Files
Charon/backend/internal/api/handlers/import_handler_path_test.go
GitHub Actions 8294d6ee49 Add QA test outputs, build scripts, and Dockerfile validation
- Created `qa-test-output-after-fix.txt` and `qa-test-output.txt` to log results of certificate page authentication tests.
- Added `build.sh` for deterministic backend builds in CI, utilizing `go list` for efficiency.
- Introduced `codeql_scan.sh` for CodeQL database creation and analysis for Go and JavaScript/TypeScript.
- Implemented `dockerfile_check.sh` to validate Dockerfiles for base image and package manager mismatches.
- Added `sourcery_precommit_wrapper.sh` to facilitate Sourcery CLI usage in pre-commit hooks.
2025-12-11 18:26:24 +00:00

31 lines
584 B
Go

package handlers
import (
"path/filepath"
"testing"
)
func TestIsSafePathUnderBase(t *testing.T) {
base := filepath.FromSlash("/tmp/session")
cases := []struct {
name string
want bool
}{
{"Caddyfile", true},
{"site/site.conf", true},
{"../etc/passwd", false},
{"../../escape", false},
{"/absolute/path", false},
{"", false},
{".", false},
{"sub/../ok.txt", true},
}
for _, tc := range cases {
got := isSafePathUnderBase(base, tc.name)
if got != tc.want {
t.Fatalf("isSafePathUnderBase(%q, %q) = %v; want %v", base, tc.name, got, tc.want)
}
}
}