diff options
Diffstat (limited to 'test/spec_file.rb')
-rw-r--r-- | test/spec_file.rb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/test/spec_file.rb b/test/spec_file.rb index 353dcdfe..3106e629 100644 --- a/test/spec_file.rb +++ b/test/spec_file.rb @@ -68,6 +68,11 @@ describe Rack::File do assert_match(res, /ruby/) end + it "serve uri with URL encoded null byte (%00) in filenames" do + res = Rack::MockRequest.new(file(DOCROOT)).get("/cgi/test%00") + res.must_be :bad_request? + end + it "allow safe directory traversal" do req = Rack::MockRequest.new(file(DOCROOT)) |