diff --git a/test/test-cases/regression/variable-XML.json b/test/test-cases/regression/variable-XML.json index 42f2ba59..46601c3e 100644 --- a/test/test-cases/regression/variable-XML.json +++ b/test/test-cases/regression/variable-XML.json @@ -81,7 +81,7 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs On", + "SecParseXmlIntoArgs On", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\"" ] @@ -125,7 +125,7 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs On", + "SecParseXmlIntoArgs On", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule XML:/* \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\"" ] @@ -169,7 +169,7 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs OnlyArgs", + "SecParseXmlIntoArgs OnlyArgs", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\"" ] @@ -213,7 +213,7 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs OnlyArgs", + "SecParseXmlIntoArgs OnlyArgs", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule XML:/* \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\"" ] @@ -257,7 +257,7 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs Off", + "SecParseXmlIntoArgs Off", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule ARGS \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\"" ] @@ -301,7 +301,7 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs Off", + "SecParseXmlIntoArgs Off", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule XML:/* \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\"" ] @@ -345,7 +345,7 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs On", + "SecParseXmlIntoArgs On", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=Off\"", "SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\"" @@ -390,7 +390,7 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs On", + "SecParseXmlIntoArgs On", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=Off\"", "SecRule XML:/* \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\"" @@ -435,7 +435,7 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs On", + "SecParseXmlIntoArgs On", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=OnlyArgs\"", "SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\"" @@ -481,14 +481,12 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs On", + "SecParseXmlIntoArgs On", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=OnlyArgs\"", "SecRule XML:/* \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\"" ] - } - - , + }, { "enabled":1, "version_min":300000, @@ -528,7 +526,7 @@ "rules":[ "SecRuleEngine On", "SecRequestBodyAccess On", - "SecParseXMLIntoArgs Off", + "SecParseXmlIntoArgs Off", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=On\"", "SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\"" @@ -540,7 +538,7 @@ "resource":"libxml2", "title":"Testing XML parsing to ARGS with Off, turn On with ctl, check XML", "expected":{ - "http_code": 200 + "http_code": 403 }, "client":{ "ip":"200.249.12.31", @@ -572,12 +570,51 @@ }, "rules":[ "SecRuleEngine On", - "SecRequestBodyAccess Off", - "SecParseXMLIntoArgs On", + "SecRequestBodyAccess On", + "SecParseXmlIntoArgs Off", "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", "SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=On\"", "SecRule XML:/* \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\"" ] + }, + { + "enabled":1, + "version_min":300000, + "resource":"libxml2", + "title":"Testing XML parsing to ARGS with On, node contains utf8 character", + "expected":{ + "http_code": 403 + }, + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Type": "text/xml" + }, + "uri":"/?q=xml", + "method":"POST", + "body": [ + "", + "pineapple🍍", + "" + ] + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "rules":[ + "SecRuleEngine On", + "SecRequestBodyAccess On", + "SecParseXmlIntoArgs On", + "SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"", + "SecRule ARGS \"@rx 🍍\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\"" + ] } ]