ea1184168d
Implement comprehensive path-traversal security tests documenting the 10 canonical payloads from the threat model (plan line 891). The test suite verifies that the resolve_path function in mcp/root.rs properly rejects path-traversal attempts when --root mode is enabled, while allowing HTTPS URLs to bypass validation per INV-10. Test coverage: - All 10 traversal payloads rejected when --root is set - Valid paths within root are accepted - HTTPS URLs bypass root check - Symlink escapes are caught - URL-encoded traversal is rejected - Special filesystem paths are rejected - Deep traversal payloads are caught Acceptance: All 10 tests pass. Current state documented: Phase 1 (current): paths pass through without --root; validated with --root Phase 2 (future): --root mode to be wired to MCP server entry point References: Plan line 891 (TH-02), INV-10 (no file-path params in HTTP mode) Closes: pdftract-4h06h |
||
|---|---|---|
| .. | ||
| benches | ||
| src | ||
| tests | ||
| build.rs | ||
| Cargo.toml | ||
| pdftract-cli.cdx.json | ||