diff --git a/headers/modsecurity/transaction.h b/headers/modsecurity/transaction.h index 3e70caa38e..ff56d90db5 100644 --- a/headers/modsecurity/transaction.h +++ b/headers/modsecurity/transaction.h @@ -645,6 +645,11 @@ class Transaction : public TransactionAnchoredVariables, public TransactionSecMa * the web server (connector) log. */ void *m_logCbData; + + /** + * Whether the request body was bigger than RequestBodyLimit. + */ + bool m_requestBodyLimitExceeded; }; diff --git a/src/request_body_processor/json.cc b/src/request_body_processor/json.cc index f56704effa..81e910cc0f 100644 --- a/src/request_body_processor/json.cc +++ b/src/request_body_processor/json.cc @@ -29,7 +29,8 @@ namespace RequestBodyProcessor { static const double json_depth_limit_default = 10000.0; static const char* json_depth_limit_exceeded_msg = ". Parsing depth limit exceeded"; -JSON::JSON(Transaction *transaction) : m_transaction(transaction), +JSON::JSON(Transaction *transaction) + : m_transaction(transaction), m_handle(NULL), m_current_key(""), m_max_depth(json_depth_limit_default), @@ -68,8 +69,6 @@ JSON::JSON(Transaction *transaction) : m_transaction(transaction), * TODO: make UTF8 validation optional, as it depends on Content-Encoding */ m_handle = yajl_alloc(&callbacks, NULL, this); - - yajl_config(m_handle, yajl_allow_partial_values, 0); } @@ -83,7 +82,8 @@ JSON::~JSON() { } -bool JSON::init() { +bool JSON::init(unsigned int allow_partial_values) { + yajl_config(m_handle, yajl_allow_partial_values, allow_partial_values); return true; } diff --git a/src/request_body_processor/json.h b/src/request_body_processor/json.h index 961ea94ea8..7a2c2b505b 100644 --- a/src/request_body_processor/json.h +++ b/src/request_body_processor/json.h @@ -60,7 +60,7 @@ class JSON { explicit JSON(Transaction *transaction); ~JSON(); - static bool init(); + bool init(unsigned int allow_partial_values = 0); bool processChunk(const char *buf, unsigned int size, std::string *err); bool complete(std::string *err); diff --git a/src/request_body_processor/xml.cc b/src/request_body_processor/xml.cc index cbb7894c9b..8cd169eb16 100644 --- a/src/request_body_processor/xml.cc +++ b/src/request_body_processor/xml.cc @@ -150,7 +150,7 @@ extern "C" { } XML::XML(Transaction *transaction) - : m_transaction(transaction) { + : m_transaction(transaction), m_require_well_formed(false) { m_data.doc = NULL; m_data.parsing_ctx = NULL; m_data.sax_handler = NULL; @@ -171,7 +171,8 @@ XML::~XML() { } } -bool XML::init() { +bool XML::init(bool require_well_formed) { + m_require_well_formed = require_well_formed; //xmlParserInputBufferCreateFilenameFunc entity; if (m_transaction->m_rules->m_secXMLExternalEntity == RulesSetProperties::TrueConfigBoolean) { @@ -280,7 +281,7 @@ bool XML::processChunk(const char *buf, unsigned int size, != RulesSetProperties::OnlyArgsConfigXMLParseXmlIntoArgs) { xmlParseChunk(m_data.parsing_ctx, buf, size, 0); m_data.xml_parser_state->parsing_ctx_arg = m_data.parsing_ctx_arg; - if (m_data.parsing_ctx->wellFormed != 1) { + if (m_require_well_formed && m_data.parsing_ctx->wellFormed != 1) { error->assign("XML: Failed to parse document."); ms_dbg_a(m_transaction, 4, "XML: Failed to parse document."); return false; @@ -296,7 +297,7 @@ bool XML::processChunk(const char *buf, unsigned int size, == RulesSetProperties::TrueConfigXMLParseXmlIntoArgs) ) { xmlParseChunk(m_data.parsing_ctx_arg, buf, size, 0); - if (m_data.parsing_ctx_arg->wellFormed != 1) { + if (m_require_well_formed && m_data.parsing_ctx_arg->wellFormed != 1) { error->assign("XML: Failed to parse document for ARGS."); ms_dbg_a(m_transaction, 4, "XML: Failed to parse document for ARGS."); return false; @@ -326,7 +327,7 @@ bool XML::complete(std::string *error) { ms_dbg_a(m_transaction, 4, "XML: Parsing complete (well_formed " \ + std::to_string(m_data.well_formed) + ")."); - if (m_data.well_formed != 1) { + if (m_require_well_formed && m_data.well_formed != 1) { error->assign("XML: Failed to parse document."); ms_dbg_a(m_transaction, 4, "XML: Failed to parse document."); return false; diff --git a/src/request_body_processor/xml.h b/src/request_body_processor/xml.h index df766d03b7..b3618ed48f 100644 --- a/src/request_body_processor/xml.h +++ b/src/request_body_processor/xml.h @@ -87,7 +87,7 @@ class XML { public: explicit XML(Transaction *transaction); ~XML(); - bool init(); + bool init(bool require_well_formed = true); bool processChunk(const char *buf, unsigned int size, std::string *err); bool complete(std::string *err); static xmlParserInputBufferPtr unloadExternalEntity(const char *URI, @@ -98,6 +98,7 @@ class XML { private: Transaction *m_transaction; std::string m_header; + bool m_require_well_formed; }; #endif diff --git a/src/transaction.cc b/src/transaction.cc index 6c8ae9744c..da4c771d9f 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -150,6 +150,7 @@ Transaction::Transaction(ModSecurity *ms, RulesSet *rules, const char *id, m_secRuleEngine(RulesSetProperties::PropertyNotSetRuleEngine), m_secXMLParseXmlIntoArgs(rules->m_secXMLParseXmlIntoArgs), m_logCbData(logCbData), + m_requestBodyLimitExceeded(false), TransactionAnchoredVariables(this) { m_variableUrlEncodedError.set("0", 0); m_variableMscPcreError.set("0", 0); @@ -694,27 +695,33 @@ int Transaction::processRequestBody() { std::unique_ptr a = m_variableRequestHeaders.resolveFirst( "Content-Type"); + bool is_process_partial = (m_rules->m_requestBodyLimitAction + == RulesSet::BodyLimitAction::ProcessPartialBodyLimitAction); + bool requestBodyNoFilesLimitExceeded = false; if ((m_requestBodyType == WWWFormUrlEncoded) || (m_requestBodyProcessor == JSONRequestBody) || (m_requestBodyProcessor == XMLRequestBody)) { if ((m_rules->m_requestBodyNoFilesLimit.m_set) && (m_requestBody.str().size() > m_rules->m_requestBodyNoFilesLimit.m_value)) { - m_variableReqbodyError.set("1", 0); - m_variableReqbodyErrorMsg.set("Request body excluding files is bigger than the maximum expected.", 0); - m_variableInboundDataError.set("1", m_variableOffset); - ms_dbg(5, "Request body excluding files is bigger than the maximum expected. Limit: " \ - + std::to_string(m_rules->m_requestBodyNoFilesLimit.m_value)); + if (!is_process_partial) { + m_variableReqbodyError.set("1", 0); + m_variableReqbodyErrorMsg.set("Request body excluding files is bigger than the maximum expected.", 0); + m_variableInboundDataError.set("1", m_variableOffset); + ms_dbg(5, "Request body excluding files is bigger than the maximum expected. Limit: " \ + + std::to_string(m_rules->m_requestBodyNoFilesLimit.m_value)); + } requestBodyNoFilesLimitExceeded = true; - } + } } #ifdef WITH_LIBXML2 if (m_requestBodyProcessor == XMLRequestBody) { // large size might cause issues in the parsing itself; omit if exceeded - if (!requestBodyNoFilesLimitExceeded) { + if (!requestBodyNoFilesLimitExceeded || is_process_partial) { std::string error; - if (m_xml->init() == true) { + bool require_well_formed = !(is_process_partial && m_requestBodyLimitExceeded); + if (m_xml->init(require_well_formed) == true) { m_xml->processChunk(m_requestBody.str().c_str(), m_requestBody.str().size(), &error); @@ -740,12 +747,13 @@ int Transaction::processRequestBody() { if (m_requestBodyProcessor == JSONRequestBody) { #endif // large size might cause issues in the parsing itself; omit if exceeded - if (!requestBodyNoFilesLimitExceeded) { + if (!requestBodyNoFilesLimitExceeded || is_process_partial) { std::string error; if (m_rules->m_requestBodyJsonDepthLimit.m_set) { m_json->setMaxDepth(m_rules->m_requestBodyJsonDepthLimit.m_value); } - if (m_json->init() == true) { + unsigned int allow_partial_values = is_process_partial && m_requestBodyLimitExceeded; + if (m_json->init(allow_partial_values) == true) { m_json->processChunk(m_requestBody.str().c_str(), m_requestBody.str().size(), &error); @@ -935,6 +943,7 @@ int Transaction::appendRequestBody(const unsigned char *buf, size_t len) { if (this->m_rules->m_requestBodyLimit.m_value > 0 && this->m_rules->m_requestBodyLimit.m_value < len + current_size) { + m_requestBodyLimitExceeded = true; m_variableInboundDataError.set("1", m_variableOffset); ms_dbg(5, "Request body is bigger than the maximum expected."); diff --git a/test/regression/regression.cc b/test/regression/regression.cc index ba37f76dfb..38dc1ff6e8 100644 --- a/test/regression/regression.cc +++ b/test/regression/regression.cc @@ -311,6 +311,7 @@ void perform_unit_test(const ModSecurityTest &test, modsec_transaction.appendResponseBody( (unsigned char *)t->response_body.c_str(), t->response_body.size()); + modsec_transaction.processResponseBody(); actions(&r, &modsec_transaction, &context.m_server_log); diff --git a/test/test-cases/regression/collection-case-insensitive.json b/test/test-cases/regression/collection-case-insensitive.json index 83c3a4d818..a2955fd0bb 100644 --- a/test/test-cases/regression/collection-case-insensitive.json +++ b/test/test-cases/regression/collection-case-insensitive.json @@ -4,16 +4,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: Case insensitive (1/1)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -30,12 +30,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -46,12 +46,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"matched_var:PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_headers \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=matched_var:%{matched_var}%\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" diff --git a/test/test-cases/regression/collection-regular_expression_selection.json b/test/test-cases/regression/collection-regular_expression_selection.json index 5ac6db40a2..137b391030 100644 --- a/test/test-cases/regression/collection-regular_expression_selection.json +++ b/test/test-cases/regression/collection-regular_expression_selection.json @@ -4,16 +4,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX/regular expression (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -30,12 +30,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -46,13 +46,13 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Saving variable: IP:nah with value: nops", "error_log":"", "http_code":200 }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS:/^id_/ \"@contains test\" \"id:1,phase:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"", "SecRule ARGS:/^id_/ \"@contains test\" \"id:2,phase:2,t:lowercase,setvar:IP.nah=nops\"", @@ -64,16 +64,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX/regular expression (2/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -90,12 +90,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -106,12 +106,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Saving variable: IP:id_a with value: nops", "http_code":403 }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS:/^id_/ \"@contains test\" \"id:11,phase:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"", "SecRule ARGS:/^id_/ \"@contains test\" \"id:12,phase:2,t:lowercase,setvar:IP.id_a=nops\"", diff --git a/test/test-cases/regression/collection-resource.json b/test/test-cases/regression/collection-resource.json index b73d00cb14..2652ca493c 100644 --- a/test/test-cases/regression/collection-resource.json +++ b/test/test-cases/regression/collection-resource.json @@ -4,16 +4,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: RESOURCE (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -30,20 +30,20 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, "body":[ ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"123\" \\(Variable: RESOURCE:whee::::test\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,initcol:resource=%{ARGS.resource},id:900003\"", "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,setvar:resource.test=123,id:900000\"", @@ -56,16 +56,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: RESOURCE (2/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -82,20 +82,20 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, "body":[ ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"RESOURCE:whee::webappid::test", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecWebAppId webappid", "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,initcol:resource=%{ARGS.resource},id:900003\"", diff --git a/test/test-cases/regression/collection-tx-with-macro.json b/test/test-cases/regression/collection-tx-with-macro.json index a0173b6bb6..3b4bd1e1f8 100644 --- a/test/test-cases/regression/collection-tx-with-macro.json +++ b/test/test-cases/regression/collection-tx-with-macro.json @@ -4,16 +4,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX (with macro) (1/4)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -30,12 +30,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -46,12 +46,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=%{REQUEST_HEADERS:Cookie}%\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" @@ -62,16 +62,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX (with macro) (2/4)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -88,12 +88,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -104,12 +104,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"1\" \\(Variable: TX:somethingPHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something%{REQUEST_HEADERS:Cookie}%\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" @@ -120,16 +120,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX (with macro) (3/4)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -146,12 +146,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -162,12 +162,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"310\" \\(Variable: TX:something\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=%{REQUEST_HEADERS:Keep-Alive}%\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"", @@ -179,16 +179,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX (with macro) (4/4)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -205,12 +205,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -221,12 +221,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"5\" \\(Variable: TX:something_else\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something_else=%{tx.something}%\"", diff --git a/test/test-cases/regression/collection-tx.json b/test/test-cases/regression/collection-tx.json index 07099405f7..dc78f5fc3b 100644 --- a/test/test-cases/regression/collection-tx.json +++ b/test/test-cases/regression/collection-tx.json @@ -30,7 +30,7 @@ ] }, "expected":{ - "http_code":200 + "http_code":200 }, "rules":[ "SecRuleEngine On", @@ -43,16 +43,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX (1/4)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -69,12 +69,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -85,12 +85,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"to_test\" \\(Variable: TX:something\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=to_test\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" @@ -101,16 +101,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX (2/4)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -127,12 +127,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -143,12 +143,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"1\" \\(Variable: TX:something\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" @@ -159,16 +159,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX (3/4)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -185,12 +185,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -201,12 +201,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"20\" \\(Variable: TX:something\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"", @@ -218,16 +218,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX (4/4)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -244,12 +244,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -260,12 +260,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"15\" \\(Variable: TX:something\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"", @@ -278,16 +278,16 @@ "version_min":300000, "version_max":0, "title":"Testing collection :: TX (5/n)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -305,12 +305,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -321,12 +321,12 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"Target value: \"40\" \\(Variable: TX:anomaly_score\\)", "error_log":"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:1,setvar:tx.critical_anomaly_score=5\"", "SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:2,setvar:tx.anomaly_score=10\"", diff --git a/test/test-cases/regression/config-body_limits.json b/test/test-cases/regression/config-body_limits.json index c7ce75f949..3438e265d4 100644 --- a/test/test-cases/regression/config-body_limits.json +++ b/test/test-cases/regression/config-body_limits.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"SecResponseBodyLimitAction Reject", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,20 +20,20 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, "expected":{ "http_code":403 }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecResponseBodyLimitAction Reject", "SecResponseBodyLimit 5" @@ -43,16 +43,16 @@ "enabled":1, "version_min":300000, "title":"SecResponseBodyLimitAction ProcessPartial", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -60,20 +60,20 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, "expected":{ "http_code":200 }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecResponseBodyLimitAction ProcessPartial", "SecResponseBodyLimit 5" @@ -83,23 +83,23 @@ "enabled":1, "version_min":300000, "title":"SecRequestBodyLimitAction Reject", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" }, "uri":"/?key=value&key=other_value", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -117,20 +117,20 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, "expected":{ "http_code":403 }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRequestBodyLimitAction Reject", "SecRequestBodyLimit 5" @@ -140,23 +140,23 @@ "enabled":1, "version_min":300000, "title":"SecRequestBodyLimitAction Reject - Engine Disabled", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" }, "uri":"/?key=value&key=other_value", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -174,20 +174,20 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, "expected":{ "http_code":200 }, - "rules":[ + "rules":[ "SecRuleEngine Off", "SecRequestBodyLimitAction Reject", "SecRequestBodyLimit 5" @@ -197,23 +197,23 @@ "enabled":1, "version_min":300000, "title":"SecRequestBodyLimitAction Reject - Engine Detection Only", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" }, "uri":"/?key=value&key=other_value", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -231,20 +231,20 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, "expected":{ "http_code":200 }, - "rules":[ + "rules":[ "SecRuleEngine DetectionOnly", "SecRequestBodyLimitAction Reject", "SecRequestBodyLimit 5" @@ -253,24 +253,26 @@ { "enabled":1, "version_min":300000, - "title":"SecRequestBodyLimitAction ProcessPartial", - "client":{ + "title":"SecRequestBodyLimitAction ProcessPartial - multipart", + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "Accept":"*/*", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Content-Length": "508" }, "uri":"/?key=value&key=other_value", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -288,100 +290,682 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, "expected":{ "http_code":200 }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRequestBodyLimitAction ProcessPartial", - "SecRequestBodyLimit 5" + "SecRequestBodyLimit 508" ] }, - { + { "enabled":1, "version_min":300000, - "title":"SecResponseBodyLimitAction Reject - Engine Disabled", - "client":{ + "title":"SecRequestBodyLimitAction ProcessPartial - url-encoded, bad value before limit", + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "Accept":"*/*", + "Content-Type": "application/x-www-form-urlencoded", + "Content-Length": "11" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri":"/", + "method":"POST", + "body": [ + "a=bad_value" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":403 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 11", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"", + "SecRule ARGS \"bad_value\" \"id:'200002',phase:2,t:none,deny" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecRequestBodyLimitAction ProcessPartial - url-encoded, bad value after limit", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Type": "application/x-www-form-urlencoded", + "Content-Length": "12" + }, + "uri":"/", + "method":"POST", + "body": [ + "aa=bad_value" + ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, "expected":{ "http_code":200 }, - "rules":[ - "SecRuleEngine Off", - "SecResponseBodyLimitAction Reject", - "SecResponseBodyLimit 5" + "rules":[ + "SecRuleEngine On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 11", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"", + "SecRule ARGS \"bad_value\" \"id:'200002',phase:2,t:none,deny" ] }, - { + { "enabled":1, "version_min":300000, - "title":"SecResponseBodyLimitAction Reject - Engine Detection Only", - "client":{ + "title":"SecRequestBodyLimitAction ProcessPartial - json, bad value before limit", + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "Accept":"*/*", + "Content-Length": "17", + "Content-Type": "application/json" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri":"/", + "method":"POST", + "body": [ + "{\"a\":\"bad_value\"}" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":403 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 16", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"", + "SecRule ARGS \"bad_value\" \"id:'200002',phase:2,t:none,deny" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecRequestBodyLimitAction ProcessPartial - json, bad value after limit", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length": "17", + "Content-Type": "application/json" + }, + "uri":"/", + "method":"POST", + "body": [ + "{\"a\":\"bad_value\"}" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":200 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 15", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"", + "SecRule ARGS \"bad_value\" \"id:'200002',phase:2,t:none,deny" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecRequestBodyLimitAction ProcessPartial - json, too many closes after limit", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length": "8", + "Content-Type": "application/json" + }, + "uri":"/", + "method":"POST", + "body": [ + "{\"a\":1}}" + ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, "expected":{ "http_code":200 }, - "rules":[ + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 7", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"", + "SecRule ARGS \"bad_value\" \"id:'200002',phase:2,t:none,deny" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecRequestBodyLimitAction ProcessPartial - json, too many closes before limit", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length": "8", + "Content-Type": "application/json" + }, + "uri":"/", + "method":"POST", + "body": [ + "{\"a\":1}}" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":400 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 16", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"", + "SecRule ARGS \"bad_value\" \"id:'200002',phase:2,t:none,deny" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecRequestBodyLimitAction ProcessPartial - json, too many closes after limit", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length": "9", + "Content-Type": "application/json" + }, + "uri":"/", + "method":"POST", + "body": [ + "{\"a\":1}}" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":200 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 7", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"", + "SecRule ARGS \"bad_value\" \"id:'200002',phase:2,t:none,deny" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecRequestBodyLimitAction ProcessPartial - xml, bad value before limit", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length": "17", + "Content-Type": "application/xml" + }, + "uri":"/", + "method":"POST", + "body": [ + "bad_value" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":403 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 12", + "SecRule REQUEST_HEADERS:Content-Type \"(?:application(?:/soap\\+|/)|text/)xml\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML\"", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"", + "SecRule XML:/* \"bad_value\" \"id:'200002',phase:2,t:none,deny" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecRequestBodyLimitAction ProcessPartial - xml, bad value after limit", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length": "17", + "Content-Type": "application/xml" + }, + "uri":"/", + "method":"POST", + "body": [ + "bad_value" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":200 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 11", + "SecRule REQUEST_HEADERS:Content-Type \"(?:application(?:/soap\\+|/)|text/)xml\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML\"", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"", + "SecRule XML:/* \"bad_value\" \"id:'200002',phase:2,t:none,deny" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecRequestBodyLimitAction ProcessPartial - xml, ill-formed, but well-formed before limit", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length": "12", + "Content-Type": "application/xml" + }, + "uri":"/", + "method":"POST", + "body": [ + "" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":200 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 8", + "SecRule REQUEST_HEADERS:Content-Type \"(?:application(?:/soap\\+|/)|text/)xml\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML\"", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecRequestBodyLimitAction ProcessPartial - xml, ill-formed starts just before limit", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length": "12", + "Content-Type": "application/xml" + }, + "uri":"/", + "method":"POST", + "body": [ + "" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":200 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 7", + "SecRule REQUEST_HEADERS:Content-Type \"(?:application(?:/soap\\+|/)|text/)xml\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML\"", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecRequestBodyLimitAction ProcessPartial - RequestBodyNoFilesLimit ignored", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length": "12", + "Content-Type": "application/xml" + }, + "uri":"/", + "method":"POST", + "body": [ + "" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":200 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRequestBodyLimitAction ProcessPartial", + "SecRequestBodyLimit 7", + "SecRequestBodyNoFilesLimit 3", + "SecRule REQUEST_HEADERS:Content-Type \"(?:application(?:/soap\\+|/)|text/)xml\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML\"", + "SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200001', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecResponseBodyLimitAction Reject - Engine Disabled", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*" + }, + "uri":"/?key=value&key=other_value", + "method":"GET" + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":200 + }, + "rules":[ + "SecRuleEngine Off", + "SecResponseBodyLimitAction Reject", + "SecResponseBodyLimit 5" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"SecResponseBodyLimitAction Reject - Engine Detection Only", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*" + }, + "uri":"/?key=value&key=other_value", + "method":"GET" + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "http_code":200 + }, + "rules":[ "SecRuleEngine DetectionOnly", "SecResponseBodyLimitAction Reject", "SecResponseBodyLimit 5" @@ -404,7 +988,7 @@ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", - "Content-Length": "41", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, "uri":"/", @@ -451,7 +1035,7 @@ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", - "Content-Length": "41", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, "uri":"/", @@ -497,7 +1081,7 @@ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", - "Content-Length": "41", + "Content-Length": "41", "Content-Type": "application/json" }, "uri":"/", @@ -545,7 +1129,7 @@ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", - "Content-Length": "41", + "Content-Length": "41", "Content-Type": "application/json" }, "uri":"/", @@ -593,7 +1177,7 @@ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", - "Content-Length": "77", + "Content-Length": "77", "Content-Type": "application/xml" }, "uri":"/", @@ -642,7 +1226,7 @@ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", - "Content-Length": "77", + "Content-Length": "77", "Content-Type": "application/xml" }, "uri":"/", @@ -689,7 +1273,7 @@ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", - "Content-Length": "77", + "Content-Length": "77", "Content-Type": "multipart/form-data; boundary=0000" }, "uri":"/", @@ -744,7 +1328,7 @@ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", - "Content-Length": "77", + "Content-Length": "77", "Content-Type": "multipart/form-data; boundary=0000" }, "uri":"/", diff --git a/test/test-cases/regression/issue-1825.json b/test/test-cases/regression/issue-1825.json index 41fc349ff8..40a0c128ed 100644 --- a/test/test-cases/regression/issue-1825.json +++ b/test/test-cases/regression/issue-1825.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"multipart Content-Disposition should allow filename* field (1/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -35,32 +35,32 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":"", - "body":"" + "response":{ + "headers":"", + "body":"" }, - "expected":{ + "expected":{ "debug_log":"Target value: \"03CB1664.txt\" \\(Variable: MULTIPART_FILENAME" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"multipart Content-Disposition should allow filename* field (2/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -70,7 +70,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -83,32 +83,32 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":"", - "body":"" + "response":{ + "headers":"", + "body":"" }, - "expected":{ + "expected":{ "debug_log":"Target value: \"ab0-_xy.txt\" \\(Variable: MULTIPART_FILENAME" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"multipart Content-Disposition should allow filename* field (3/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -118,7 +118,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -131,32 +131,32 @@ "----------------------------756b6d74fa1a8ee2--\r" ] }, - "response":{ - "headers":"", - "body":"" + "response":{ + "headers":"", + "body":"" }, - "expected":{ + "expected":{ "debug_log":"Warning: no filename= but filename*" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"multipart Content-Disposition should allow filename* field (4/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -166,7 +166,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -179,32 +179,32 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":"", - "body":"" + "response":{ + "headers":"", + "body":"" }, - "expected":{ + "expected":{ "debug_log":"Multipart: Invalid Content-Disposition header \\(-16" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"multipart Content-Disposition should allow filename* field (5/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -214,7 +214,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -227,32 +227,32 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":"", - "body":"" + "response":{ + "headers":"", + "body":"" }, - "expected":{ + "expected":{ "debug_log":"Multipart: Invalid Content-Disposition header \\(-17" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"multipart Content-Disposition should allow filename* field (6/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -262,7 +262,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -275,14 +275,14 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":"", - "body":"" + "response":{ + "headers":"", + "body":"" }, - "expected":{ + "expected":{ "debug_log":"Multipart: Invalid Content-Disposition header \\(-18" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] @@ -323,7 +323,7 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "response":{ + "response":{ "headers":"", "body":"" }, diff --git a/test/test-cases/regression/issue-2099.json b/test/test-cases/regression/issue-2099.json index fff4aa4cc8..ee43f8e56b 100644 --- a/test/test-cases/regression/issue-2099.json +++ b/test/test-cases/regression/issue-2099.json @@ -190,6 +190,6 @@ "SecRule REQUEST_URI \"@contains /test.php\" \"id:100,phase:1,nolog,pass,ctl:ruleRemoveTargetByTag=attack-injection-php;ARGS:a,ctl:ruleRemoveTargetByTag=attack-rce;ARGS:a\"", "SecRule ARGS \"@contains a\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" ] - } + } ] diff --git a/test/test-cases/regression/issue-2423-msg-in-chain.json b/test/test-cases/regression/issue-2423-msg-in-chain.json index c667de0542..a9987faa75 100644 --- a/test/test-cases/regression/issue-2423-msg-in-chain.json +++ b/test/test-cases/regression/issue-2423-msg-in-chain.json @@ -109,7 +109,7 @@ "headers":{ "Host":"localhost", "Restricted":"attack", - "Other": "Value" + "Other": "Value" }, "uri":"/", "method":"GET" diff --git a/test/test-cases/regression/issue-2427.json b/test/test-cases/regression/issue-2427.json index 02f7b16f86..52d2c9e254 100644 --- a/test/test-cases/regression/issue-2427.json +++ b/test/test-cases/regression/issue-2427.json @@ -12,8 +12,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -23,7 +23,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -72,8 +72,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -83,7 +83,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", diff --git a/test/test-cases/regression/misc-variable-under-quotes.json b/test/test-cases/regression/misc-variable-under-quotes.json index c455b69dec..91be1eb736 100644 --- a/test/test-cases/regression/misc-variable-under-quotes.json +++ b/test/test-cases/regression/misc-variable-under-quotes.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables (quoted) :: REQUEST_LINE - contains (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,37 +20,37 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"t:lowercase:" }, - "rules":[ + "rules":[ "SecRule \"REQUEST_LINE\" \"@contains index.php/admin/cms/wysiwyg/directive/\" \"id:1,phase:1,t:lowercase,ctl:auditLogParts=+E\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables (quoted) :: REQUEST_LINE - regex (2/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -58,20 +58,20 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"t:lowercase:" }, - "rules":[ + "rules":[ "SecRule \"REQUEST_LINE\" \"index.php/admin/cms/wysiwyg/directive/\" \"id:1,t:lowercase,ctl:auditLogParts=+E\"" ] } diff --git a/test/test-cases/regression/offset-variable.json b/test/test-cases/regression/offset-variable.json index 7ffe9299ba..599d7a7d50 100644 --- a/test/test-cases/regression/offset-variable.json +++ b/test/test-cases/regression/offset-variable.json @@ -973,8 +973,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -984,7 +984,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1022,8 +1022,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1033,7 +1033,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1071,8 +1071,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1082,7 +1082,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1120,8 +1120,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1131,7 +1131,7 @@ }, "uri":"/wheee/file?something else", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1169,8 +1169,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1180,7 +1180,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20?something else", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1218,8 +1218,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1229,7 +1229,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1267,8 +1267,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1278,7 +1278,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1316,8 +1316,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1327,7 +1327,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1369,8 +1369,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1380,7 +1380,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1422,8 +1422,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1433,7 +1433,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1475,8 +1475,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1486,7 +1486,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1528,8 +1528,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1539,7 +1539,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1581,8 +1581,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1592,7 +1592,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1634,8 +1634,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1645,7 +1645,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1687,8 +1687,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1698,7 +1698,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1742,8 +1742,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1753,7 +1753,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1797,8 +1797,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1808,7 +1808,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1852,8 +1852,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1863,7 +1863,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1907,8 +1907,8 @@ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -1918,7 +1918,7 @@ }, "uri":"/wheee/f%20i%20l%20e%20", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", diff --git a/test/test-cases/regression/sec_component_signature.json b/test/test-cases/regression/sec_component_signature.json index 580663f629..c3bbe40dd9 100644 --- a/test/test-cases/regression/sec_component_signature.json +++ b/test/test-cases/regression/sec_component_signature.json @@ -1,5 +1,5 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "version_max":0, @@ -38,13 +38,13 @@ "test" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":".*", "error_log":"", "http_code": 403 }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecComponentSignature \"OWASP_CRS/2.2.9\"", "SecRule ARGS \"@contains test\" \"id:1,t:trim,deny,status:403,auditlog\"" diff --git a/test/test-cases/regression/variable-ARGS.json b/test/test-cases/regression/variable-ARGS.json index 1149a2f579..8ca5f67a7a 100644 --- a/test/test-cases/regression/variable-ARGS.json +++ b/test/test-cases/regression/variable-ARGS.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS - GET (1/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,38 +20,38 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"other_value\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS \"@contains test \" \"id:1,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS - GET (2/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -59,20 +59,20 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"value\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS \"@contains test \" \"id:1,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-ARGS_COMBINED_SIZE.json b/test/test-cases/regression/variable-ARGS_COMBINED_SIZE.json index 034005acea..b908da1634 100644 --- a/test/test-cases/regression/variable-ARGS_COMBINED_SIZE.json +++ b/test/test-cases/regression/variable-ARGS_COMBINED_SIZE.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_COMBINED_SIZE - GET (1/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,38 +20,38 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"22." }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_COMBINED_SIZE \"@gt 10 \" \"id:1,pass\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_COMBINED_SIZE - GET (2/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -59,20 +59,20 @@ "uri":"/?key=value&key=other_value&a=b", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"24." }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_COMBINED_SIZE \"@gt 10 \" \"id:1,pass\"" ] diff --git a/test/test-cases/regression/variable-ARGS_GET.json b/test/test-cases/regression/variable-ARGS_GET.json index dde6d690ec..26868c66d3 100644 --- a/test/test-cases/regression/variable-ARGS_GET.json +++ b/test/test-cases/regression/variable-ARGS_GET.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_GET (1/6)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,20 +20,20 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"other_value\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_GET \"@contains test \" \"id:1,pass,t:trim\"" ] @@ -42,16 +42,16 @@ "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_GET (2/6)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -59,20 +59,20 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"value\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_GET \"@contains test \" \"id:1,pass,t:trim\"" ] @@ -81,16 +81,16 @@ "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_GET (3/6)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -98,20 +98,20 @@ "uri":"/?key=value&key=other_value%26withsomestuff=tootherstuff", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"other_value&withsomestuff=tootherstuff\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_GET \"@contains test \" \"id:1,pass,t:trim\"" ] @@ -120,16 +120,16 @@ "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_GET (4/6)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -137,20 +137,20 @@ "uri":"/?key=value&secondkey=&key3=val3", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"0\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_GET:secondkey \"0\" \"id:1,phase:2,pass,t:none,t:length\"" ] @@ -159,16 +159,16 @@ "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_GET (5/6)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -176,20 +176,20 @@ "uri":"/?key=value&secondkey=othervalue&", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"othervalue\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_GET \"@rx ^othervalue$ \" \"id:1,pass,t:none\"" ] diff --git a/test/test-cases/regression/variable-ARGS_GET_NAMES.json b/test/test-cases/regression/variable-ARGS_GET_NAMES.json index be1e03d0c5..945394b6cc 100644 --- a/test/test-cases/regression/variable-ARGS_GET_NAMES.json +++ b/test/test-cases/regression/variable-ARGS_GET_NAMES.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_GET_NAMES (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,38 +20,38 @@ "uri":"/?key1=value&key2=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"key1\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_GET_NAMES \"@contains test \" \"id:1,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_GET_NAMES (2/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -59,20 +59,20 @@ "uri":"/?key1=value&key2=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"key2\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_GET_NAMES \"@contains test \" \"id:1,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-ARGS_NAMES.json b/test/test-cases/regression/variable-ARGS_NAMES.json index bf3e80d427..e11623b9e1 100644 --- a/test/test-cases/regression/variable-ARGS_NAMES.json +++ b/test/test-cases/regression/variable-ARGS_NAMES.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_NAMES - GET (1/4)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,38 +20,38 @@ "uri":"/?key1=value&key2=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"key1\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_NAMES \"@contains test \" \"id:1,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: ARGS_NAMES - GET (2/4)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -59,20 +59,20 @@ "uri":"/?key1=value&key2=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"key2\"" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule ARGS_NAMES \"@contains test \" \"id:1,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-ARGS_POST.json b/test/test-cases/regression/variable-ARGS_POST.json index 4b9972cadf..7cc701364e 100644 --- a/test/test-cases/regression/variable-ARGS_POST.json +++ b/test/test-cases/regression/variable-ARGS_POST.json @@ -1,4 +1,4 @@ -[ +[ { "enabled":1, "version_min":300000, diff --git a/test/test-cases/regression/variable-FILES.json b/test/test-cases/regression/variable-FILES.json index 7f0f4dcf56..30a2c5ef7a 100644 --- a/test/test-cases/regression/variable-FILES.json +++ b/test/test-cases/regression/variable-FILES.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: FILES (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"T \\(0\\) t:trim: \"small_text_file" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule FILES \"@contains small_text_file.txt\" \"id:1,phase:3,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-FILES_COMBINED_SIZE.json b/test/test-cases/regression/variable-FILES_COMBINED_SIZE.json index 23a1c027ee..4f585bea2e 100644 --- a/test/test-cases/regression/variable-FILES_COMBINED_SIZE.json +++ b/test/test-cases/regression/variable-FILES_COMBINED_SIZE.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: FILES_NAMES (1/1)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"70\" \\(Variable: FILES_COMBINED_SIZE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule FILES_COMBINED_SIZE \"@gt 70\" \"id:1,phase:3,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-FILES_NAMES.json b/test/test-cases/regression/variable-FILES_NAMES.json index fcf95ed972..6506c611d1 100644 --- a/test/test-cases/regression/variable-FILES_NAMES.json +++ b/test/test-cases/regression/variable-FILES_NAMES.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: FILES_NAMES (1/1)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"T \\(0\\) t:trim: \"filedata" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule FILES_NAMES \"@contains filedata\" \"id:1,phase:3,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-FILES_SIZES.json b/test/test-cases/regression/variable-FILES_SIZES.json index fa8a3525c7..8dd05020dd 100644 --- a/test/test-cases/regression/variable-FILES_SIZES.json +++ b/test/test-cases/regression/variable-FILES_SIZES.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: FILES_NAMES (1/1)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"38\" \\(Variable: FILES_SIZES:filedata\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule FILES_SIZES \"@gt 70.000000\" \"id:1,phase:3,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-FULL_REQUEST.json b/test/test-cases/regression/variable-FULL_REQUEST.json index c1fd971125..b314827b52 100644 --- a/test/test-cases/regression/variable-FULL_REQUEST.json +++ b/test/test-cases/regression/variable-FULL_REQUEST.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: FULL_REQUEST (1/1)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Multipart: Boundary: --------------------------756b6d74fa1a8ee2" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule FULL_REQUEST \"@contains small_text_file.txt\" \"id:1,phase:3,pass,t:trim\"" diff --git a/test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json b/test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json index 9bba74d466..42465ed1aa 100644 --- a/test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json +++ b/test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: FULL_REQUEST_LENGTH (1/1)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"690\" \\(Variable: FULL_REQUEST_LENGTH\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule FULL_REQUEST_LENGTH \"@contains small_text_file.txt\" \"id:1,phase:3,pass,t:trim\"" diff --git a/test/test-cases/regression/variable-GEO.json b/test/test-cases/regression/variable-GEO.json index d304e13ab4..be530f5e59 100644 --- a/test/test-cases/regression/variable-GEO.json +++ b/test/test-cases/regression/variable-GEO.json @@ -1,19 +1,19 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:LONGITUDE [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -21,41 +21,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"-118.403999\" \\(Variable: GEO:LONGITUDE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"maxmind", "title":"Testing Variables :: GEO:COUNTRY_NAME [maxmind]", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -63,41 +63,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"Brazil\" \\(Variable: GEO:COUNTRY_NAME\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/GeoIP2-City-Test.mmdb", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:LATITUDE [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -105,41 +105,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"33.916401\" \\(Variable: GEO:LATITUDE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:COUNTRY_CODE3 [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -147,41 +147,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"USA\" \\(Variable: GEO:COUNTRY_CODE3\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:COUNTRY_CODE [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -189,41 +189,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"US\" \\(Variable: GEO:COUNTRY_CODE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:COUNTRY_CONTINENT [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -231,41 +231,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"NA\" \\(Variable: GEO:COUNTRY_CONTINENT\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:AREA_CODE [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -273,41 +273,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"310\" \\(Variable: GEO:AREA_CODE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:DMA_CODE [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -315,41 +315,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"803\" \\(Variable: GEO:DMA_CODE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:POSTAL_CODE [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -357,41 +357,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"90245\" \\(Variable: GEO:POSTAL_CODE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:REGION [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -399,41 +399,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"California\" \\(Variable: GEO:REGION\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:CITY [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -441,41 +441,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"El Segundo\" \\(Variable: GEO:CITY\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"geoip", "title":"Testing Variables :: GEO:LONGITUDE [GeoIP]", - "client":{ + "client":{ "ip":"64.17.254.216", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -483,41 +483,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"-118.403999\" \\(Variable: GEO:LONGITUDE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/geo\/GeoIPCity.dat", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"maxmind", "title":"Testing Variables :: GEO:COUNTRY_NAME [maxmind]", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -525,41 +525,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"Brazil\" \\(Variable: GEO:COUNTRY_NAME\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/GeoIP2-City-Test.mmdb", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"maxmind", "title":"Testing Variables :: GEO:LATITUDE [maxmind]", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -567,41 +567,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"-8.051502\" \\(Variable: GEO:LATITUDE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/GeoIP2-City-Test.mmdb", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"maxmind", "title":"Testing Variables :: GEO:COUNTRY_CODE [maxmind]", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -609,41 +609,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"BR\" \\(Variable: GEO:COUNTRY_CODE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/GeoIP2-City-Test.mmdb", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"maxmind", "title":"Testing Variables :: GEO:COUNTRY_CONTINENT [maxmind]", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -651,41 +651,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"South America\" \\(Variable: GEO:COUNTRY_CONTINENT\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/GeoIP2-City-Test.mmdb", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"maxmind", "title":"Testing Variables :: GEO:POSTAL_CODE [maxmind]", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -693,41 +693,41 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"50040090\" \\(Variable: GEO:POSTAL_CODE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/GeoIP2-City-Test.mmdb", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", "SecRule GEO \"@contains test \" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "resource":"maxmind", "title":"Testing Variables :: GEO:CITY [maxmind]", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -735,20 +735,20 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"Recife\" \\(Variable: GEO:CITY\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecGeoLookupDb test-cases\/data\/GeoIP2-City-Test.mmdb", "SecRule REMOTE_ADDR \"@geoLookup\" \"id:1,pass,t:trim\"", diff --git a/test/test-cases/regression/variable-HIGHEST_SEVERITY.json b/test/test-cases/regression/variable-HIGHEST_SEVERITY.json index 7da62133f9..82b0390f3a 100644 --- a/test/test-cases/regression/variable-HIGHEST_SEVERITY.json +++ b/test/test-cases/regression/variable-HIGHEST_SEVERITY.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: HIGHEST_SEVERITY (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,39 +20,39 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"0\" \\(Variable: HIGHEST_SEVERITY\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REMOTE_ADDR \"@contains 200.249\" \"id:1,pass,t:trim,severity:0\"", "SecRule HIGHEST_SEVERITY \"@lt 10\" \"id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: HIGHEST_SEVERITY (2/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -60,20 +60,20 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"0\" \\(Variable: HIGHEST_SEVERITY\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REMOTE_ADDR \"@contains 200.249\" \"id:1,pass,t:trim,severity:EMERGENCY\"", "SecRule HIGHEST_SEVERITY \"@lt 10\" \"id:2,pass,t:trim\"" diff --git a/test/test-cases/regression/variable-INBOUND_DATA_ERROR.json b/test/test-cases/regression/variable-INBOUND_DATA_ERROR.json index e66a1647b8..3b2f62c44e 100644 --- a/test/test-cases/regression/variable-INBOUND_DATA_ERROR.json +++ b/test/test-cases/regression/variable-INBOUND_DATA_ERROR.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: INBOUND_DATA_ERROR (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,38 +20,38 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"0\" \\(Variable: INBOUND_DATA_ERROR\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule INBOUND_DATA_ERROR \"@eq 1\" \"id:1,phase:3,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: INBOUND_DATA_ERROR (1/1)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -61,7 +61,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -79,20 +79,20 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"1\" \\(Variable: INBOUND_DATA_ERROR\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRequestBodyLimit 2", "SecRule INBOUND_DATA_ERROR \"@eq 1\" \"id:1,phase:3,pass,t:trim\"" diff --git a/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json b/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json index 402e4541dc..b789b47688 100644 --- a/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json +++ b/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -81,7 +81,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -140,7 +140,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -199,7 +199,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -258,7 +258,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", diff --git a/test/test-cases/regression/variable-MULTIPART_UNMATCHED_BOUNDARY.json b/test/test-cases/regression/variable-MULTIPART_UNMATCHED_BOUNDARY.json index 97b34d5552..cb0000318a 100644 --- a/test/test-cases/regression/variable-MULTIPART_UNMATCHED_BOUNDARY.json +++ b/test/test-cases/regression/variable-MULTIPART_UNMATCHED_BOUNDARY.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: MULTIPART_UNMATCHED_BOUNDARY", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"1\" \\(Variable: MULTIPART_UNMATCHED_BOUNDARY\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@contains small_text_file.txt\" \"id:1,phase:3,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-OUTBOUND_DATA_ERROR.json b/test/test-cases/regression/variable-OUTBOUND_DATA_ERROR.json index 93651239e7..f043df00ea 100644 --- a/test/test-cases/regression/variable-OUTBOUND_DATA_ERROR.json +++ b/test/test-cases/regression/variable-OUTBOUND_DATA_ERROR.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: OUTBOUND_DATA_ERROR (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,39 +20,39 @@ "uri":"/?key=value&key=other_value", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"0\" \\(Variable: OUTBOUND_DATA_ERROR\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecResponseBodyAccess On", "SecRule OUTBOUND_DATA_ERROR \"@eq 1\" \"id:1,phase:4,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: OUTBOUND_DATA_ERROR (2/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -62,7 +62,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -80,13 +80,13 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -104,10 +104,10 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"1\" \\(Variable: OUTBOUND_DATA_ERROR\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecResponseBodyAccess On", "SecResponseBodyLimit 2", diff --git a/test/test-cases/regression/variable-REQBODY_PROCESSOR.json b/test/test-cases/regression/variable-REQBODY_PROCESSOR.json index db7bf184f6..ca05a938bf 100644 --- a/test/test-cases/regression/variable-REQBODY_PROCESSOR.json +++ b/test/test-cases/regression/variable-REQBODY_PROCESSOR.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQBODY_PROCESSOR (1/3)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -58,39 +58,39 @@ "" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"XML\" \\(Variable: REQBODY_PROCESSOR\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Content-Type \"^(?:application(?:/soap\\+|/)|text/)xml\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule REQBODY_PROCESSOR \"@contains test\" \"id:1,pass,phase:2,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQBODY_PROCESSOR (2/3)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -117,38 +117,38 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"MULTIPART\" \\(Variable: REQBODY_PROCESSOR\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQBODY_PROCESSOR \"@contains test\" \"id:1,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQBODY_PROCESSOR (3/3)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -161,20 +161,20 @@ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"URLENCODED\" \\(Variable: REQBODY_PROCESSOR\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQBODY_PROCESSOR \"@contains test\" \"id:1,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json b/test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json index 029a65bd08..fb1d937610 100644 --- a/test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json +++ b/test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json @@ -1,19 +1,19 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "resource":"libxml2", "title":"Testing Variables :: REQBODY_PROCESSOR_ERROR_MSG (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -59,40 +59,40 @@ "" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"XML parsing error: XML: Failed to parse document" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule REQBODY_PROCESSOR_ERROR \"@contains test\" \"phase:2,id:1,pass,t:trim\"", "SecRule REQBODY_PROCESSOR_ERROR_MSG \"@contains test\" \"phase:2,id:2,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQBODY_PROCESSOR_ERROR_MSG (2/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -118,20 +118,20 @@ "This is another very small test file.." ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Multipart parsing error: Multipart: Final boundary missing." }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule REQBODY_PROCESSOR_ERROR \"@contains test\" \"phase:2,id:1,pass,t:trim\"", diff --git a/test/test-cases/regression/variable-REQUEST_BODY.json b/test/test-cases/regression/variable-REQUEST_BODY.json index 34206c35af..296f8a25ec 100644 --- a/test/test-cases/regression/variable-REQUEST_BODY.json +++ b/test/test-cases/regression/variable-REQUEST_BODY.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQUEST_BODY", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"--------------------------756b6d74fa1a8ee2\\x0aContent-Disposition: form-data; na" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule REQUEST_BODY \"@contains small_text_file.txt\" \"id:1,phase:3,pass,t:trim\"" diff --git a/test/test-cases/regression/variable-REQUEST_BODY_LENGTH.json b/test/test-cases/regression/variable-REQUEST_BODY_LENGTH.json index 2515eb55fc..b509ee89c1 100644 --- a/test/test-cases/regression/variable-REQUEST_BODY_LENGTH.json +++ b/test/test-cases/regression/variable-REQUEST_BODY_LENGTH.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQUEST_BODY_LENGTH", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"508\" \\(Variable: REQUEST_BODY_LENGTH\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule REQUEST_BODY_LENGTH \"@contains small_text_file.txt\" \"id:1,phase:3,pass,t:trim\"" diff --git a/test/test-cases/regression/variable-REQUEST_HEADERS.json b/test/test-cases/regression/variable-REQUEST_HEADERS.json index 3e34bc6de1..d7145fb043 100644 --- a/test/test-cases/regression/variable-REQUEST_HEADERS.json +++ b/test/test-cases/regression/variable-REQUEST_HEADERS.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQUEST_HEADERS", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"localhost\" \\(Variable: REQUEST_HEADERS:Host\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains small_text_file.txt\" \"id:1,phase:3,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-REQUEST_LINE.json b/test/test-cases/regression/variable-REQUEST_LINE.json index 586f0c312f..61b4ec0e17 100644 --- a/test/test-cases/regression/variable-REQUEST_LINE.json +++ b/test/test-cases/regression/variable-REQUEST_LINE.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQUEST_LINE", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -21,20 +21,20 @@ "method":"GET", "http_version":1.1 }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"GET /\\?key=value\\&key=other_value HTTP/1.1\" \\(Variable: REQUEST_LINE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_LINE \"@contains test \" \"id:1,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-REQUEST_METHOD.json b/test/test-cases/regression/variable-REQUEST_METHOD.json index 2a9b609b17..f054b41b8c 100644 --- a/test/test-cases/regression/variable-REQUEST_METHOD.json +++ b/test/test-cases/regression/variable-REQUEST_METHOD.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQUEST_METHOD", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -21,20 +21,20 @@ "method":"GET", "http_version":1.1 }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"GET\" \\(Variable: REQUEST_METHOD\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_METHOD \"@contains test \" \"id:1,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-REQUEST_PROTOCOL.json b/test/test-cases/regression/variable-REQUEST_PROTOCOL.json index e5a53de7b9..7e72efd2c4 100644 --- a/test/test-cases/regression/variable-REQUEST_PROTOCOL.json +++ b/test/test-cases/regression/variable-REQUEST_PROTOCOL.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQUEST_PROTOCOL", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -21,20 +21,20 @@ "method":"GET", "http_version":1.1 }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"HTTP/1.1\" \\(Variable: REQUEST_PROTOCOL\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_PROTOCOL \"@contains test \" \"id:1,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-REQUEST_URI.json b/test/test-cases/regression/variable-REQUEST_URI.json index 795ce29b6c..f8b772d9d8 100644 --- a/test/test-cases/regression/variable-REQUEST_URI.json +++ b/test/test-cases/regression/variable-REQUEST_URI.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQUEST_URI", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -21,20 +21,20 @@ "method":"GET", "http_version":1.1 }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"/\\?key=value\\&key=other_value\" \\(Variable: REQUEST_URI\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_URI \"@contains test \" \"id:1,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-REQUEST_URI_RAW.json b/test/test-cases/regression/variable-REQUEST_URI_RAW.json index 09fff33cd3..645b486461 100644 --- a/test/test-cases/regression/variable-REQUEST_URI_RAW.json +++ b/test/test-cases/regression/variable-REQUEST_URI_RAW.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: REQUEST_URI_RAW", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -21,20 +21,20 @@ "method":"GET", "http_version":1.1 }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"/\\?key=value\\&key=other_value\" \\(Variable: REQUEST_URI_RAW\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_URI_RAW \"@contains test \" \"id:1,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-RESPONSE_CONTENT_LENGTH.json b/test/test-cases/regression/variable-RESPONSE_CONTENT_LENGTH.json index f71bc707c7..d65aa55e7f 100644 --- a/test/test-cases/regression/variable-RESPONSE_CONTENT_LENGTH.json +++ b/test/test-cases/regression/variable-RESPONSE_CONTENT_LENGTH.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: RESPONSE_CONTENT_LENGTH", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -21,20 +21,20 @@ "method":"GET", "http_version":1.1 }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"9\" \\(Variable: RESPONSE_CONTENT_LENGTH\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecResponseBodyAccess On", "SecRule RESPONSE_CONTENT_LENGTH \"@contains test \" \"id:1,phase:4,pass,t:trim\"" diff --git a/test/test-cases/regression/variable-RESPONSE_CONTENT_TYPE.json b/test/test-cases/regression/variable-RESPONSE_CONTENT_TYPE.json index 704d20400a..a3d6ca92ef 100644 --- a/test/test-cases/regression/variable-RESPONSE_CONTENT_TYPE.json +++ b/test/test-cases/regression/variable-RESPONSE_CONTENT_TYPE.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: RESPONSE_CONTENT_TYPE", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -21,20 +21,20 @@ "method":"GET", "http_version":1.1 }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"text/html\" \\(Variable: RESPONSE_CONTENT_TYPE\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule RESPONSE_CONTENT_TYPE \"@contains test \" \"id:1,phase:3,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-RESPONSE_HEADERS.json b/test/test-cases/regression/variable-RESPONSE_HEADERS.json index dd0c3d7487..74cf069f14 100644 --- a/test/test-cases/regression/variable-RESPONSE_HEADERS.json +++ b/test/test-cases/regression/variable-RESPONSE_HEADERS.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: RESPONSE_HEADERS", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", @@ -22,7 +22,7 @@ }, "uri":"/", "method":"POST", - "body":[ + "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,20 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"Mon, 13 Jul 2015 20:02:41 GMT\" \\(Variable: RESPONSE_HEADERS:Date\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule RESPONSE_HEADERS \"@contains small_text_file.txt\" \"id:1,phase:3,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-RESPONSE_PROTOCOL.json b/test/test-cases/regression/variable-RESPONSE_PROTOCOL.json index a54c16c0b5..f00fa9e2d8 100644 --- a/test/test-cases/regression/variable-RESPONSE_PROTOCOL.json +++ b/test/test-cases/regression/variable-RESPONSE_PROTOCOL.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: RESPONSE_PROTOCOL", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -21,21 +21,21 @@ "method":"GET", "http_version":1.1 }, - "response":{ + "response":{ "protocol": "HTTP/1.1", - "headers":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"HTTP/1.1\" \\(Variable: RESPONSE_PROTOCOL\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule RESPONSE_PROTOCOL \"^HTTP\" \"id:1,phase:5,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-SERVER_NAME.json b/test/test-cases/regression/variable-SERVER_NAME.json index e0fd6c105e..460597a864 100644 --- a/test/test-cases/regression/variable-SERVER_NAME.json +++ b/test/test-cases/regression/variable-SERVER_NAME.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: SERVER_NAME (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -21,39 +21,39 @@ "method":"GET", "http_version":1.1 }, - "response":{ + "response":{ "protocol": "HTTP/1.1", - "headers":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"localhost\" \\(Variable: SERVER_NAME\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule SERVER_NAME \"^HTTP\" \"id:1,phase:5,pass,t:trim\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: SERVER_NAME (2/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"www.zimmerle.org:4443", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -62,21 +62,21 @@ "method":"GET", "http_version":1.1 }, - "response":{ + "response":{ "protocol": "HTTP/1.1", - "headers":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"www.zimmerle.org\" \\(Variable: SERVER_NAME\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule SERVER_NAME \"^HTTP\" \"id:1,phase:5,pass,t:trim\"" ] diff --git a/test/test-cases/regression/variable-URLENCODED_ERROR.json b/test/test-cases/regression/variable-URLENCODED_ERROR.json index 060df0b45b..793d8bc366 100644 --- a/test/test-cases/regression/variable-URLENCODED_ERROR.json +++ b/test/test-cases/regression/variable-URLENCODED_ERROR.json @@ -1,18 +1,18 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "title":"Testing Variables :: URLENCODED_ERROR - GET (1/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -20,38 +20,38 @@ "uri":"/?key=value&key=other_value%2", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"1\" \\(Variable: URLENCODED_ERROR\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule URLENCODED_ERROR \"@gt 10 \" \"id:1,pass\"" ] }, - { + { "enabled":1, "version_min":300000, "title":"Testing Variables :: URLENCODED_ERROR - GET (2/7)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":123 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*" @@ -59,20 +59,20 @@ "uri":"/?key=value&key=other_value&a=b%2a", "method":"GET" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, - "body":[ + "body":[ "no need." ] }, - "expected":{ + "expected":{ "debug_log":"Target value: \"0\" \\(Variable: URLENCODED_ERROR\\)" }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule URLENCODED_ERROR \"@gt 10 \" \"id:1,pass\"" ] diff --git a/test/test-cases/regression/variable-variation-exclusion.json b/test/test-cases/regression/variable-variation-exclusion.json index 91098b1a8f..e6b2915bd0 100644 --- a/test/test-cases/regression/variable-variation-exclusion.json +++ b/test/test-cases/regression/variable-variation-exclusion.json @@ -1,19 +1,19 @@ -[ - { +[ + { "enabled":1, "version_min":300000, "version_max":0, "title":"Testing variable variations :: exclusion (1/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -30,12 +30,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -46,32 +46,32 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"", "error_log":"", "http_code":200 }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS|!REQUEST_HEADERS:Accept|!REMOTE_HOST \"@contains html\" \"id:1,t:lowercase,t:none,block,deny,status:300\"" ] }, - { + { "enabled":1, "version_min":300000, "version_max":0, "title":"Testing variable variations :: exclusion (2/2)", - "client":{ + "client":{ "ip":"200.249.12.31", "port":2313 }, - "server":{ + "server":{ "ip":"200.249.12.31", "port":80 }, - "request":{ - "headers":{ + "request":{ + "headers":{ "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", "Accept-Language":"en-us,en;q=0.5", @@ -88,12 +88,12 @@ "http_version":1.1, "body":"" }, - "response":{ - "headers":{ + "response":{ + "headers":{ "Content-Type":"text\/xml; charset=utf-8\n\r", "Content-Length":"length\n\r" }, - "body":[ + "body":[ "\n\r", "\n\r", " \n\r", @@ -104,13 +104,13 @@ "<\/soap:Envelope>\n\r" ] }, - "expected":{ + "expected":{ "audit_log":"", "debug_log":"", "error_log":"", "http_code": 200 }, - "rules":[ + "rules":[ "SecRuleEngine On", "SecRule REQUEST_HEADERS|!REQUEST_HEADERS \"@contains html\" \"id:1,t:lowercase,t:none,block,deny,status:300\"" ]