use the collapsed path in the run_cgi method (closes #19435)

2025-08-04 00:48:58 +00:00 · 2013-10-30 12:43:09 -04:00 · 2013-10-30 12:43:09 -04:00 · 04e9de40f3
commit 04e9de40f3
parent 505be2146f
3 changed files with 16 additions and 5 deletions
--- a/Lib/test/test_httpservers.py
+++ b/Lib/test/test_httpservers.py
@ -388,6 +388,11 @@ class CGIHTTPServerTestCase(BaseTestCase):
        else:
            self.pythonexe = sys.executable

+        self.nocgi_path = os.path.join(self.parent_dir, 'nocgi.py')
+        with open(self.nocgi_path, 'w') as fp:
+            fp.write(cgi_file1 % self.pythonexe)
+        os.chmod(self.nocgi_path, 0o777)
+
        self.file1_path = os.path.join(self.cgi_dir, 'file1.py')
        with open(self.file1_path, 'w') as file1:
            file1.write(cgi_file1 % self.pythonexe)
@ -406,6 +411,7 @@ class CGIHTTPServerTestCase(BaseTestCase):
            os.chdir(self.cwd)
            if self.pythonexe != sys.executable:
                os.remove(self.pythonexe)
+            os.remove(self.nocgi_path)
            os.remove(self.file1_path)
            os.remove(self.file2_path)
            os.rmdir(self.cgi_dir)
@ -457,6 +463,10 @@ class CGIHTTPServerTestCase(BaseTestCase):
        self.assertEqual((b'Hello World\n', 'text/html', 200), \
             (res.read(), res.getheader('Content-type'), res.status))

+    def test_issue19435(self):
+        res = self.request('///////////nocgi.py/../cgi-bin/nothere.sh')
+        self.assertEqual(res.status, 404)
+
    def test_post(self):
        params = urllib.parse.urlencode(
            {'spam' : 1, 'eggs' : 'python', 'bacon' : 123456})