| Sl No | Test Case | ACL | Details of the form |
| 1 | With “/” in the post
action |
Restricted access to entire server but for
authenticated users |
<form action=”/hello.cgi”…> |
| 2 | Query parameters in the url and the form having additional form elements | Restricted access to entire server but for authenticated users | http://host>:<post>/login.html?Name=test&empID=12…
<form action=”/hello.cgi” ….> |
| 3. | With query parameters in the action of the POST method | Restricted access to entire server but for authenticated users | http:// <host>:<post>/login.html
<form action=”/hello.cgi?Name=charu&empID=10”...> |
| 4. | Restricting access to *.cgi and entire server | Restricted access to
*.cgi resources but for authenticated users |
http:// <host>:<post>/login.html
<form action=”/hello.cgi?Name=charu&empID=10”..> |
| 5. | Restricting access to *.html and cgi resources | Restricted access to
*.cgi resources and*.html but for authenticated users |
http:// <host>:<post>/login.html
<form action=”/hello.cgi?Name=charu&empID=10”..> |
| 6. | Restricting access to *.html and cgi resources for only user1 | Restricted access to
*.cgi resources and *.html but for user1 |
http:// <host>:<post>/login.html
<form action=”/hello.cgi?Name=charu&empID=10”..> |
| 7. | With the cgi script in the different subdirectory | Restricted access to
*.cgi resources and *.html but for authenticated users |
http:// <host>:<post>/login.html
<form action=”/mycgi/hello.cgi?Name=charu&empID=10” ….> |
| 8. | Restricted access to docs diectory | Restricted access to
*.cgi resources , *.html and docs directory but for authenticated users |
http:// <host>:<post>/login.html
<form action=”/mycgi/hello.cgi?Name=charu&empID=10” ….> |