X-Git-Url: https://sipb.mit.edu/gitweb.cgi/ikiwiki.git/blobdiff_plain/fe9e94513ab0d57f182a6922957ea14c773b4fae..e1101d121f404fd1556029bec3b1c8f723bd9f51:/t/relativity.t?ds=sidebyside
diff --git a/t/relativity.t b/t/relativity.t
index eb6cc448a..054f8f664 100755
--- a/t/relativity.t
+++ b/t/relativity.t
@@ -2,31 +2,22 @@
use warnings;
use strict;
-use Cwd qw(getcwd);
-use Errno qw(ENOENT);
-
-BEGIN {
- if (!eval q{
+use Test::More;
+plan(skip_all => "IPC::Run not available")
+ unless eval q{
use IPC::Run qw(run);
1;
- }) {
- eval q{use Test::More skip_all => "IPC::Run not available"};
- }
- else {
- eval q{use Test::More};
- }
- use_ok("IkiWiki");
-}
+ };
-my $PERL5LIB = 'blib/lib:blib/arch';
-my $pwd = getcwd();
+use IkiWiki;
-# Black-box (ish) test for relative linking between CGI and static content
+use Cwd qw(getcwd);
+use Errno qw(ENOENT);
-my $blob;
-my ($content, $in, %bits);
+# Black-box (ish) test for relative linking between CGI and static content
sub parse_cgi_content {
+ my $content = shift;
my %bits;
if ($content =~ qr{}) {
$bits{basehref} = $1;
@@ -43,10 +34,6 @@ sub parse_cgi_content {
return %bits;
}
-ok(! system("make -s ikiwiki.out"));
-ok(! system("rm -rf t/tmp"));
-ok(! system("mkdir t/tmp"));
-
sub write_old_file {
my $name = shift;
my $content = shift;
@@ -55,551 +42,480 @@ sub write_old_file {
ok(utime(333333333, 333333333, "t/tmp/in/$name"));
}
-write_old_file("a.mdwn", "A");
-write_old_file("a/b.mdwn", "B");
-write_old_file("a/b/c.mdwn",
-"* A: [[a]]\n".
-"* B: [[b]]\n".
-"* E: [[a/d/e]]\n");
-write_old_file("a/d.mdwn", "D");
-write_old_file("a/d/e.mdwn", "E");
+sub write_setup_file {
+ my (%args) = @_;
+ my $urlline = defined $args{url} ? "url: $args{url}" : "";
+ my $w3mmodeline = defined $args{w3mmode} ? "w3mmode: $args{w3mmode}" : "";
+ my $reverseproxyline = defined $args{reverse_proxy} ? "reverse_proxy: $args{reverse_proxy}" : "";
-#######################################################################
-# site 1: a perfectly ordinary ikiwiki
-
-writefile("test.setup", "t/tmp", < on static HTML
-unlike($content, qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
-# cross-links between static pages are relative
-like($content, qr{A: a});
-like($content, qr{B: b});
-like($content, qr{E: e});
-
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'example.com';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "http://example.com/wiki/");
-like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-# when accessed via HTTPS, links are secure
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'example.com';
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "https://example.com/wiki/");
-like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-# when accessed via a different hostname, links stay on that host
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'staging.example.net';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "http://staging.example.net/wiki/");
-like($bits{stylehref}, qr{^(?:(?:http:)?//staging.example.net)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
-
-# previewing a page
-$in = 'do=edit&page=a/b/c&Preview';
-run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'POST';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{HTTP_HOST} = 'example.com';
- $ENV{CONTENT_LENGTH} = length $in;
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "http://example.com/wiki/a/b/c/");
-like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
-like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-#######################################################################
-# site 2: static content and CGI are on different servers
-
-writefile("test.setup", "t/tmp", < on static HTML
-unlike($content, qr{]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"});
-# cross-links between static pages are still relative
-like($content, qr{A: a});
-like($content, qr{B: b});
-like($content, qr{E: e});
-
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'cgi.example.com';
-});
-%bits = parse_cgi_content($content);
-like($bits{basehref}, qr{^http://static.example.com/$});
-like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com)?/style.css$});
-like($bits{tophref}, qr{^(?:http:)?//static.example.com/$});
-like($bits{cgihref}, qr{^(?:(?:http:)?//cgi.example.com)?/ikiwiki.cgi$});
-
-# when accessed via HTTPS, links are secure
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'cgi.example.com';
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-TODO: {
-local $TODO = "avoid mixed content";
-like($bits{basehref}, qr{^https://static.example.com/$});
-like($bits{stylehref}, qr{^(?:(?:https:)?//static.example.com)?/style.css$});
-like($bits{tophref}, qr{^(?:https:)?//static.example.com/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//cgi.example.com)?/ikiwiki.cgi$});
+ );
}
-# when accessed via a different hostname, links to the CGI (only) should
-# stay on that host?
-$in = 'do=edit&page=a/b/c&Preview';
-run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'POST';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/ikiwiki.cgi';
- $ENV{HTTP_HOST} = 'staging.example.net';
- $ENV{CONTENT_LENGTH} = length $in;
-});
-%bits = parse_cgi_content($content);
-like($bits{basehref}, qr{^http://static.example.com/a/b/c/$});
-like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/style.css$});
-like($bits{tophref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/$});
-TODO: {
-local $TODO = "use self-referential CGI URL?";
-like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/ikiwiki.cgi$});
+sub thoroughly_rebuild {
+ ok(unlink("t/tmp/ikiwiki.cgi") || $!{ENOENT});
+ ok(! system("./ikiwiki.out --setup t/tmp/test.setup --rebuild --wrappers"));
}
-#######################################################################
-# site 3: we specifically want everything to be secure
+sub check_cgi_mode_bits {
+ my (undef, undef, $mode, undef, undef,
+ undef, undef, undef, undef, undef,
+ undef, undef, undef) = stat("t/tmp/ikiwiki.cgi");
+ is($mode & 07777, 0754);
+}
-writefile("test.setup", "t/tmp", < on static HTML
-unlike($content, qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
-# cross-links between static pages are relative
-like($content, qr{A: a});
-like($content, qr{B: b});
-like($content, qr{E: e});
-
-# when accessed via HTTPS, links are secure
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'example.com';
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "https://example.com/wiki/");
-like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-# when not accessed via HTTPS, links should still be secure
-# (but if this happens, that's a sign of web server misconfiguration)
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'example.com';
-});
-%bits = parse_cgi_content($content);
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
-TODO: {
-local $TODO = "treat https in configured url, cgiurl as required?";
-is($bits{basehref}, "https://example.com/wiki/");
-like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+sub check_generated_content {
+ my $cgiurl_regex = shift;
+ ok(-e "t/tmp/out/a/b/c/index.html");
+ my $content = readfile("t/tmp/out/a/b/c/index.html");
+ # no on static HTML
+ unlike($content, qr{A: a});
+ like($content, qr{B: b});
+ like($content, qr{E: e});
}
-like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-# when accessed via a different hostname, links stay on that host
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'staging.example.net';
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "https://staging.example.net/wiki/");
-like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
-
-# previewing a page
-$in = 'do=edit&page=a/b/c&Preview';
-run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'POST';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{HTTP_HOST} = 'example.com';
- $ENV{CONTENT_LENGTH} = length $in;
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-is($bits{basehref}, "https://example.com/wiki/a/b/c/");
-like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-#######################################################################
-# site 4 (NetBSD wiki): CGI is secure, static content doesn't have to be
-
-writefile("test.setup", "t/tmp", < on static HTML
-unlike($content, qr{]+href="https://example.com/cgi-bin/ikiwiki.cgi\?do=prefs"});
-# cross-links between static pages are relative
-like($content, qr{A: a});
-like($content, qr{B: b});
-like($content, qr{E: e});
-
-# when accessed via HTTPS, links are secure (to avoid mixed-content)
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'example.com';
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-TODO: {
-local $TODO = "avoid mixed content";
-is($bits{basehref}, "https://example.com/wiki/");
-like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
+
+sub run_cgi {
+ my (%args) = @_;
+ my ($in, $out);
+ my $is_preview = delete $args{is_preview};
+ my $is_https = delete $args{is_https};
+ my %defaults = (
+ SCRIPT_NAME => '/cgi-bin/ikiwiki.cgi',
+ HTTP_HOST => 'example.com',
+ );
+ if (defined $is_preview) {
+ $defaults{REQUEST_METHOD} = 'POST';
+ $in = 'do=edit&page=a/b/c&Preview';
+ $defaults{CONTENT_LENGTH} = length $in;
+ } else {
+ $defaults{REQUEST_METHOD} = 'GET';
+ $defaults{QUERY_STRING} = 'do=prefs';
+ }
+ if (defined $is_https) {
+ $defaults{SERVER_PORT} = '443';
+ $defaults{HTTPS} = 'on';
+ } else {
+ $defaults{SERVER_PORT} = '80';
+ }
+ my %envvars = (
+ %defaults,
+ %args,
+ );
+ run(["./t/tmp/ikiwiki.cgi"], \$in, \$out, init => sub {
+ map {
+ $ENV{$_} = $envvars{$_}
+ } keys(%envvars);
+ });
+
+ return $out;
}
-like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-# when not accessed via HTTPS, ???
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'example.com';
-});
-%bits = parse_cgi_content($content);
-like($bits{basehref}, qr{^https?://example.com/wiki/$});
-like($bits{stylehref}, qr{^(?:(?:https?:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:(?:https?://example.com)?/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-
-# when accessed via a different hostname, links stay on that host
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'staging.example.net';
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-TODO: {
-local $TODO = "avoid mixed content";
-like($bits{basehref}, qr{^https://example.com/wiki/$});
-like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
-like($bits{tophref}, qr{^(?:(?:(?:https:)?//example.com)?/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
+
+sub test_startup {
+ ok(! system("make -s ikiwiki.out"));
+ ok(! system("rm -rf t/tmp"));
+ ok(! system("mkdir t/tmp"));
+
+ write_old_file("a.mdwn", "A");
+ write_old_file("a/b.mdwn", "B");
+ write_old_file("a/b/c.mdwn",
+ "* A: [[a]]\n".
+ "* B: [[b]]\n".
+ "* E: [[a/d/e]]\n");
+ write_old_file("a/d.mdwn", "D");
+ write_old_file("a/d/e.mdwn", "E");
}
-# previewing a page
-$in = 'do=edit&page=a/b/c&Preview';
-run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'POST';
- $ENV{SERVER_PORT} = '443';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{HTTP_HOST} = 'example.com';
- $ENV{CONTENT_LENGTH} = length $in;
- $ENV{HTTPS} = 'on';
-});
-%bits = parse_cgi_content($content);
-TODO: {
-local $TODO = "avoid mixed content";
-is($bits{basehref}, "https://example.com/wiki/a/b/c/");
-like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+sub test_site1_perfectly_ordinary_ikiwiki {
+ write_setup_file(
+ html5 => 0,
+ url => "http://example.com/wiki/",
+ cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi",
+ );
+ thoroughly_rebuild();
+ check_cgi_mode_bits();
+ # url and cgiurl are on the same host so the cgiurl is host-relative
+ check_generated_content(qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
+ my %bits = parse_cgi_content(run_cgi());
+ is($bits{basehref}, "http://example.com/wiki/");
+ like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # when accessed via HTTPS, links are secure
+ %bits = parse_cgi_content(run_cgi(is_https => 1));
+ is($bits{basehref}, "https://example.com/wiki/");
+ like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # when accessed via a different hostname, links stay on that host
+ %bits = parse_cgi_content(run_cgi(HTTP_HOST => 'staging.example.net'));
+ is($bits{basehref}, "http://staging.example.net/wiki/");
+ like($bits{stylehref}, qr{^(?:(?:http:)?//staging.example.net)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
+
+ # previewing a page
+ %bits = parse_cgi_content(run_cgi(is_preview => 1));
+ is($bits{basehref}, "http://example.com/wiki/a/b/c/");
+ like($bits{stylehref}, qr{^(?:(?:http:)?//example.com)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:http:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # in html5, the is allowed to be relative, and we take full
+ # advantage of that
+ write_setup_file(
+ html5 => 1,
+ url => "http://example.com/wiki/",
+ cgiurl => "http://example.com/cgi-bin/ikiwiki.cgi",
+ );
+ thoroughly_rebuild();
+ check_cgi_mode_bits();
+ # url and cgiurl are on the same host so the cgiurl is host-relative
+ check_generated_content(qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
+
+ %bits = parse_cgi_content(run_cgi());
+ is($bits{basehref}, "/wiki/");
+ is($bits{stylehref}, "/wiki/style.css");
+ is($bits{tophref}, "/wiki/");
+ is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
+
+ # when accessed via HTTPS, links are secure - this is easy because under
+ # html5 they're independent of the URL at which the CGI was accessed
+ %bits = parse_cgi_content(run_cgi(is_https => 1));
+ is($bits{basehref}, "/wiki/");
+ is($bits{stylehref}, "/wiki/style.css");
+ is($bits{tophref}, "/wiki/");
+ is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
+
+ # when accessed via a different hostname, links stay on that host -
+ # this is really easy in html5 because we can use relative URLs
+ %bits = parse_cgi_content(run_cgi(HTTP_HOST => 'staging.example.net'));
+ is($bits{basehref}, "/wiki/");
+ is($bits{stylehref}, "/wiki/style.css");
+ is($bits{tophref}, "/wiki/");
+ is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
+
+ # previewing a page
+ %bits = parse_cgi_content(run_cgi(is_preview => 1));
+ is($bits{basehref}, "/wiki/a/b/c/");
+ is($bits{stylehref}, "/wiki/style.css");
+ like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
+ is($bits{cgihref}, "/cgi-bin/ikiwiki.cgi");
}
-like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-# Deliberately not testing https static content with http cgiurl,
-# because that makes remarkably little sense.
+sub test_site2_static_content_and_cgi_on_different_servers {
+ write_setup_file(
+ html5 => 0,
+ url => "http://static.example.com/",
+ cgiurl => "http://cgi.example.com/ikiwiki.cgi",
+ );
+ thoroughly_rebuild();
+ check_cgi_mode_bits();
+ # url and cgiurl are not on the same host so the cgiurl has to be
+ # protocol-relative or absolute
+ check_generated_content(qr{]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"});
+
+ my %bits = parse_cgi_content(run_cgi(SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
+ like($bits{basehref}, qr{^http://static.example.com/$});
+ like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com)?/style.css$});
+ like($bits{tophref}, qr{^(?:http:)?//static.example.com/$});
+ like($bits{cgihref}, qr{^(?:(?:http:)?//cgi.example.com)?/ikiwiki.cgi$});
+
+ # when accessed via HTTPS, links are secure
+ %bits = parse_cgi_content(run_cgi(is_https => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
+ like($bits{basehref}, qr{^https://static.example.com/$});
+ like($bits{stylehref}, qr{^(?:(?:https:)?//static.example.com)?/style.css$});
+ like($bits{tophref}, qr{^(?:https:)?//static.example.com/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//cgi.example.com)?/ikiwiki.cgi$});
+
+ # when accessed via a different hostname, links to the CGI (only) should
+ # stay on that host?
+ %bits = parse_cgi_content(run_cgi(is_preview => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'staging.example.net'));
+ like($bits{basehref}, qr{^http://static.example.com/a/b/c/$});
+ like($bits{stylehref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/style.css$});
+ like($bits{tophref}, qr{^(?:(?:http:)?//static.example.com|\.\./\.\./\.\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:http:)?//(?:staging\.example\.net|cgi\.example\.com))?/ikiwiki.cgi$});
+ TODO: {
+ local $TODO = "use self-referential CGI URL?";
+ like($bits{cgihref}, qr{^(?:(?:http:)?//staging.example.net)?/ikiwiki.cgi$});
+ }
-#######################################################################
-# site 5: w3mmode, as documented in [[w3mmode]]
+ write_setup_file(
+ html5 => 1,
+ url => "http://static.example.com/",
+ cgiurl => "http://cgi.example.com/ikiwiki.cgi",
+ );
+ thoroughly_rebuild();
+ check_cgi_mode_bits();
+ # url and cgiurl are not on the same host so the cgiurl has to be
+ # protocol-relative or absolute
+ check_generated_content(qr{]+href="(?:http:)?//cgi.example.com/ikiwiki.cgi\?do=prefs"});
+
+ %bits = parse_cgi_content(run_cgi(SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
+ is($bits{basehref}, "//static.example.com/");
+ is($bits{stylehref}, "//static.example.com/style.css");
+ is($bits{tophref}, "//static.example.com/");
+ is($bits{cgihref}, "//cgi.example.com/ikiwiki.cgi");
+
+ # when accessed via HTTPS, links are secure - in fact they're exactly the
+ # same as when accessed via HTTP
+ %bits = parse_cgi_content(run_cgi(is_https => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'cgi.example.com'));
+ is($bits{basehref}, "//static.example.com/");
+ is($bits{stylehref}, "//static.example.com/style.css");
+ is($bits{tophref}, "//static.example.com/");
+ is($bits{cgihref}, "//cgi.example.com/ikiwiki.cgi");
+
+ # when accessed via a different hostname, links to the CGI (only) should
+ # stay on that host?
+ %bits = parse_cgi_content(run_cgi(is_preview => 1, SCRIPT_NAME => '/ikiwiki.cgi', HTTP_HOST => 'staging.example.net'));
+ is($bits{basehref}, "//static.example.com/a/b/c/");
+ is($bits{stylehref}, "//static.example.com/style.css");
+ is($bits{tophref}, "../../../");
+ like($bits{cgihref}, qr{//(?:staging\.example\.net|cgi\.example\.com)/ikiwiki\.cgi});
+ TODO: {
+ local $TODO = "use self-referential CGI URL maybe?";
+ is($bits{cgihref}, "//staging.example.net/ikiwiki.cgi");
+ }
+}
-writefile("test.setup", "t/tmp", < on static HTML
-unlike($content, qr{]+href="(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi\?do=prefs"});
-# cross-links between static pages are still relative
-like($content, qr{A: a});
-like($content, qr{B: b});
-like($content, qr{E: e});
-
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{PATH_INFO} = '/ikiwiki.cgi';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki-w3m.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
-});
-%bits = parse_cgi_content($content);
-like($bits{tophref}, qr{^(?:\Q$pwd\E/t/tmp/out|\.)/$});
-like($bits{cgihref}, qr{^(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi$});
-like($bits{basehref}, qr{^(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out/$});
-like($bits{stylehref}, qr{^(?:(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out|\.)/style.css$});
-
-#######################################################################
-# site 6: we're behind a reverse-proxy
-
-writefile("test.setup", "t/tmp", < on static HTML
-unlike($content, qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
-# cross-links between static pages are relative
-like($content, qr{A: a});
-like($content, qr{B: b});
-like($content, qr{E: e});
-
-# because we are behind a reverse-proxy we must assume that
-# we're being accessed by the configured cgiurl
-run(["./t/tmp/ikiwiki.cgi"], \undef, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'GET';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{QUERY_STRING} = 'do=prefs';
- $ENV{HTTP_HOST} = 'localhost';
-});
-%bits = parse_cgi_content($content);
-like($bits{tophref}, qr{^(?:/wiki|\.)/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-TODO: {
-local $TODO = "reverse-proxy support needed";
-is($bits{basehref}, "https://example.com/wiki/");
-like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+sub test_site3_we_specifically_want_everything_to_be_secure {
+ write_setup_file(
+ html5 => 0,
+ url => "https://example.com/wiki/",
+ cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
+ );
+ thoroughly_rebuild();
+ check_cgi_mode_bits();
+ # url and cgiurl are on the same host so the cgiurl is host-relative
+ check_generated_content(qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
+
+ # when accessed via HTTPS, links are secure
+ my %bits = parse_cgi_content(run_cgi(is_https => 1));
+ is($bits{basehref}, "https://example.com/wiki/");
+ like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # when not accessed via HTTPS, links should still be secure
+ # (but if this happens, that's a sign of web server misconfiguration)
+ %bits = parse_cgi_content(run_cgi());
+ like($bits{tophref}, qr{^(?:/wiki|\.)/$});
+ TODO: {
+ local $TODO = "treat https in configured url, cgiurl as required?";
+ is($bits{basehref}, "https://example.com/wiki/");
+ like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+ }
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # when accessed via a different hostname, links stay on that host
+ %bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net'));
+ is($bits{basehref}, "https://staging.example.net/wiki/");
+ like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
+
+ # previewing a page
+ %bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1));
+ is($bits{basehref}, "https://example.com/wiki/a/b/c/");
+ like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # not testing html5: 0 here because that ends up identical to site 1
}
-# previewing a page
-$in = 'do=edit&page=a/b/c&Preview';
-run(["./t/tmp/ikiwiki.cgi"], \$in, \$content, init => sub {
- $ENV{REQUEST_METHOD} = 'POST';
- $ENV{SERVER_PORT} = '80';
- $ENV{SCRIPT_NAME} = '/cgi-bin/ikiwiki.cgi';
- $ENV{HTTP_HOST} = 'localhost';
- $ENV{CONTENT_LENGTH} = length $in;
-});
-%bits = parse_cgi_content($content);
-like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
-like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
-TODO: {
-local $TODO = "reverse-proxy support needed";
-is($bits{basehref}, "https://example.com/wiki/a/b/c/");
-like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+sub test_site4_cgi_is_secure_static_content_doesnt_have_to_be {
+ # (NetBSD wiki)
+ write_setup_file(
+ html5 => 0,
+ url => "http://example.com/wiki/",
+ cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
+ );
+ thoroughly_rebuild();
+ check_cgi_mode_bits();
+ # url and cgiurl are on the same host but different schemes
+ check_generated_content(qr{]+href="https://example.com/cgi-bin/ikiwiki.cgi\?do=prefs"});
+
+ # when accessed via HTTPS, links are secure (to avoid mixed-content)
+ my %bits = parse_cgi_content(run_cgi(is_https => 1));
+ is($bits{basehref}, "https://example.com/wiki/");
+ like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # when not accessed via HTTPS, ???
+ %bits = parse_cgi_content(run_cgi());
+ like($bits{basehref}, qr{^https?://example.com/wiki/$});
+ like($bits{stylehref}, qr{^(?:(?:https?:)?//example.com)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:(?:https?://example.com)?/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # when accessed via a different hostname, links stay on that host
+ %bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net'));
+ # because the static and dynamic stuff is on the same server, we assume that
+ # both are also on the staging server
+ like($bits{basehref}, qr{^https://staging.example.net/wiki/$});
+ like($bits{stylehref}, qr{^(?:(?:https:)?//staging.example.net)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:(?:(?:https:)?//staging.example.net)?/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//(?:staging\.example\.net|example\.com))?/cgi-bin/ikiwiki.cgi$});
+ TODO: {
+ local $TODO = "this should really point back to itself but currently points to example.com";
+ like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
+ }
+
+ # previewing a page
+ %bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1));
+ is($bits{basehref}, "https://example.com/wiki/a/b/c/");
+ like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ write_setup_file(
+ html5 => 1,
+ url => "http://example.com/wiki/",
+ cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
+ );
+ thoroughly_rebuild();
+ check_cgi_mode_bits();
+ # url and cgiurl are on the same host but different schemes
+ check_generated_content(qr{]+href="https://example.com/cgi-bin/ikiwiki.cgi\?do=prefs"});
+
+ # when accessed via HTTPS, links are secure (to avoid mixed-content)
+ %bits = parse_cgi_content(run_cgi(is_https => 1));
+ is($bits{basehref}, "/wiki/");
+ is($bits{stylehref}, "/wiki/style.css");
+ is($bits{tophref}, "/wiki/");
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # when not accessed via HTTPS, ???
+ %bits = parse_cgi_content(run_cgi());
+ like($bits{basehref}, qr{^(?:https?://example.com)?/wiki/$});
+ like($bits{stylehref}, qr{^(?:(?:https?:)?//example.com)?/wiki/style.css$});
+ like($bits{tophref}, qr{^(?:(?:https?://example.com)?/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # when accessed via a different hostname, links stay on that host
+ %bits = parse_cgi_content(run_cgi(is_https => 1, HTTP_HOST => 'staging.example.net'));
+ # because the static and dynamic stuff is on the same server, we assume that
+ # both are also on the staging server
+ is($bits{basehref}, "/wiki/");
+ is($bits{stylehref}, "/wiki/style.css");
+ like($bits{tophref}, qr{^(?:/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//(?:example\.com|staging\.example\.net))?/cgi-bin/ikiwiki.cgi$});
+ TODO: {
+ local $TODO = "this should really point back to itself but currently points to example.com";
+ like($bits{cgihref}, qr{^(?:(?:https:)?//staging.example.net)?/cgi-bin/ikiwiki.cgi$});
+ }
+
+ # previewing a page
+ %bits = parse_cgi_content(run_cgi(is_preview => 1, is_https => 1));
+ is($bits{basehref}, "/wiki/a/b/c/");
+ is($bits{stylehref}, "/wiki/style.css");
+ like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+
+ # Deliberately not testing https static content with http cgiurl,
+ # because that makes remarkably little sense.
}
-done_testing;
+sub test_site5_w3mmode {
+ # as documented in [[w3mmode]]
+ write_setup_file(
+ html5 => 0,
+ url => undef,
+ cgiurl => "ikiwiki.cgi",
+ w3mmode => 1,
+ );
+ thoroughly_rebuild();
+ check_cgi_mode_bits();
+ # FIXME: does /$LIB/ikiwiki-w3m.cgi work under w3m?
+ check_generated_content(qr{]+href="(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi\?do=prefs"});
+
+ my %bits = parse_cgi_content(run_cgi(PATH_INFO => '/ikiwiki.cgi', SCRIPT_NAME => '/cgi-bin/ikiwiki-w3m.cgi'));
+ my $pwd = getcwd();
+ like($bits{tophref}, qr{^(?:\Q$pwd\E/t/tmp/out|\.)/$});
+ like($bits{cgihref}, qr{^(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi$});
+ like($bits{basehref}, qr{^(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out/$});
+ like($bits{stylehref}, qr{^(?:(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out|\.)/style.css$});
+
+ write_setup_file(
+ html5 => 1,
+ url => undef,
+ cgiurl => "ikiwiki.cgi",
+ w3mmode => 1,
+ );
+ thoroughly_rebuild();
+ check_cgi_mode_bits();
+ # FIXME: does /$LIB/ikiwiki-w3m.cgi work under w3m?
+ check_generated_content(qr{]+href="(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi\?do=prefs"});
+
+ %bits = parse_cgi_content(run_cgi(PATH_INFO => '/ikiwiki.cgi', SCRIPT_NAME => '/cgi-bin/ikiwiki-w3m.cgi'));
+ like($bits{tophref}, qr{^(?:\Q$pwd\E/t/tmp/out|\.)/$});
+ like($bits{cgihref}, qr{^(?:file://)?/\$LIB/ikiwiki-w3m.cgi/ikiwiki.cgi$});
+ like($bits{basehref}, qr{^(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out/$});
+ like($bits{stylehref}, qr{^(?:(?:(?:file:)?//)?\Q$pwd\E/t/tmp/out|\.)/style.css$});
+}
+
+sub test_site6_behind_reverse_proxy {
+ write_setup_file(
+ html5 => 0,
+ url => "https://example.com/wiki/",
+ cgiurl => "https://example.com/cgi-bin/ikiwiki.cgi",
+ reverse_proxy => 1,
+ );
+ thoroughly_rebuild();
+ check_cgi_mode_bits();
+ # url and cgiurl are on the same host so the cgiurl is host-relative
+ check_generated_content(qr{]+href="/cgi-bin/ikiwiki.cgi\?do=prefs"});
+
+ # because we are behind a reverse-proxy we must assume that
+ # we're being accessed by the configured cgiurl
+ my %bits = parse_cgi_content(run_cgi(HTTP_HOST => 'localhost'));
+ like($bits{tophref}, qr{^(?:/wiki|\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+ is($bits{basehref}, "https://example.com/wiki/");
+ like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+
+ # previewing a page
+ %bits = parse_cgi_content(run_cgi(is_preview => 1, HTTP_HOST => 'localhost'));
+ like($bits{tophref}, qr{^(?:/wiki|\.\./\.\./\.\.)/$});
+ like($bits{cgihref}, qr{^(?:(?:https:)?//example.com)?/cgi-bin/ikiwiki.cgi$});
+ is($bits{basehref}, "https://example.com/wiki/a/b/c/");
+ like($bits{stylehref}, qr{^(?:(?:https:)?//example.com)?/wiki/style.css$});
+
+ # not testing html5: 1 because it would be the same as site 1 -
+ # the reverse_proxy config option is unnecessary under html5
+}
+
+test_startup();
+
+test_site1_perfectly_ordinary_ikiwiki();
+test_site2_static_content_and_cgi_on_different_servers();
+test_site3_we_specifically_want_everything_to_be_secure();
+test_site4_cgi_is_secure_static_content_doesnt_have_to_be();
+test_site5_w3mmode();
+test_site6_behind_reverse_proxy();
+
+done_testing();