Directory-Based Testing
Now it’s time to move on to directory-based testing. You’ll recall that we had previously determined the scanner tests would consist of parameter-based and directory-based testing routines. To perform directory-based testing, we must develop some logic that loops through each directory level within the test request and calls the appropriate testing subroutines at each level. Because we want to test every directory regardless of its content, we do not discriminate against any attributes of the test request (i.e., request method, presence of parameter data, etc.).
The first thing we do is isolate the path and file information from
the rest of the test entry. Specifically, we strip out the request
method at the beginning of the current test request
($oRequest) and any parameter data appended to it.
For simplicity, we declare a trash variable
($trash) for allocating unnecessary data and keep
the portion of the test request to be used in the
$oRequest variable:
my $trash; ($trash, $oRequest, $trash) = split(/\ |\?/, $oRequest);
Now that we have isolated our path and file data, we create an array
containing each directory and subdirectory from the
$oRequest variable. We can do this by performing a
split using a forward slash (/):
my @directories = split(m{/}, $oRequest);Before we start looping through each directory level, we need to
determine whether the last member of our
@directories array is a filename. If the request was to a directory containing a default web ...
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
