From 6026c51490ca89ea59ee32bdaae50e0523e38623 Mon Sep 17 00:00:00 2001
From: "Brian S. Stephan" <bss@incorporeal.org>
Date: Sat, 20 Feb 2021 17:47:36 -0600
Subject: [PATCH] add some functional tests for our sanity checks

---
 tests/functional_tests.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/tests/functional_tests.py b/tests/functional_tests.py
index ad60d21..02e643c 100644
--- a/tests/functional_tests.py
+++ b/tests/functional_tests.py
@@ -15,6 +15,18 @@ def test_page_that_doesnt_exist(client):
     assert response.status_code == 404
 
 
+def test_files_outside_pages_do_not_get_served(client):
+    """Test that page pathing doesn't break out of the instance/pages/ dir."""
+    response = client.get('/../unreachable')
+    assert response.status_code == 400
+
+
+def test_weird_paths_do_not_get_served(client):
+    """Test that we clean up requests as desired."""
+    response = client.get('/../../')
+    assert response.status_code == 400
+
+
 def test_page_with_title_metadata(client):
     """Test that a page with title metadata has its title written."""
     response = client.get('/')