1<testcase> 2# 3# This test is crafted to reproduce oss-fuzz bug 4# https://crbug.com/oss-fuzz/17954 5# 6<info> 7<keywords> 8HTTP 9HTTP GET 10followlocation 11</keywords> 12</info> 13# 14# Server-side 15<reply> 16<data> 17HTTP/1.1 302 OK 18Location: http://example.net/there/it/is/../../tes t case=/6630002? yes no 19Date: Thu, 09 Nov 2010 14:49:00 GMT 20Content-Length: 0 21 22</data> 23<data2> 24HTTP/1.1 200 OK 25Location: this should be ignored 26Date: Thu, 09 Nov 2010 14:49:00 GMT 27Content-Length: 5 28 29body 30</data2> 31<datacheck> 32HTTP/1.1 302 OK 33Location: http://example.net/there/it/is/../../tes t case=/6630002? yes no 34Date: Thu, 09 Nov 2010 14:49:00 GMT 35Content-Length: 0 36 37HTTP/1.1 200 OK 38Location: this should be ignored 39Date: Thu, 09 Nov 2010 14:49:00 GMT 40Content-Length: 5 41 42body 43</datacheck> 44</reply> 45 46# 47# Client-side 48<client> 49<server> 50http 51</server> 52 <name> 53HTTP redirect with dotdots and whitespaces in absolute Location: URL 54 </name> 55 <command> 56http://example.com/please/../gimme/663?foobar#hello -L -x http://%HOSTIP:%HTTPPORT 57</command> 58<features> 59proxy 60</features> 61</client> 62 63# 64# Verify data after the test has been "shot" 65<verify> 66<protocol> 67GET http://example.com/gimme/663?foobar HTTP/1.1 68Host: example.com 69User-Agent: curl/%VERSION 70Accept: */* 71Proxy-Connection: Keep-Alive 72 73GET http://example.net/there/tes%20t%20case=/6630002?+yes+no HTTP/1.1 74Host: example.net 75User-Agent: curl/%VERSION 76Accept: */* 77Proxy-Connection: Keep-Alive 78 79</protocol> 80</verify> 81</testcase> 82