diff --git a/src/assay.cc b/src/assay.cc index 3b43bc12..fb6255c7 100644 --- a/src/assay.cc +++ b/src/assay.cc @@ -214,6 +214,7 @@ int Assay::processURI(const char *uri, const char *protocol, } else { store_variable("PATH_INFO", std::string(m_uri_decoded, 0, pos - m_uri_decoded.c_str())); + store_variable("QUERY_STRING", std::string(strchr(m_uri, '?'))); } if (pos != NULL && strlen(pos) > 2) { @@ -259,7 +260,6 @@ int Assay::processURI(const char *uri, const char *protocol, debug(4, "Adding request argument (QUERY_STRING): name \"" + \ key_value[0] + "\", value \"" + key_value[1] + "\""); - store_variable("QUERY_STRING:" + key_value[0], key_value[1]); } } return true; diff --git a/test/test-cases/regression/variable-QUERY_STRING.json b/test/test-cases/regression/variable-QUERY_STRING.json new file mode 100644 index 00000000..80cb0ec7 --- /dev/null +++ b/test/test-cases/regression/variable-QUERY_STRING.json @@ -0,0 +1,45 @@ +[ + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: QUERY_STRING", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"27", + "Content-Type":"application/x-www-form-urlencoded" + }, + "uri":"/one/two/three?key1=value1&key2=v%20a%20l%20u%20e%202", + "protocol":"GET" + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"key2=v\\%20a\\%20l\\%20u\\%20e\\%202\" \\(Variable: QUERY_STRING\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecDebugLog \/tmp\/modsec_debug.log", + "SecDebugLogLevel 9", + "SecRule QUERY_STRING \"@contains test \" \"phase:3,pass,t:trim\"" + ] + } +] \ No newline at end of file