github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds t:none transformation

Browse Source
This commit is contained in:
Felipe Zimmerle 2015-08-05 23:53:53 -03:00
parent 522f195aa0
commit 4308ee0280
4 changed files with 148 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/actions/transformations/none.cc
View File

@ -30,20 +30,13 @@ namespace ModSecurity {
namespace actions {
namespace transformations {
None::None(std::string action)
: Transformation(action) {
this->action_kind = 1;
}
std::string None::evaluate(std::string value,
Assay *assay) {
/**
* @todo Implement the transformation None
*/
assay->debug(4, "Transformation None is not implemented yet.");
return value;
}
} // namespace transformations
} // namespace actions
} // namespace ModSecurity

4
src/actions/transformations/none.h
View File

@ -30,7 +30,9 @@ namespace transformations {
class None : public Transformation {
public:
explicit None(std::string action);
explicit None(std::string action)
: Transformation(action) { }
std::string evaluate(std::string exp,
Assay *assay) override;
};

30
src/rule.cc
View File

@ -25,7 +25,8 @@
#include "operators/operator.h"
#include "actions/action.h"
#include "../headers/modsecurity/modsecurity.h"
#include "modsecurity/modsecurity.h"
#include "actions/transformations/none.h"
namespace ModSecurity {
@ -33,6 +34,7 @@ namespace ModSecurity {
using operators::Operator;
using actions::Action;
using Variables::Variable;
using actions::transformations::None;
Rule::~Rule() {
delete op;
@ -115,13 +117,25 @@ bool Rule::evaluate(Assay *assay) {
for (auto &v : e) {
std::string value = v.second;
for (Action *a :
this->actions_runtime_pre) {
value = a->evaluate(value, assay);
assay->debug(9, " T (" + \
std::to_string(transformations) + ") " + \
a->name + ": \"" + value +"\"");
transformations++;
int none = 0;
for (Action *a : this->actions_runtime_pre) {
None *z = dynamic_cast<None *>(a);
if (z != NULL) {
none++;
}
}
for (Action *a : this->actions_runtime_pre) {
None *z = dynamic_cast<None *>(a);
if (none == 0) {
value = a->evaluate(value, assay);
assay->debug(9, " T (" + \
std::to_string(transformations) + ") " + \
a->name + ": \"" + value +"\"");
transformations++;
}
if (z != NULL) {
none--;
}
}
assay->debug(9, "Target value: \"" + value + "\" (Variable: " + \

122
test/test-cases/regression/transformation-none.json Normal file
View File

@ -0,0 +1,122 @@
[
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "Testing transformations :: t:none",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "net.tutsplus.com",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"protocol": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "text\/xml; charset=utf-8\n\r",
"Content-Length": "length\n\r"
},
"body": [
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected": {
"audit_log": "",
"debug_log": "Target value: \"rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: REQUEST_COOKIES:PHPSESSID\\)",
"error_log": ""
},
"rules": [
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule REQUEST_COOKIES \"@contains test \" \"t:lowercase,t:none\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "Testing transformations :: t:none",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "net.tutsplus.com",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"protocol": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "text\/xml; charset=utf-8\n\r",
"Content-Length": "length\n\r"
},
"body": [
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected": {
"audit_log": "",
"debug_log": "raaaaaaa2t5uvjq435r4q7ib3vtdjq120",
"error_log": ""
},
"rules": [
"SecRuleEngine On",
"SecDebugLog \/tmp\/modsec_debug.log",
"SecDebugLogLevel 9",
"SecRule REQUEST_COOKIES \"@contains test \" \"id:14,t:none,t:lowercase\""
]
}
]