# HG changeset patch
# User Sean Farley <sean@farley.io>
# Date 1501537228 25200
# Node ID 48d520fdf8804f841cdfa14146c70e1062e62cf9
# Parent  0ee42a0df5be55404ea5d81b66f4c40c0c756105
push: add tests for unsafe ssh url (SEC)

diff -r 0ee42a0df5be -r 48d520fdf880 tests/test-push.t
--- a/tests/test-push.t	Fri Jul 28 16:47:32 2017 -0700
+++ b/tests/test-push.t	Mon Jul 31 14:40:28 2017 -0700
@@ -316,3 +316,22 @@
   adding manifests
   adding file changes
   added 1 changesets with 1 changes to 1 files
+
+SEC: check for unsafe ssh url
+
+  $ hg -R test-revflag push 'ssh://-oProxyCommand=touch${IFS}owned/path'
+  pushing to ssh://-oProxyCommand%3Dtouch%24%7BIFS%7Downed/path
+  abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path'
+  [255]
+  $ hg -R test-revflag push 'ssh://%2DoProxyCommand=touch${IFS}owned/path'
+  pushing to ssh://-oProxyCommand%3Dtouch%24%7BIFS%7Downed/path
+  abort: potentially unsafe url: 'ssh://-oProxyCommand=touch${IFS}owned/path'
+  [255]
+  $ hg -R test-revflag push 'ssh://fakehost|shellcommand/path'
+  pushing to ssh://fakehost%7Cshellcommand/path
+  abort: potentially unsafe url: 'ssh://fakehost|shellcommand/path'
+  [255]
+  $ hg -R test-revflag push 'ssh://fakehost%7Cshellcommand/path'
+  pushing to ssh://fakehost%7Cshellcommand/path
+  abort: potentially unsafe url: 'ssh://fakehost|shellcommand/path'
+  [255]