diff --git a/examples/simple_example_using_c/test.c b/examples/simple_example_using_c/test.c index f6668d42..f17ab187 100644 --- a/examples/simple_example_using_c/test.c +++ b/examples/simple_example_using_c/test.c @@ -36,7 +36,9 @@ int main (int argc, char **argv) assay = msc_new_assay(modsec, rules); msc_process_connection(assay, "127.0.0.1", 12345, "127.0.0.1", 80); - msc_process_uri(assay, "http://www.modsecurity.org/test?key1=value1&key2=value2&key3=value3&test=args&test=test"); + msc_process_uri(assay, + "http://www.modsecurity.org/test?key1=value1&key2=value2&key3=value3", + "GET", "1.1"); msc_process_request_headers(assay); msc_process_request_body(assay); msc_process_response_headers(assay); diff --git a/headers/modsecurity/assay.h b/headers/modsecurity/assay.h index 9d14566c..0e8c54a0 100644 --- a/headers/modsecurity/assay.h +++ b/headers/modsecurity/assay.h @@ -87,7 +87,8 @@ class Assay { /** TODO: Should be an structure that fits an IP address */ int processConnection(const char *client, int cPort, const char *server, int sPort); - int processURI(const char *uri); + int processURI(const char *uri, const char *protocol, + const char *http_version); int processRequestHeaders(); @@ -141,6 +142,9 @@ class Assay { int m_clientPort; int m_serverPort; const char *m_uri; + const char *m_protocol; + const char *m_httpVersion; + std::ostringstream m_requestBody; std::ostringstream m_responseBody; ModSecurityCollectionsVariables m_variables_collections; @@ -194,7 +198,9 @@ int msc_append_response_body(Assay *assay, const unsigned char *body, size_t size); /** @ingroup ModSecurity_C_API */ -int msc_process_uri(Assay *assay, const char *uri); +int msc_process_uri(Assay *assay, const char *uri, const char *protocol, + const char *http_version); + /** @ingroup ModSecurity_C_API */ const char *msc_get_response_body(Assay *assay); /** @ingroup ModSecurity_C_API */ diff --git a/src/assay.cc b/src/assay.cc index 7abf06d7..f22a94d6 100644 --- a/src/assay.cc +++ b/src/assay.cc @@ -78,6 +78,8 @@ Assay::Assay(ModSecurity *ms, Rules *rules) m_clientPort(0), m_serverPort(0), m_uri(""), + m_protocol(""), + m_httpVersion(""), m_rules(rules), save_in_auditlog(false), do_not_save_in_auditlog(false), @@ -157,16 +159,24 @@ int Assay::processConnection(const char *client, int cPort, const char *server, * SecLanguage phase 1 and 2. * @note Remember to check for a possible intervention. * - * @param buf Uri. + * @param assay ModSecurity assay. + * @param uri Uri. + * @param protocol Protocol (GET, POST, PUT). + * @param http_version Http version (1.0, 1.2, 2.0). * * @returns If the operation was successful or not. * @retval true Operation was successful. * @retval false Operation failed. * */ -int Assay::processURI(const char *uri) { +int Assay::processURI(const char *uri, const char *protocol, + const char *http_version) { debug(4, "Starting phase URI. (SecRules 0 + 1/2)"); + m_protocol = protocol; + m_httpVersion = http_version; + m_uri = uri; + const char *pos = strchr(uri, '?'); if (pos != NULL && strlen(pos) > 2) { @@ -197,7 +207,7 @@ int Assay::processURI(const char *uri) { store_variable("QUERY_STRING:" + key_value[0], key_value[1]); } } - return 0; + return true; } @@ -752,15 +762,18 @@ extern "C" int msc_process_connection(Assay *assay, const char *client, * @note Remember to check for a possible intervention. * * @param assay ModSecurity assay. - * @param buf Uri. + * @param uri Uri. + * @param protocol Protocol (GET, POST, PUT). + * @param http_version Http version (1.0, 1.2, 2.0). * * @returns If the operation was successful or not. * @retval 1 Operation was successful. * @retval 0 Operation failed. * */ -extern "C" int msc_process_uri(Assay *assay, const char *buf) { - return assay->processURI(buf); +extern "C" int msc_process_uri(Assay *assay, const char *uri, + const char *protocol, const char *http_version) { + return assay->processURI(uri, protocol, http_version); } diff --git a/test/benchmark/benchmark.cc b/test/benchmark/benchmark.cc index cbf1e028..50b8e010 100644 --- a/test/benchmark/benchmark.cc +++ b/test/benchmark/benchmark.cc @@ -87,7 +87,7 @@ int main(int argc, char *argv[]) { std::cout << "There is an intervention" << std::endl; continue; } - modsecAssay->processURI(request_uri); + modsecAssay->processURI(request_uri, "GET", "1.1"); if (modsecAssay->intervention()) { std::cout << "There is an intervention" << std::endl; continue; diff --git a/test/regression/regression.cc b/test/regression/regression.cc index cc42b511..38cf1544 100644 --- a/test/regression/regression.cc +++ b/test/regression/regression.cc @@ -85,12 +85,13 @@ void perform_unit_test(std::vector *tests, if (r.status != 200) { goto end; } - if (t->uri.empty() == false) { - modsec_assay->processURI(t->uri.c_str()); - actions(&r, modsec_assay->intervention()); - if (r.status != 200) { - goto end; - } + + modsec_assay->processURI(t->uri.c_str(), t->protocol.c_str(), + t->httpVersion.c_str()); + + actions(&r, modsec_assay->intervention()); + if (r.status != 200) { + goto end; } for (std::pair headers : diff --git a/test/regression/regression_test.cc b/test/regression/regression_test.cc index 97d8286f..d11877af 100644 --- a/test/regression/regression_test.cc +++ b/test/regression/regression_test.cc @@ -141,6 +141,12 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { if (strcmp(key2, "uri") == 0) { u->uri = YAJL_GET_STRING(val2); } + if (strcmp(key2, "protocol") == 0) { + u->protocol = YAJL_GET_STRING(val2); + } + if (strcmp(key2, "http_version") == 0) { + u->httpVersion = YAJL_GET_NUMBER(val2); + } if (strcmp(key2, "headers") == 0) { u->request_headers = yajl_array_to_map(val2); } diff --git a/test/regression/regression_test.h b/test/regression/regression_test.h index 70b3f8d5..1b3f00c7 100644 --- a/test/regression/regression_test.h +++ b/test/regression/regression_test.h @@ -56,6 +56,8 @@ class RegressionTest { int clientPort; int serverPort; + std::string protocol; + std::string httpVersion; std::string uri; static inline std::string yajl_array_to_str(const yajl_val &node); diff --git a/test/test-cases/regression/actions.json b/test/test-cases/regression/actions.json index 631fceef..339f6db6 100644 --- a/test/test-cases/regression/actions.json +++ b/test/test-cases/regression/actions.json @@ -26,7 +26,9 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "GET \/test.pl?param1= test ¶m2=test2", + "uri": "\/test.pl?param1= test ¶m2=test2", + "protocol": "GET", + "http_version": 1.1, "body": "" }, "response": { @@ -85,7 +87,9 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "GET \/test.pl?param1= test ¶m2=test2", + "uri": "\/test.pl?param1= test ¶m2=test2", + "protocol": "GET", + "http_version": 1.1, "body": "" }, "response": { @@ -145,7 +149,9 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "GET \/test.pl?param1= test ¶m2=test2", + "uri": "\/test.pl?param1= test ¶m2=test2", + "protocol": "GET", + "http_version": 1.1, "body": "" }, "response": { @@ -205,7 +211,9 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "GET \/test.pl?param1= test ¶m2=test2", + "uri": "\/test.pl?param1= test ¶m2=test2", + "protocol": "GET", + "http_version": 1.1, "body": "" }, "response": { @@ -264,7 +272,9 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "GET \/test.pl?param1= test ¶m2=test2", + "uri": "\/test.pl?param1= test ¶m2=test2", + "protocol": "GET", + "http_version": 1.1, "body": "" }, "response": { @@ -323,7 +333,9 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "GET \/test.pl?param1= test ¶m2=test2", + "uri": "\/test.pl?param1= test ¶m2=test2", + "protocol": "GET", + "http_version": 1.1, "body": "" }, "response": { diff --git a/test/test-cases/regression/auditlog.json b/test/test-cases/regression/auditlog.json index e6508fc8..b4df2986 100644 --- a/test/test-cases/regression/auditlog.json +++ b/test/test-cases/regression/auditlog.json @@ -25,7 +25,9 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "GET \/test.pl?param1= test ¶m2=test2", + "uri": "\/test.pl?param1= test ¶m2=test2", + "protocol": "GET", + "http_version": 1.1, "body": "" }, "response": { diff --git a/test/test-cases/regression/debug_log.json b/test/test-cases/regression/debug_log.json index 06677ffe..6286c63a 100644 --- a/test/test-cases/regression/debug_log.json +++ b/test/test-cases/regression/debug_log.json @@ -26,7 +26,9 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "GET \/test.pl?param1=test¶2=test2", + "uri": "\/test.pl?param1=test¶2=test2", + "protocol": "GET", + "http_version": 1.1, "body": "" }, "response": { diff --git a/test/test-cases/regression/issue-394.json b/test/test-cases/regression/issue-394.json index dc49bd59..d874e0e8 100644 --- a/test/test-cases/regression/issue-394.json +++ b/test/test-cases/regression/issue-394.json @@ -16,7 +16,9 @@ }, "request": { "headers": "", - "body": "" + "body": "", + "protocol": "GET", + "http_version": 1.1 }, "response": { "headers": "", diff --git a/test/test-cases/regression/transformations.json b/test/test-cases/regression/transformations.json index 8381104f..e4beb3b3 100644 --- a/test/test-cases/regression/transformations.json +++ b/test/test-cases/regression/transformations.json @@ -26,7 +26,9 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "GET \/test.pl?param1= test ¶m2=test2", + "uri": "\/test.pl?param1= test ¶m2=test2", + "protocol": "GET", + "http_version": 1.1, "body": "" }, "response": { @@ -84,7 +86,9 @@ "Pragma": "no-cache", "Cache-Control": "no-cache" }, - "uri": "GET \/test.pl?param1= WHEE ¶m2=test2", + "uri": "\/test.pl?param1= WHEE ¶m2=test2", + "protocol": "GET", + "http_version": 1.1, "body": "" }, "response": {