--- a/dav.t
+++ b/dav.t
@@ -21,7 +21,7 @@ use Test::Nginx;
 select STDERR; $| = 1;
 select STDOUT; $| = 1;
 
-my $t = Test::Nginx->new()->has(qw/http dav/)->plan(13);
+my $t = Test::Nginx->new()->has(qw/http dav/)->plan(15);
 
 $t->write_file_expand('nginx.conf', <<'EOF');
 
@@ -130,6 +130,23 @@ Connection: close
 
 EOF
 
-like($r, qr/201.*(Content-Length|\x0d\0a0\x0d\x0a)/ms, 'move dir');
+like($r, qr/201 Created.*(Content-Length|\x0d\0a0\x0d\x0a)/ms, 'move dir');
+
+$r = http(<<EOF);
+COPY /file HTTP/1.1
+Host: localhost
+Destination: /file-moved%20escape
+Connection: close
+
+EOF
+
+like($r, qr/204 No Content/, 'copy file escaped');
+
+TODO: {
+local $TODO = 'not yet' unless $t->has_version('1.5.9');
+
+is(-s $t->testdir() . '/file-moved escape', 10, 'file copied unescaped');
+
+}
 
 ###############################################################################

--- a/proxy_xar.t
+++ b/proxy_xar.t
@@ -21,7 +21,7 @@ use Test::Nginx;
 select STDERR; $| = 1;
 select STDOUT; $| = 1;
 
-my $t = Test::Nginx->new()->has(qw/http proxy rewrite/)->plan(8);
+my $t = Test::Nginx->new()->has(qw/http proxy rewrite/)->plan(14);
 
 $t->write_file_expand('nginx.conf', <<'EOF');
 
@@ -84,4 +84,22 @@ like($r, qr/^Expires: fake/m, 'Expires p
 like($r, qr/^Accept-Ranges: parrots/m, 'Accept-Ranges preserved');
 unlike($r, qr/^Something/m, 'other headers stripped');
 
+TODO: {
+local $TODO = 'escaped characters' unless $t->has_version('1.5.9');
+
+like(http_get('/proxy?xar=/foo?bar'), qr/200 OK.*xar: \/foo\?bar/s,
+	'X-Accel-Redirect value unchanged');
+unlike(http_get('/proxy?xar=..'), qr/200 OK/,
+	'X-Accel-Redirect unsafe dotdot');
+unlike(http_get('/proxy?xar=../foo'), qr/200 OK/,
+	'X-Accel-Redirect unsafe dotdotsep');
+unlike(http_get('/proxy?xar=/foo/..'), qr/200 OK/,
+	'X-Accel-Redirect unsafe sepdotdot');
+unlike(http_get('/proxy?xar=/foo/.%2e'), qr/200 OK/,
+	'X-Accel-Redirect unsafe unescaped');
+like(http_get('/proxy?xar=/foo%20bar'), qr/uri: \/foo bar/,
+	'X-Accel-Redirect unescaped');
+
+}
+
 ###############################################################################

--- a/ssi.t
+++ b/ssi.t
@@ -23,7 +23,7 @@ select STDOUT; $| = 1;
 
 plan(skip_all => 'win32') if $^O eq 'MSWin32';
 
-my $t = Test::Nginx->new()->has(qw/http ssi cache proxy rewrite/)->plan(18);
+my $t = Test::Nginx->new()->has(qw/http ssi cache proxy rewrite/)->plan(21);
 
 $t->write_file_expand('nginx.conf', <<'EOF');
 
@@ -83,6 +83,14 @@ EOF
 	'X<!--#include virtual="/cache/empty.html" -->X');
 $t->write_file('empty.html', '');
 
+$t->write_file('unescape.html?', 'SEE-THIS');
+$t->write_file('unescape1.html',
+	'X<!--#include virtual="/tes%741.html?test=test" -->X');
+$t->write_file('unescape2.html',
+	'X<!--#include virtual="/unescape.html%3f" -->X');
+$t->write_file('unescape3.html',
+	'X<!--#include virtual="/test1.html%3ftest=test" -->X');
+
 $t->run();
 
 ###############################################################################
@@ -120,6 +128,20 @@ like(http_get('/test-empty2.html'), qr/H
 like(http_get('/test-empty3.html'), qr/HTTP/, 'empty with proxy');
 like(http_get('/test-empty3.html'), qr/HTTP/, 'empty with proxy cached');
 
+# handling of escaped URIs
+
+like(http_get('/unescape1.html'), qr/^XXtestXX$/m, 'escaped in path');
+
+TODO: {
+local $TODO = 'not yet' unless $t->has_version('1.5.9');
+
+like(http_get('/unescape2.html'), qr/^XSEE-THISX$/m,
+	'escaped question in path');
+like(http_get('/unescape3.html'), qr/404 Not Found/,
+	'escaped query separator');
+
+}
+
 like(`grep -F '[alert]' ${\($t->testdir())}/error.log`, qr/^$/s, 'no alerts');
 
 ###############################################################################