t/04_static_file/02_dir_traversal.t

use strict;
use warnings;


use Test::More import => ['!pass'];
use Dancer::Test;

# All these paths should return 404; if we get a file served, we have a
# directory traversal vulnerability!
my @try_paths = qw(
    /css/../../secretfile
    ../secretfile
    /etc/passwd
    ../../../../../../../../../../../../etc/passwd
);

plan tests => scalar @try_paths;

use Dancer ':syntax';

set public => path( dirname(__FILE__), 'static' );
my $public = setting('public');

for my $path (@try_paths) {
    my $resp = Dancer::Test::_get_file_response( [ GET => $path ] );
    ok !$resp, "Request to $path did not return a file response";
}

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)