github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds support to WEBAPPID variable

Browse Source
This commit is contained in:
Felipe Zimmerle 2017-11-08 10:27:44 -03:00
parent 082a3e3287
commit 23cf656f93
No known key found for this signature in database
GPG Key ID: E6DFB08CE8B11277
9 changed files with 6593 additions and 6403 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGES
View File

@ -2,7 +2,9 @@
v3.0.????? - ? v3.0.????? - ?
--------------------------- ---------------------------
- Adds support for SecWebAppId - Adds support to WEBAPPID variable.
[Issue #1027 - @zimmerle, @victorhora]
- Adds support for SecWebAppId.
[Issue #1442 - @zimmerle, @victorhora] [Issue #1442 - @zimmerle, @victorhora]
- Adds support for SecRuleRemoveByTag. - Adds support for SecRuleRemoveByTag.
[Issue #1476 - @zimmerle, @victorhora] [Issue #1476 - @zimmerle, @victorhora]

1
Makefile.am
View File

@ -291,4 +291,5 @@ TESTS+=test/test-cases/regression/action-exec.json
TESTS+=test/test-cases/regression/directive-sec_rule_script.json TESTS+=test/test-cases/regression/directive-sec_rule_script.json
TESTS+=test/test-cases/regression/config-update-target-by-msg.json TESTS+=test/test-cases/regression/config-update-target-by-msg.json
TESTS+=test/test-cases/regression/config-remove_by_msg.json TESTS+=test/test-cases/regression/config-remove_by_msg.json
TESTS+=test/test-cases/regression/variable-WEBAPPID.json

3100
src/parser/seclang-parser.cc
View File

File diff suppressed because it is too large Load Diff

2222
src/parser/seclang-parser.hh
View File

File diff suppressed because it is too large Load Diff

6
src/parser/seclang-parser.yy
View File

@ -223,6 +223,7 @@ class Driver;
#include "src/variables/server_name.h" #include "src/variables/server_name.h"
#include "src/variables/server_port.h" #include "src/variables/server_port.h"
#include "src/variables/session_id.h" #include "src/variables/session_id.h"
#include "src/variables/web_app_id.h"
#include "src/variables/time_day.h" #include "src/variables/time_day.h"
#include "src/variables/time_epoch.h" #include "src/variables/time_epoch.h"
#include "src/variables/time.h" #include "src/variables/time.h"
@ -432,6 +433,7 @@ using modsecurity::operators::Operator;
VARIABLE_UNIQUE_ID "UNIQUE_ID" VARIABLE_UNIQUE_ID "UNIQUE_ID"
VARIABLE_URL_ENCODED_ERROR "URLENCODED_ERROR" VARIABLE_URL_ENCODED_ERROR "URLENCODED_ERROR"
VARIABLE_USER_ID "USERID" VARIABLE_USER_ID "USERID"
VARIABLE_WEB_APP_ID "WEBAPPID"
VARIABLE_STATUS "VARIABLE_STATUS" VARIABLE_STATUS "VARIABLE_STATUS"
VARIABLE_IP "VARIABLE_IP" VARIABLE_IP "VARIABLE_IP"
VARIABLE_GLOBAL "VARIABLE_GLOBAL" VARIABLE_GLOBAL "VARIABLE_GLOBAL"
@ -2138,6 +2140,10 @@ var:
{ {
VARIABLE_CONTAINER($$, new Variables::Status()); VARIABLE_CONTAINER($$, new Variables::Status());
} }
| VARIABLE_WEB_APP_ID
{
VARIABLE_CONTAINER($$, new Variables::WebAppId());
}
| RUN_TIME_VAR_DUR | RUN_TIME_VAR_DUR
{ {
std::string name($1); std::string name($1);

7517
src/parser/seclang-scanner.cc
View File

File diff suppressed because it is too large Load Diff

2
src/parser/seclang-scanner.ll
View File

@ -195,6 +195,7 @@ VARIABLE_IP (?i:(IP))
VARIABLE_USER (?i:(USER)) VARIABLE_USER (?i:(USER))
VARIABLE_STATUS (?i:(STATUS[^:])) VARIABLE_STATUS (?i:(STATUS[^:]))
VARIABLE_TX (?i:TX) VARIABLE_TX (?i:TX)
VARIABLE_WEB_APP_ID (?i:WEBAPPID)
RUN_TIME_VAR_BLD (?i:MODSEC_BUILD) RUN_TIME_VAR_BLD (?i:MODSEC_BUILD)
RUN_TIME_VAR_DUR (?i:DURATION) RUN_TIME_VAR_DUR (?i:DURATION)
RUN_TIME_VAR_ENV (?i:ENV) RUN_TIME_VAR_ENV (?i:ENV)
@ -771,6 +772,7 @@ p::make_CONFIG_SEC_RULE_REMOVE_BY_TAG(parserSanitizer(strchr(yytext, ' ') + 1),
{VARIABLE_UNIQUE_ID} { return p::make_VARIABLE_UNIQUE_ID(*driver.loc.back()); } {VARIABLE_UNIQUE_ID} { return p::make_VARIABLE_UNIQUE_ID(*driver.loc.back()); }
{VARIABLE_URL_ENCODED_ERROR} { return p::make_VARIABLE_URL_ENCODED_ERROR(*driver.loc.back()); } {VARIABLE_URL_ENCODED_ERROR} { return p::make_VARIABLE_URL_ENCODED_ERROR(*driver.loc.back()); }
{VARIABLE_USER_ID} { return p::make_VARIABLE_USER_ID(*driver.loc.back()); } {VARIABLE_USER_ID} { return p::make_VARIABLE_USER_ID(*driver.loc.back()); }
{VARIABLE_WEB_APP_ID} { return p::make_VARIABLE_WEB_APP_ID(*driver.loc.back()); }
{VARIABLE_ARGS} { return p::make_VARIABLE_ARGS(*driver.loc.back()); } {VARIABLE_ARGS} { return p::make_VARIABLE_ARGS(*driver.loc.back()); }
{VARIABLE_ARGS}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS(*driver.loc.back()); } {VARIABLE_ARGS}[:] { BEGIN(EXPECTING_VAR_PARAMETER); return p::make_VARIABLE_ARGS(*driver.loc.back()); }
{VARIABLE_ARGS_GET} { return p::make_VARIABLE_ARGS_GET(*driver.loc.back()); } {VARIABLE_ARGS_GET} { return p::make_VARIABLE_ARGS_GET(*driver.loc.back()); }

50
src/variables/web_app_id.h Normal file
View File

@ -0,0 +1,50 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <iostream>
#include <string>
#include <vector>
#include <list>
#include <utility>
#ifndef SRC_VARIABLES_WEB_APP_ID_H_
#define SRC_VARIABLES_WEB_APP_ID_H_
#include "src/variables/variable.h"
#include "modsecurity/rule.h"
namespace modsecurity {
class Transaction;
namespace Variables {
class WebAppId : public Variable {
public:
explicit WebAppId()
: Variable("WEBAPPID") { }
void evaluate(Transaction *transaction,
Rule *rule,
std::vector<const collection::Variable *> *l) override {
const std::string name("WEBAPPID");
const std::string rname = transaction->m_rules->m_secWebAppId.m_value;
l->push_back(new collection::Variable(&m_name, &rname));
}
};
} // namespace Variables
} // namespace modsecurity
#endif // SRC_VARIABLES_WEB_APP_ID_H_

94
test/test-cases/regression/variable-WEBAPPID.json Normal file
View File

@ -0,0 +1,94 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: WEBAPPID (1)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"t:trim: \"\""
},
"rules":[
"SecRuleEngine On",
"SecRule WEBAPPID \"@contains test \" \"id:1,phase:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Variables :: WEBAPPID (2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded",
"AuThOrIzAtIoN": "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"bisteka\""
},
"rules":[
"SecRuleEngine On",
"SecWebAppId bisteka",
"SecRule WEBAPPID \"@contains test \" \"id:1,phase:3,pass,t:trim\""
]
}
]