github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix some name handling for ARGS_*NAMES: regex SecRuleUpdateTargetById, etc.

Browse Source
This commit is contained in:
Martin Vierula
2022-01-04 11:47:18 -08:00
parent 76ce6739bf
commit 1a965a49ad
6 changed files with 127 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
test/test-cases/regression/config-update-target-by-id.json
View File

@@ -118,5 +118,85 @@
"SecRuleUpdateTargetById 1 !ARGS:mixpanel",
"SecRule ARGS \"@contains value\" \"id:1,t:trim,tag:'test',deny\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateTargetById - exclude from ARGS_NAMES using regex (match)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?xxxyyy=value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateTargetById 1 \"!ARGS:/xxx/\"",
"SecRule ARGS_NAMES \"@contains yyy\" \"id:1,phase:2,deny,status:403\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateTargetById - exclude from ARGS_NAMES using regex (no match)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?xxyyy=value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 403
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateTargetById 1 \"!ARGS:/xxx/\"",
"SecRule ARGS_NAMES \"@contains yyy\" \"id:1,phase:2,deny,status:403\""
]
}
]

2
test/test-cases/regression/variable-ARGS_NAMES.json
View File

@@ -209,7 +209,7 @@
]
},
"expected":{
"debug_log":"Target value: \"name1\" \\(Variable: ARGS_NAMES\\)"
"debug_log":"Target value: \"name1\" \\(Variable: ARGS_NAMES:name1\\)"
},
"rules":[
"SecRuleEngine On",

2
test/test-cases/regression/variable-ARGS_POST_NAMES.json
View File

@@ -131,7 +131,7 @@
]
},
"expected":{
"debug_log":"Target value: \"name1\" \\(Variable: ARGS_POST_NAMES\\)"
"debug_log":"Target value: \"name1\" \\(Variable: ARGS_POST_NAMES:name1\\)"
},
"rules":[
"SecRuleEngine On",

44
test/test-cases/regression/variable-MATCHED_VAR_NAME.json
View File

@@ -2,7 +2,7 @@
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: MATCHED_VAR_NAME (1/2)",
"title":"Testing Variables :: MATCHED_VAR_NAME (1/3)",
"client":{
"ip":"200.249.12.31",
"port":123
@@ -43,7 +43,7 @@
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: MATCHED_VAR_NAME (2/2)",
"title":"Testing Variables :: MATCHED_VAR_NAME (2/3)",
"client":{
"ip":"200.249.12.31",
"port":123
@@ -81,6 +81,46 @@
"SecRule MATCHED_VAR_NAME \"@contains asdf\" \"\"",
"SecRule MATCHED_VAR_NAME \"@contains value\" \"id:29\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: MATCHED_VAR_NAME (3/3)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key1=value&key2=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":" Target value: \"ARGS_NAMES:key1\" \\(Variable: MATCHED_VAR_NAME\\)"
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS_NAMES \"@contains ey1\" \"chain,id:30,pass\"",
"SecRule MATCHED_VAR_NAME \"@contains key1\" \"id:31\""
]
}
]