1<testcase> 2<info> 3<keywords> 4HTTP 5HTTP GET 6dotdot removal 7</keywords> 8</info> 9 10# 11# Server-side 12<reply> 13<data> 14HTTP/1.1 200 OK 15Content-Length: 6 16Connection: close 17 18-foo- 19</data> 20 21<data1> 22HTTP/1.1 200 OK 23Content-Length: 7 24Connection: close 25 26-cool- 27</data1> 28</reply> 29 30# 31# Client-side 32<client> 33<server> 34http 35</server> 36 <name> 37HTTP URL with dotdot removal from path 38 </name> 39 <command> 40http://%HOSTIP:%HTTPPORT/../../hej/but/who/../1231?stupid=me/../1231#soo/../1231 http://%HOSTIP:%HTTPPORT/../../hej/but/who/../12310001#/../12310001 41</command> 42</client> 43 44# 45# Verify data after the test has been "shot" 46<verify> 47<strip> 48^User-Agent:.* 49</strip> 50<protocol> 51GET /hej/but/1231?stupid=me/../1231 HTTP/1.1 52Host: %HOSTIP:%HTTPPORT 53Accept: */* 54 55GET /hej/but/12310001 HTTP/1.1 56Host: %HOSTIP:%HTTPPORT 57Accept: */* 58 59</protocol> 60</verify> 61</testcase> 62