1
+ # Test
2
+
1
3
Tests to see how Git web interfaces like GitHub and GitLab work exactly detect bugs.
2
4
5
+ ## Mirrors
6
+
3
7
This repository is mirrored at:
4
8
5
9
- < https://github.com/cirosantilli/test >
@@ -12,6 +16,8 @@ This repository is mirrored at:
12
16
The SSH of those repos can be found at: [ remotes.sh] ( remotes.sh ) ,
13
17
including other repos which don't have public view like Atlas.
14
18
19
+ ## Related repositories
20
+
15
21
Tests that are very large will not be included here to keep this repository small:
16
22
17
23
- < https://github.com/cirosantilli/test-deep >
@@ -40,68 +46,82 @@ Other similar repos from other people:
40
46
Other useful things:
41
47
42
48
- < https://github.com/holman/feedback/issues > . May contain some extra semi-internal information.
49
+
43
50
- < https://github.com/showcases/projects-that-power-github >
44
51
- < https://github.com/holman/feedback/issues/553 > GitHub is hosted on Carpathia
45
52
- < https://github.com/holman/feedback/issues/544 > GitHub uses Mac?
46
53
54
+ ## Files
55
+
47
56
The most interesting files on this repository are:
48
57
49
- - Markup tests:
58
+ Markup tests:
59
+
60
+ - [ md.md] ( markdown.md )
61
+ - [ issue-md.md] ( issue-markdown.md ) : markdown on issues
62
+ - [ adoc.adoc] ( adoc.adoc )
63
+ - [ rdoc.rdoc] ( rdoc.rdoc )
64
+
65
+ Routing conflict attempts:
66
+
67
+ - [ atom.atom] ( atom.atom )
68
+ - [ diff] ( diff )
69
+ - [ diff.diff] ( diff.diff )
70
+ - [ patch.patch] ( patch.patch )
50
71
51
- - [ md.md] ( markdown.md )
52
- - [ issue-md.md] ( issue-markdown.md ) : markdown on issues
53
- - [ adoc.adoc] ( adoc.adoc )
54
- - [ rdoc.rdoc] ( rdoc.rdoc )
72
+ Weird stuff and attacks based on the filenames.
55
73
56
- - Routing conflict attempts :
74
+ The only filenames which are not valid are :
57
75
58
- - [ atom.atom] ( atom.atom )
76
+ - contain forward slash ` / `
77
+ - ` .git `
78
+ - ` . ` and ` .. ` , but not ` ... `
59
79
60
- - [ svg.svg ] ( svg.svg ) , with an XSS attempt
80
+ Everything else goes:
61
81
62
- - Weird stuff and attacks based on the filenames.
82
+ - [ ?a=b&c=d ] ( ?a=b&c=d )
63
83
64
- The only filenames which are not valid are:
84
+ - [ " ] ( " )
65
85
66
- - contain forward slash ` / `
67
- - ` .git `
68
- - ` . ` and ` .. ` , but not ` ... `
86
+ - [ #] ( # )
69
87
70
- Everything else goes:
88
+ - [ ' ] ( ' )
71
89
72
- - [ ?a=b&c=d ] ( ?a=b&c=d )
90
+ - [ : ] ( : )
73
91
74
- - [ " ] ( " )
92
+ - [ ; ] ( ; )
75
93
76
- - [ ' ] ( ' )
94
+ - [ \] ( \ )
77
95
78
- - [ # ] ( # )
96
+ - [ - ] ( - )
79
97
80
- - [ ; ] ( ; )
98
+ - [ -start-with-slash ] ( -start-with-slash )
81
99
82
- - [ : ] ( : )
100
+ - [ \. md ] ( \. md )
83
101
84
- - [ -start-with-slash ] ( -start-with-slash )
102
+ - whitespace filename edge cases:
85
103
86
- - [ <script >] ( < script > )
104
+ - [ single whitespace filename] ( %20 )
105
+ - [ double whitespace directory name] ( %20%20/ ) and [ its README] ( %20%20/README.md )
106
+ - [ a b] (a b)
87
107
88
- - ` <script src="data:text;utf8,alert('xss')"> `
108
+ - Case insensitive filename conflict attempt: [ CASE ] ( CASE ) , [ case ] ( case ) and [ CASE-DIR ] ( CASE-DIR ) , [ case-dir ] ( case-dir ) . Interestingly, however, ` .GIT ` fails: < https://gitlab.com/cirosantilli/test-GIT/tree/master >
89
109
90
- - [ back\slash ] ( back\slash )
110
+ Magic Git directories:
91
111
92
- - whitespace filename edge cases:
112
+ - Git directory inside Git directory: [ _ git ] ( _git ) .
93
113
94
- - [ single whitespace filename] ( %20 )
95
- - [ double whitespace directory name] ( %20%20/ ) and [ its README] ( %20%20/README.md )
96
- - [ a b] (a b)
114
+ For further mischief, the files in that directory were copied to the top-level of the repository.
97
115
98
- - Case insensitive filename conflict attempt: [ CASE ] ( CASE ) , [ case ] ( case ) and [ CASE-DIR ] ( CASE-DIR ) , [ case-dir ] ( case-dir ) . Interestingly, however, ` .GIT ` fails: < https://gitlab.com/cirosantilli/test-GIT/tree/master >
116
+ Other interesting things to do are the uppercase ` .Git ` and the ` .git ` file, which did not fit well in this repository.
99
117
100
- - Magic Git directories :
118
+ XSS attempts :
101
119
102
- - Git directory inside Git directory: [ _ git] ( _git ) .
120
+ - [ <script >] ( < script > )
121
+ - ` <script src="data:text;utf8,alert('xss')"> `
122
+ - [ svg.svg] ( svg.svg ) , with an XSS attempt
103
123
104
- For further mischief, the files in that directory were copied to the top-level of the repository.
124
+ ## Refs
105
125
106
126
Interesting branches and tags:
107
127
0 commit comments