref}, qr{^(?:(?:https?://example.com)?/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# when accessed via a different hostname, links stay on that host -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'staging.example.net'; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -# because the static and dynamic stuff is on the same server, we assume that -# both are also on the staging server -is($bits{basehref}, "/wiki/"); -is($bits{stylehref}, "/wiki/style.css"); -like($bits{tophref}, qr{^(?:/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//(?:example\.com|staging\.example\.net))?/cgi-bin/ikiwiki.cgi$}); -TODO: { -local $TODO = "this should really point back to itself but currently points to example.com"; -like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$}); +sub test_site3_we_specifically_want_everything_to_be_secure { + diag("test_site3_we_specifically_want_everything_to_be_secure"); + write_setup_file( + url => "https://example.com/wiki/", + cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi", + ); + thoroughly_rebuild(); + check_cgi_mode_bits(); + # url and cgiurl are on the same host so the cgiurl is host-relative + check_generated_content(qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"}); + + # when accessed via HTTPS, links are secure + my %bits = parse_cgi_content(run_cgi(is_https => 1)); + like($bits{basehref}, qr{^(?:(?:https:)?//example\.com)?/wiki/$}); + like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:/wiki|\.)/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); + check_goto(qr{^https://example\.com/wiki/a/b/c/$}, is_https => 1); + + # when not accessed via HTTPS, links should still be secure + # (but if this happens, that's a sign of web server misconfiguration) + %bits = parse_cgi_content(run_cgi()); + like($bits{tophref}, qr{^(?:/wiki|\.)/$}); + TODO: { + local $TODO = "treat https in configured url, cgiurl as required?"; + is($bits{basehref}, "https://example.com/wiki/"); + like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); + } + like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); + check_goto(qr{^https://example\.com/wiki/a/b/c/$}, is_https => 0); + + # when accessed via a different hostname, links stay on that host + %bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net')); + like($bits{basehref}, qr{^(?:(?:https:)?//staging\.example\.net)?/wiki/$}); + like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:/wiki|\.)/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$}); + check_goto(qr{^https://staging\.example\.net/wiki/a/b/c/$}, is_https => 1, + HTTP_HOST => 'staging.example.net'); + + # previewing a page + %bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1)); + like($bits{basehref}, qr{^(?:(?:https:)?//example\.com)?/wiki/a/b/c/$}); + like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); } -# previewing a page -$in = 'do=edit&page=a/b/c&Preview'; -run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'POST'; - $ENV{SERVER_PORT} = '443'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{HTTP_HOST} = 'example.com'; - $ENV{CONTENT_LENGTH} = length $in; - $ENV{HTTPS} = 'on'; -}); -%bits = parse_cgi_content($content); -is($bits{basehref}, "/wiki/a/b/c/"); -is($bits{stylehref}, "/wiki/style.css"); -like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); - -# Deliberately not testing https static content with http cgiurl, -# because that makes remarkably little sense. - -####################################################################### -# site 5: w3mmode, as documented in [[w3mmode]] - -write_setup_file( - html5 => 0, - url => undef, - cgiurl => "ikiwiki.cgi", - w3mmode => 1, -); - -ok(unlink("t/tmp/ikiwiki.cgi")); -ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers")); - -# CGI wrapper should be exactly the requested mode -(undef, undef, $mode, undef, undef, - undef, undef, undef, undef, undef, - undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); -is($mode & 07777, 0754); - -ok(-e "t/tmp/out/a/b/c/index.html"); -$content = readfile("t/tmp/out/a/b/c/index.html"); -# no on static HTML -unlike($content, qr{]+href="(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi\?do=prefs"}); -# cross-links between static pages are still relative -like($content, qr{
  • A: a
  • }); -like($content, qr{
  • B: b
  • }); -like($content, qr{
  • E: e
  • }); - -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{PATH_INFO} = '/ikiwiki.cgi'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki-w3m.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; -}); -%bits = parse_cgi_content($content); -like($bits{tophref}, qr{^(?:\Q$pwd\E/t/tmp/out|\.)/$}); -like($bits{cgihref}, qr{^(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi$}); -like($bits{basehref}, qr{^(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out/$}); -like($bits{stylehref}, qr{^(?:(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out|\.)/style.css$}); - -write_setup_file( - html5 => 1, - url => undef, - cgiurl => "ikiwiki.cgi", - w3mmode => 1, -); - -ok(unlink("t/tmp/ikiwiki.cgi")); -ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers")); - -# CGI wrapper should be exactly the requested mode -(undef, undef, $mode, undef, undef, - undef, undef, undef, undef, undef, - undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); -is($mode & 07777, 0754); - -ok(-e "t/tmp/out/a/b/c/index.html"); -$content = readfile("t/tmp/out/a/b/c/index.html"); -# no on static HTML -unlike($content, qr{]+href="(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi\?do=prefs"}); -# cross-links between static pages are still relative -like($content, qr{
  • A: a
  • }); -like($content, qr{
  • B: b
  • }); -like($content, qr{
  • E: e
  • }); - -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{PATH_INFO} = '/ikiwiki.cgi'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki-w3m.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; -}); -%bits = parse_cgi_content($content); -like($bits{tophref}, qr{^(?:\Q$pwd\E/t/tmp/out|\.)/$}); -like($bits{cgihref}, qr{^(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi$}); -like($bits{basehref}, qr{^(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out/$}); -like($bits{stylehref}, qr{^(?:(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out|\.)/style.css$}); - -####################################################################### -# site 6: we're behind a reverse-proxy - -write_setup_file( - html5 => 0, - url => "https://example.com/wiki/", - cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi", - reverse_proxy => 1, -); - -ok(unlink("t/tmp/ikiwiki.cgi")); -ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers")); - -# CGI wrapper should be exactly the requested mode -(undef, undef, $mode, undef, undef, - undef, undef, undef, undef, undef, - undef, undef, undef) = stat("t/tmp/ikiwiki.cgi"); -is($mode & 07777, 0754); - -ok(-e "t/tmp/out/a/b/c/index.html"); -$content = readfile("t/tmp/out/a/b/c/index.html"); -# no on static HTML -unlike($content, qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"}); -# cross-links between static pages are relative -like($content, qr{
  • A: a
  • }); -like($content, qr{
  • B: b
  • }); -like($content, qr{
  • E: e
  • }); - -# because we are behind a reverse-proxy we must assume that -# we're being accessed by the configured cgiurl -run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'GET'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{QUERY_STRING} = 'do=prefs'; - $ENV{HTTP_HOST} = 'localhost'; -}); -%bits = parse_cgi_content($content); -like($bits{tophref}, qr{^(?:/wiki|\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); -is($bits{basehref}, "https://example.com/wiki/"); -like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); - -# previewing a page -$in = 'do=edit&page=a/b/c&Preview'; -run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub { - $ENV{REQUEST_METHOD} = 'POST'; - $ENV{SERVER_PORT} = '80'; - $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi'; - $ENV{HTTP_HOST} = 'localhost'; - $ENV{CONTENT_LENGTH} = length $in; -}); -%bits = parse_cgi_content($content); -like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$}); -like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); -is($bits{basehref}, "https://example.com/wiki/a/b/c/"); -like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); - -# not testing html5: 1 because it would be the same as site 1 - -# the reverse_proxy config option is unnecessary under html5 - -done_testing; +sub test_site4_cgi_is_secure_static_content_doesnt_have_to_be { + diag("test_site4_cgi_is_secure_static_content_doesnt_have_to_be"); + # (NetBSD wiki) + write_setup_file( + url => "http://example.com/wiki/", + cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi", + ); + thoroughly_rebuild(); + check_cgi_mode_bits(); + # url and cgiurl are on the same host but different schemes + check_generated_content(qr{]+href="https://example.com/cgi-bin/ikiwiki.cgi\?do=prefs"}); + + # when accessed via HTTPS, links are secure (to avoid mixed-content) + my %bits = parse_cgi_content(run_cgi(is_https => 1)); + like($bits{basehref}, qr{^(?:(?:https:)?//example\.com)?/wiki/$}); + like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:/wiki|\.)/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); + check_goto(qr{^https://example\.com/wiki/a/b/c/$}, is_https => 1); + + # FIXME: when not accessed via HTTPS, should the static content be + # forced to https anyway? For now we accept either + %bits = parse_cgi_content(run_cgi()); + like($bits{basehref}, qr{^(?:(?:https?)?://example\.com)?/wiki/$}); + like($bits{stylehref}, qr{^(?:(?:https?:)?//example.com)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:(?:https?://example.com)?/wiki|\.)/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); + check_goto(qr{^https://example\.com/wiki/a/b/c/$}, is_https => 0); + + # when accessed via a different hostname, links stay on that host + %bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net')); + # because the static and dynamic stuff is on the same server, we assume that + # both are also on the staging server + like($bits{basehref}, qr{^(?:(?:https:)?//staging\.example\.net)?/wiki/$}); + like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:(?:(?:https:)?//staging.example.net)?/wiki|\.)/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//(?:staging\.example\.net|example\.com))?/cgi-bin/ikiwiki.cgi$}); + TODO: { + local $TODO = "this should really point back to itself but currently points to example.com"; + like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$}); + } + check_goto(qr{^https://staging\.example\.net/wiki/a/b/c/$}, is_https => 1, + HTTP_HOST => 'staging.example.net'); + + # previewing a page + %bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1)); + like($bits{basehref}, qr{^(?:(?:https:)?//example\.com)?/wiki/a/b/c/$}); + like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); + like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); +} + +sub test_site5_w3mmode { + diag("test_site5_w3mmode"); + # as documented in [[w3mmode]] + write_setup_file( + url => undef, + cgiurl => "ikiwiki.cgi", + w3mmode => 1, + ); + thoroughly_rebuild(); + check_cgi_mode_bits(); + # FIXME: does /$LIB/ikiwiki-w3m.cgi work under w3m? + check_generated_content(qr{]+href="(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi\?do=prefs"}); + + my %bits = parse_cgi_content(run_cgi(PATH_INFO => '/ikiwiki.cgi', SCRIPT_NAME => '/cgi-bin/ikiwiki-w3m.cgi')); + my $pwd = getcwd(); + like($bits{tophref}, qr{^(?:\Q$pwd\E/t/tmp/out|\.)/$}); + like($bits{cgihref}, qr{^(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi$}); + like($bits{basehref}, qr{^(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out/$}); + like($bits{stylehref}, qr{^(?:(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out|\.)/style.css$}); + + my $redirect = run_cgi(goto => 1, PATH_INFO => '/ikiwiki.cgi', + SCRIPT_NAME => '/cgi-bin/ikiwiki-w3m.cgi'); + like($redirect, qr{^Content-type: text/plain\r?\n}m); + like($redirect, qr{^W3m-control: GOTO (?:file://)?\Q$pwd\E/t/tmp/out/a/b/c/\r?\n}m); +} + +sub test_site6_behind_reverse_proxy { + diag("test_site6_behind_reverse_proxy"); + write_setup_file( + url => "https://example.com/wiki/", + cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi", + reverse_proxy => 1, + ); + thoroughly_rebuild(); + check_cgi_mode_bits(); + # url and cgiurl are on the same host so the cgiurl is host-relative + check_generated_content(qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"}); + + # because we are behind a reverse-proxy we must assume that + # we're being accessed by the configured cgiurl + my %bits = parse_cgi_content(run_cgi(HTTP_HOST => 'localhost')); + like($bits{tophref}, qr{^(?:/wiki|\.)/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); + like($bits{basehref}, qr{^(?:(?:https:)?//example\.com)?/wiki/$}); + like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); + check_goto(qr{^https://example\.com/wiki/a/b/c/$}, HTTP_HOST => 'localhost'); + + # previewing a page + %bits = parse_cgi_content(run_cgi(is_preview => 1, HTTP_HOST => 'localhost')); + like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$}); + like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$}); + like($bits{basehref}, qr{^(?:(?:https)?://example\.com)?/wiki/a/b/c/$}); + like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$}); +} + +test_startup(); + +test_site1_perfectly_ordinary_ikiwiki(); +test_site2_static_content_and_cgi_on_different_servers(); +test_site3_we_specifically_want_everything_to_be_secure(); +test_site4_cgi_is_secure_static_content_doesnt_have_to_be(); +test_site5_w3mmode(); +test_site6_behind_reverse_proxy(); + +done_testing();