Fix wrong handling of utf8 that could lead to server crashes
Change-Id: I0f21d61ccfa889a98cc6602d3d3ce3163a5c32b8
diff --git a/t/plugin/auth-oauth.t b/t/plugin/auth-oauth.t
index cfcfc87..635df8c 100644
--- a/t/plugin/auth-oauth.t
+++ b/t/plugin/auth-oauth.t
@@ -1,5 +1,6 @@
use Mojo::Base -strict;
use Test::More;
+use Mojo::ByteStream 'b';
use Test::Mojo::WithRoles 'Session';
use Mojo::File qw/path/;
use Data::Dumper;
@@ -432,9 +433,30 @@
is(defined $err ? $err->text : '', '');
-# Login:
+# This should fail
+my $wide_char_login = "\x{61}\x{E5}\x{61}"; # "\x{443}\x{434}";
$t->post_ok('/user/login' => form => {
- handle => 'test',
+ handle => $wide_char_login,
+ pwd => 'pass',
+ csrf_token => $csrf,
+ fwd => $fwd
+})
+ ->status_is(302)
+ ->header_is('Location' => '/');
+
+$t->get_ok('/')
+ ->status_is(200)
+ ->element_exists('div.notify-error')
+ ->text_is('div.notify-error', 'Invalid character in request')
+ ->element_exists('input[name=handle]:not([value])')
+ ->element_exists_not('div.button.top a')
+ ;
+
+# Login:
+# UTF8 request
+my $username = b('täst')->encode;
+$t->post_ok('/user/login' => form => {
+ handle => $username,
pwd => 'pass',
csrf_token => $csrf
})
@@ -447,6 +469,7 @@
->element_exists_not('div.notify-error')
->element_exists('div.notify-success')
->text_is('div.notify-success', 'Login successful')
+ ->attr_is('a.logout', 'title', "Logout: $username")
->element_exists_not('aside.off')
->element_exists_not('aside.active')
->element_exists('aside.settings')