<script>alert('xss')</script> branch XSS attempt

@@ -0,0 +1,5 @@
+My filename only contains a single whitespace!
+
+As of 2014-11, it does not show on the file list at all.
+
+You can reach me with a /%20 on the URL.

/README.md

@@ -0,0 +1,11 @@
+My parent directory filename contains exactly 2 spaces!
+
+As of 2014-11, GitHub:
+
+-   does not list it on the tree show
+
+-   shows up internal files normally with /%20%20/README.md
+
+-   relative links in markdown fail and link to the parent directory instead: [a.md](a.md)
+
+-   if you try to to view it with /%20%20/, shows the parent directory instead instead of the directory, but the breadcrumbs still correctly show as a subdirectory: ![breadcrumb glitches](breadcrumb-glitches.png)

/a.md

@@ -0,0 +1 @@
+a.md

.drone.yml

@@ -0,0 +1,4 @@
+image: ubuntu
+script:
+  - echo a
+  - echo b > drone-artifact.txt

3

@@ -0,0 +1 @@
+3

README.md

@@ -1,15 +1,51 @@
-This repo is only for testing how Github works.
+Tests to see how Git web interfaces like GitHub and GitLab work exactly and to detect bugs with them.
 
-# markdown tests
+This repository is mirrored at:
 
-# h1
+- <https://github.com/cirosantilli/test>
+- <https://gitlab.com/cirosantilli/test>
+- <https://bitbucket.org/cirosantilli/test>
+- <https://sourceforge.net/projects/cirosantilli-test>
+- <https://code.google.com/p/cirosantilli-test>
+- <https://www.assembla.com/code/cirosantilli-test/git/nodes>
 
-## h2
+Tests that are very large will not be included here to keep this repository small:
 
-### h3
+- <https://github.com/cirosantilli/test-deep>
+- <https://github.com/cirosantilli/test-diff-many-files>
+- <https://github.com/cirosantilli/test-pr-many-commits>
 
-#### h4
+There are also some tests that could not be included here conveniently:
 
-##### h5
+- <https://github.com/cirosantilli/test-empty-commit>
+- <https://github.com/cirosantilli/test-empty-subdir>
+- <https://github.com/cirosantilli/test-long-filename-256>
+- <https://github.com/cirosantilli/test-long-filename-1024>
 
-## 012 UPERCASE underline_hyphen-spaces  others%%%end
+Other similar repos from other people:
+
+- <https://github.com/joernchen/evil_stuff>
+
+The most interesting files on this repository are:
+
+-   [markdown.md](markdown.md)
+
+-   [issue-markdown.md](issue-markdown.md): test the markdown on issues
+
+-   whitespace filename edge cases:
+
+    - [single whitespace filename](%20)
+    - [double whitespace directory name](%20%20/) and [its README](%20%20/README.md)
+    - [a b](a b)
+
+Interesting branches and tags:
+
+-   [`hasslash/a`](../hasslash/a): branch inside sub-directory
+
+-   [`-r`](../-r): branch with forbidden name, and in particular one that may be used for shell injection. 
+
+-   `<script>alert('xss')</script>` and `<b>a</b>`: XSS and defacement attempts
+
+    Create manually with `cp master -- -r` and push with `git push --all`.
+
+-   `tag-empty-blob`

VERSION

@@ -0,0 +1 @@
+1.1.1

a b

@@ -0,0 +1,3 @@
+My filename is "a b".
+
+As of 2014-11 I work just fine on GitHub.

a.atom

@@ -0,0 +1 @@
+aa

a.csv

@@ -0,0 +1,3 @@
+h1, h2, h3
+a, b, c
+1, 2, 3

a.git

@@ -0,0 +1 @@
+asdfqwer

a.json

@@ -0,0 +1 @@
+aa

a.rb

@@ -1,3 +1,32 @@
 def f(x)
-  return x + 1
+  x + 1
 end
+
+def g(x)
+  x + 1
+end
+
+def h(x)
+  x + 1
+end
+
+def a
+  1
+end
+
+def b
+  1
+end
+
+def c
+  1
+end
+
+Chaining style:
+
+a.
+  b.
+  c
+
+a.b.
+  c

a.rdoc

@@ -0,0 +1,3 @@
+= h1
+
+== h2

brancha

@@ -0,0 +1 @@
+a

conflict.md

@@ -0,0 +1 @@
+00

d/README.md

@@ -0,0 +1,13 @@
+# h
+
+[""]()
+
+[#h](#h)
+
+[/#h](/#h)
+
+[../README.md](../README.md)
+
+[README.md#h](README.md#h)
+
+[d/README.md#h](d/README.md#h)

deface.md

@@ -0,0 +1,7 @@
+The SHA of this commit begins with `deface`.
+
+It is used to test conflicts between SHA issue references and regular words.
+
+This commit was generated with:
+
+    https://github.com/bradfitz/gitbrute

diff

@@ -0,0 +1,2 @@
+This file is named `diff` to try and conflict with the GitLab diff URL.
+2

diff-highlight-adjacent.md

@@ -0,0 +1,5 @@
+a b c
+d E f
+g h i
+j K l
+m N o

diff-last-line.md

@@ -0,0 +1,4 @@
+a b c
+d E f
+g h i
+j K l

diff-visibility.md

@@ -0,0 +1 @@
+MNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMNNNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMNMN

diff.md

@@ -0,0 +1 @@
+very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very veri very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very very

executable

@@ -0,0 +1,3 @@
+This file has the executable bit on.
+
+It was created to see if web interfaces are showing that information of not.

hard-tabs.c

@@ -0,0 +1,3 @@
+{
+	2;
+}

html-fragment.html

@@ -0,0 +1 @@
+<h1>HTML</h1>

html.html

@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="utf-8"/>
+  <title>HTML</title>
+</head>
+<body>
+<h1>HTML</h1>
+</body>
+</html>

huge_table.md

@@ -0,0 +1,3 @@
+| a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a |
+|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
+| a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a | a |

issue-markdown.md

@@ -0,0 +1,43 @@
+This is the content of the issue used to test markdown rendering on issues of the web UI.
+
+- GitHub: https://github.com/cirosantilli/test/issues/4
+- GitLab: https://gitlab.com/cirosantilli/test/issues/1
+- BitBucket: https://bitbucket.org/cirosantilli/test/issue/1
+
+# Line breaks at newline
+
+line1
+line2
+
+# References
+
+commit SHA reference:
+
+- full URL: https://github.com/cirosantilli/test/commit/429ebfd5c2aebc7debe32347cb7b19869fa4dd29 https://gitlab.com/cirosantilli/test/commit/429ebfd5c2aebc7debe32347cb7b19869fa4dd29 https://bitbucket.org/cirosantilli/test/commit/429ebfd5c2aebc7debe32347cb7b19869fa4dd29 
+- full SHA: 429ebfd5c2aebc7debe32347cb7b19869fa4dd29
+- 7 char SHA: 429ebfd
+- 6 char SHA: 429ebf deface
+- 4 char SHA: 429e defa
+
+Commit non-SHA reference:
+
+- tag: https://github.com/cirosantilli/test/commit/annotated https://gitlab.com/cirosantilli/test/commit/annotated https://bitbucket.org/cirosantilli/test/commits/annotated
+- branch: https://github.com/cirosantilli/test/commit/branch-8 https://gitlab.com/cirosantilli/test/commit/branch-8 https://bitbucket.org/cirosantilli/test/commits/branch-8
+
+MR reference:
+
+- full URL https://github.com/cirosantilli/test/pull/1 https://gitlab.com/cirosantilli/test/merge_requests/1
+- hash id: #1
+
+Tag reference: https://github.com/cirosantilli/test/releases/tag/annotated
+
+# Line breaks at newline
+
+line1
+line2
+
+# Wide stuff
+
+mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm
+
+|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|