183 lines
6.2 KiB
Bash
183 lines
6.2 KiB
Bash
|
#!/bin/bash
|
||
|
|
|
||
|
|
# ============================================
|
||
|
|
# Drupal .htaccess Rules Test Script
|
||
|
|
# ============================================
|
||
|
|
# This script tests each rule from cms/drupal/.htaccess
|
||
|
|
# Assumption: Site root is mapped to /home/alexey/projects/workspace-zed/test1/cms/drupal
|
||
|
|
# Domain: test.my.brp
|
||
|
|
# ============================================
|
||
|
|
|
||
|
|
BASE_URL="http://test.my.brp"
|
||
|
|
|
||
|
|
echo "=============================================="
|
||
|
|
echo "Drupal .htaccess Rules Test Suite"
|
||
|
|
echo "=============================================="
|
||
|
|
echo ""
|
||
|
|
|
||
|
|
# Function to test a rule and report result (status only)
|
||
|
|
test_rule() {
|
||
|
|
local description="$1"
|
||
|
|
local url="$2"
|
||
|
|
local expected_status="$3" # e.g., 403, 404, 200, 301
|
||
|
|
|
||
|
|
echo "--- Test: $description ---"
|
||
|
|
response=$(curl -s -o /dev/null -w "%{http_code}" "$url")
|
||
|
|
|
||
|
|
if [ "$response" = "$expected_status" ]; then
|
||
|
|
echo "✓ PASS (HTTP $response)"
|
||
|
|
else
|
||
|
|
echo "✗ FAIL (Expected: HTTP $expected_status, Got: HTTP $response)"
|
||
|
|
fi
|
||
|
|
echo ""
|
||
|
|
}
|
||
|
|
|
||
|
|
# Function to test a rule and verify content contains expected string
|
||
|
|
test_rule_content() {
|
||
|
|
local description="$1"
|
||
|
|
local url="$2"
|
||
|
|
local headers="$3" # Optional: additional curl -H header flags (can be empty)
|
||
|
|
local expected_status="$4" # e.g., 403, 404, 200, 301
|
||
|
|
local expected_content="$5" # Expected substring in response body
|
||
|
|
|
||
|
|
echo "--- Test: $description ---"
|
||
|
|
|
||
|
|
if [ -n "$headers" ]; then
|
||
|
|
response=$(curl -s -H "$headers" "$url")
|
||
|
|
http_code=$(curl -s -H "$headers" -o /dev/null -w "%{http_code}" "$url")
|
||
|
|
else
|
||
|
|
response=$(curl -s "$url")
|
||
|
|
http_code=$(curl -s -o /dev/null -w "%{http_code}" "$url")
|
||
|
|
fi
|
||
|
|
|
||
|
|
# Check status code
|
||
|
|
if [ "$http_code" != "$expected_status" ]; then
|
||
|
|
echo "✗ FAIL (Status: HTTP $http_code, Expected: HTTP $expected_status)"
|
||
|
|
return 1
|
||
|
|
fi
|
||
|
|
|
||
|
|
# Check content contains expected substring
|
||
|
|
if [[ "$response" == *"$expected_content"* ]]; then
|
||
|
|
echo "✓ PASS (HTTP $http_code, Content matches '$expected_content')"
|
||
|
|
else
|
||
|
|
echo "✗ FAIL (Content missing: '$expected_content') - Response:"
|
||
|
|
echo "$response" | head -5
|
||
|
|
fi
|
||
|
|
echo ""
|
||
|
|
}
|
||
|
|
|
||
|
|
echo "=============================================="
|
||
|
|
echo "1. RewriteEngine Activation"
|
||
|
|
echo "=============================================="
|
||
|
|
# Test basic routing through index.php (proves RewriteEngine is active)
|
||
|
|
test_rule_content "Basic page routing via index.php" \
|
||
|
|
"$BASE_URL/normal-page/" \
|
||
|
|
"" \
|
||
|
|
"200" \
|
||
|
|
"Drupal Content Route"
|
||
|
|
|
||
|
|
echo ""
|
||
|
|
echo "=============================================="
|
||
|
|
echo "2. Protocol Variables (protossl)"
|
||
|
|
echo "============================================}"
|
||
|
|
# Test HTTPS protocol detection - since we use http://, HTTPS should be off
|
||
|
|
test_rule_content "HTTP request without HTTPS (protocol detection)" \
|
||
|
|
"$BASE_URL/normal-page/" \
|
||
|
|
"" \
|
||
|
|
"200" \
|
||
|
|
"Drupal Content Route"
|
||
|
|
|
||
|
|
echo ""
|
||
|
|
echo "=============================================="
|
||
|
|
echo "3. HTTP Authorization Header Passing"
|
||
|
|
echo "=============================================="
|
||
|
|
# Test that Authorization header is properly handled by Drupal REST API
|
||
|
|
test_rule_content "Drupal handles Authorization header (API request)" \
|
||
|
|
"$BASE_URL/rest/api/v1" \
|
||
|
|
"Authorization: Bearer token_abc123" \
|
||
|
|
"200" \
|
||
|
|
"Drupal Content Route"
|
||
|
|
|
||
|
|
echo ""
|
||
|
|
echo "=============================================="
|
||
|
|
echo "4. Hidden Files/Patterns Protection Rule"
|
||
|
|
echo "=============================================="
|
||
|
|
# Test hidden files blocked by RewriteRule "/\.|^\.(?!well-known/)" - [F]
|
||
|
|
test_rule "Block .htaccess hidden file (pattern \.)" \
|
||
|
|
"$BASE_URL/.htaccess" \
|
||
|
|
"403"
|
||
|
|
|
||
|
|
test_rule "Block .htpasswd hidden file (pattern \.)" \
|
||
|
|
"$BASE_URL/.htpasswd" \
|
||
|
|
"403"
|
||
|
|
|
||
|
|
test_rule_content "Allow .well-known/robots.txt (exception for well-known)" \
|
||
|
|
"$BASE_URL/.well-known/robots.txt" \
|
||
|
|
"" \
|
||
|
|
"200" \
|
||
|
|
"User-agent:"
|
||
|
|
|
||
|
|
echo ""
|
||
|
|
echo "=============================================="
|
||
|
|
echo "5. Core install/rebuild.php Protection Rules"
|
||
|
|
echo "============================================}"
|
||
|
|
# Test install.php protection - should route to core/install.php with rewrite=ok parameter
|
||
|
|
test_rule "Core install.php protected routing" \
|
||
|
|
"$BASE_URL/install.php" \
|
||
|
|
"301"
|
||
|
|
|
||
|
|
# Test rebuild.php protection - similar redirect pattern
|
||
|
|
test_rule "Core rebuild.php protected routing" \
|
||
|
|
"$BASE_URL/rebuild.php" \
|
||
|
|
"301"
|
||
|
|
|
||
|
|
echo ""
|
||
|
|
echo "=============================================="
|
||
|
|
echo "6. Drupal Core Files Routing Rules"
|
||
|
|
echo "============================================}"
|
||
|
|
# Test existing file access (!-f condition passes) - should return 200 OK without routing to index.php
|
||
|
|
test_rule_content "Existing favicon.ico access (!-f condition)" \
|
||
|
|
"$BASE_URL/favicon.ico" \
|
||
|
|
"" \
|
||
|
|
"200" \
|
||
|
|
"This is a placeholder for Drupal test favicon.ico"
|
||
|
|
|
||
|
|
echo ""
|
||
|
|
echo "=============================================="
|
||
|
|
echo "7. Main Drupal Routing Rules"
|
||
|
|
echo "============================================}"
|
||
|
|
# Test non-existing file routing through index.php (main routing) - !-f AND !-d pass
|
||
|
|
test_rule_content "Non-existing page routing (routes to index.php)" \
|
||
|
|
"$BASE_URL/nonexistent-page/" \
|
||
|
|
"" \
|
||
|
|
"200" \
|
||
|
|
"Drupal Content Route"
|
||
|
|
|
||
|
|
# Test existing directory access (!-d condition passes) - should return 200 OK
|
||
|
|
test_rule "Existing directory access (somedir/)" \
|
||
|
|
"$BASE_URL/somedir/" \
|
||
|
|
"403"
|
||
|
|
|
||
|
|
echo ""
|
||
|
|
echo "=============================================="
|
||
|
|
echo "8. Core Modules Tests Files Exceptions"
|
||
|
|
echo "============================================}"
|
||
|
|
# Test https.php in tests directory - should NOT route to index.php (excluded by RewriteCond)
|
||
|
|
test_rule_content "Core modules/tests/https.php excluded from routing (!-php condition)" \
|
||
|
|
"$BASE_URL/core/modules/system/tests/https.php" \
|
||
|
|
"" \
|
||
|
|
"200" \
|
||
|
|
"# This is a test Drupal https.php in tests directory"
|
||
|
|
|
||
|
|
# Test http.php in tests directory - same exclusion applies (s for https? regex)
|
||
|
|
test_rule_content "Core modules/tests/http.php excluded from routing" \
|
||
|
|
"$BASE_URL/core/modules/system/tests/http.php" \
|
||
|
|
"" \
|
||
|
|
"200" \
|
||
|
|
"# This is a test Drupal http.php in tests directory"
|
||
|
|
|
||
|
|
echo ""
|
||
|
|
echo "=============================================="
|
||
|
|
echo "Test Suite Complete"
|
||
|
|
echo "=============================================="
|