spec/support/test_server.rb in patron-0.6.4 vs spec/support/test_server.rb in patron-0.6.5

@@ -106,10 +106,17 @@
     res['Location'] = "http://localhost:9001/test"
     res.status = 301
   end
 end
 
+class EvilRedirectServlet < HTTPServlet::AbstractServlet
+  def do_GET(req,res)
+    res['Location'] = "smtp://mailbox:secret@localhost"
+    res.status = 301
+  end
+end
+
 class TestPostBodyServlet < HTTPServlet::AbstractServlet
   include RespondWith
   def do_POST(req, res)
     respond_with(:POST, {'body' => req.body, 'content_type' => req.content_type}, res)
   end
@@ -186,9 +193,10 @@
     @server.mount("/test", TestServlet)
     @server.mount("/testpost", TestPostBodyServlet)
     @server.mount("/testpatch", TestPatchBodyServlet)
     @server.mount("/timeout", TimeoutServlet)
     @server.mount("/redirect", RedirectServlet)
+    @server.mount("/evil-redirect", EvilRedirectServlet)
     @server.mount("/picture", PictureServlet)
     @server.mount("/setcookie", SetCookieServlet)
     @server.mount("/repetitiveheader", RepetitiveHeaderServlet)
     @server.mount("/wrongcontentlength", WrongContentLengthServlet)
     @server.mount("/gzip-compressed", GzipServlet)