Change directives in tests; add multibyte test case

This commit is contained in:
Ervin Hegedus 2025-04-28 22:35:22 +02:00
parent e8dc60ee06
commit 89442ede16
No known key found for this signature in database
GPG Key ID: 5FA5BC3F5EC41F61

View File

@ -81,7 +81,7 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs On",
"SecParseXmlIntoArgs On",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
]
@ -125,7 +125,7 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs On",
"SecParseXmlIntoArgs On",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule XML:/* \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
]
@ -169,7 +169,7 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs OnlyArgs",
"SecParseXmlIntoArgs OnlyArgs",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
]
@ -213,7 +213,7 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs OnlyArgs",
"SecParseXmlIntoArgs OnlyArgs",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule XML:/* \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
]
@ -257,7 +257,7 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs Off",
"SecParseXmlIntoArgs Off",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule ARGS \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
]
@ -301,7 +301,7 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs Off",
"SecParseXmlIntoArgs Off",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule XML:/* \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
]
@ -345,7 +345,7 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs On",
"SecParseXmlIntoArgs On",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=Off\"",
"SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
@ -390,7 +390,7 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs On",
"SecParseXmlIntoArgs On",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=Off\"",
"SecRule XML:/* \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
@ -435,7 +435,7 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs On",
"SecParseXmlIntoArgs On",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=OnlyArgs\"",
"SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
@ -481,14 +481,12 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs On",
"SecParseXmlIntoArgs On",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=OnlyArgs\"",
"SecRule XML:/* \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
]
}
,
},
{
"enabled":1,
"version_min":300000,
@ -528,7 +526,7 @@
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXMLIntoArgs Off",
"SecParseXmlIntoArgs Off",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=On\"",
"SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
@ -540,7 +538,7 @@
"resource":"libxml2",
"title":"Testing XML parsing to ARGS with Off, turn On with ctl, check XML",
"expected":{
"http_code": 200
"http_code": 403
},
"client":{
"ip":"200.249.12.31",
@ -572,12 +570,51 @@
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess Off",
"SecParseXMLIntoArgs On",
"SecRequestBodyAccess On",
"SecParseXmlIntoArgs Off",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=On\"",
"SecRule XML:/* \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
]
},
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML parsing to ARGS with On, node contains utf8 character",
"expected":{
"http_code": 403
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Type": "text/xml"
},
"uri":"/?q=xml",
"method":"POST",
"body": [
"<pizza>",
"<has>pineapple</has><has>🍍</has>",
"</pizza>"
]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecParseXmlIntoArgs On",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule ARGS \"@rx 🍍\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
]
}
]