1 files changed, 15 insertions, 1 deletions
diff --git a/tests/security/redirect_test.php b/tests/security/redirect_test.php
index 8e36780ca4..e934a4ab1b 100644
--- a/tests/security/redirect_test.php
+++ b/tests/security/redirect_test.php
@@ -21,8 +21,22 @@ class phpbb_security_redirect_test extends phpbb_security_test_base
 			array('bad://localhost/phpBB/index.php', 'INSECURE_REDIRECT', false),
 			array('http://www.otherdomain.com/somescript.php', false, 'http://localhost/phpBB'),
 			array("http://localhost/phpBB/memberlist.php\n\rConnection: close", 'INSECURE_REDIRECT', false),
-			array('javascript:test', false, 'http://localhost/phpBB/../javascript:test'),
+			array('javascript:test', false, 'http://localhost/phpBB/javascript:test'),
 			array('http://localhost/phpBB/index.php;url=', 'INSECURE_REDIRECT', false),
+			array('http://localhost/phpBB/app.php/foobar', false, 'http://localhost/phpBB/app.php/foobar'),
+			array('./app.php/foobar', false, 'http://localhost/phpBB/app.php/foobar'),
+			array('app.php/foobar', false, 'http://localhost/phpBB/app.php/foobar'),
+			array('./../app.php/foobar', false, 'http://localhost/phpBB/app.php/foobar'),
+			array('./../app.php/foo/bar', false, 'http://localhost/phpBB/app.php/foo/bar'),
+			array('./../foo/bar', false, 'http://localhost/phpBB/foo/bar'),
+			array('app.php/', false, 'http://localhost/phpBB/app.php/'),
+			array('./app.php/', false, 'http://localhost/phpBB/app.php/'),
+			array('foobar', false, 'http://localhost/phpBB/foobar'),
+			array('./foobar', false, 'http://localhost/phpBB/foobar'),
+			array('foo/bar', false, 'http://localhost/phpBB/foo/bar'),
+			array('./foo/bar', false, 'http://localhost/phpBB/foo/bar'),
+			array('./../index.php', false, 'http://localhost/phpBB/index.php'),
+			array('../index.php', false, 'http://localhost/phpBB/index.php'),
 		);
 	}