Fix SecRuleUpdateTargetByTag with regular expressions

2025-09-29 19:24:29 +03:00 · 2019-05-31 01:02:31 -03:00
parent b5823d4e0c
commit 5472362313
2 changed files with 128 additions and 4 deletions
--- a/test/test-cases/regression/config-update-target-by-tag.json
+++ b/test/test-cases/regression/config-update-target-by-tag.json
@@ -2,7 +2,7 @@
  {
    "enabled":1,
    "version_min":300000,
-    "title":"SecRuleUpdateTargetByTag",
+    "title":"SecRuleUpdateTargetByTag (1/4)",
    "client":{
      "ip":"200.249.12.31",
      "port":123
@@ -38,5 +38,125 @@
      "SecRuleUpdateTargetByTag test !ARGS",
      "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\""
    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"SecRuleUpdateTargetByTag (2/4)",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*"
+      },
+      "uri":"/?key=value&key=other_value",
+      "method":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "http_code": 200
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecRuleUpdateTargetByTag test !ARGS:'/.*y$/'",
+      "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\""
+    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"SecRuleUpdateTargetByTag (3/4)",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*"
+      },
+      "uri":"/?key=value&key=other_value",
+      "method":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "http_code": 200
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecRuleUpdateTargetByTag test !ARGS:'/k.*/'",
+      "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\""
+    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"SecRuleUpdateTargetByTag (4/4)",
+    "client":{
+      "ip":"200.249.12.31",
+      "port":123
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "request":{
+      "headers":{
+        "Host":"localhost",
+        "User-Agent":"curl/7.38.0",
+        "Accept":"*/*"
+      },
+      "uri":"/?key=value&key=other_value",
+      "method":"GET"
+    },
+    "response":{
+      "headers":{
+        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+        "Content-Type":"text/html"
+      },
+      "body":[
+        "no need."
+      ]
+    },
+    "expected":{
+      "http_code": 200
+    },
+    "rules":[
+      "SecRuleEngine On",
+      "SecRuleUpdateTargetByTag test !ARGS:'/ke/'",
+      "SecRule ARGS \"@contains value\" \"id:1,pass,t:trim,tag:'test',deny\""
+    ]
  }
 ]