<testcase> <info> <keywords> HTTP HTTP POST HTTP Digest auth </keywords> </info> # Server-side <reply> <data> HTTP/1.1 200 beng swsclose swsbounce Server: Microsoft-IIS/6.0 Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth Content-Type: text/html; charset=iso-8859-1 This is not the real page </data> <data1> HTTP/1.1 200 moo swsclose Server: Microsoft-IIS/6.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 16 content for you </data1> <datacheck> HTTP/1.1 200 beng swsclose swsbounce Server: Microsoft-IIS/6.0 Authentication-Info: Passport1.4 tname=MSPAuth,tname=MSPProf,tname=MSPConsent,tname=MSPSecAuth Content-Type: text/html; charset=iso-8859-1 HTTP/1.1 200 moo swsclose Server: Microsoft-IIS/6.0 Content-Type: text/html; charset=iso-8859-1 Content-Length: 16 content for you </datacheck> </reply> # Client-side <client> # <server> http </server> <features> crypto </features> <name> HTTP POST --digest to server not requiring any auth at all </name> <command> http://%HOSTIP:%HTTPPORT/175 -u auser:apasswd --digest -d "junkelijunk" </command> </client> # Verify data after the test has been "shot" <verify> <strip> ^User-Agent:.* </strip> <protocol nonewline="yes"> POST /175 HTTP/1.1 User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6 Host: %HOSTIP:%HTTPPORT Accept: */* Content-Length: 0 Content-Type: application/x-www-form-urlencoded POST /175 HTTP/1.1 User-Agent: curl/7.12.1-CVS (i686-pc-linux-gnu) libcurl/7.12.1-CVS OpenSSL/0.9.6b ipv6 zlib/1.1.4 GSS libidn/0.4.6 Host: %HOSTIP:%HTTPPORT Accept: */* Content-Length: 11 Content-Type: application/x-www-form-urlencoded junkelijunk </protocol> </verify> </testcase>