Very first commit: libmodsecurity

Check the README.md file for further information about the libmodsecurity.

src/actions/action.cc

@@ -0,0 +1,78 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/action.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/assay.h"
+#include "actions/block.h"
+#include "actions/redirect.h"
+#include "actions/status.h"
+#include "actions/rule_id.h"
+#include "actions/phase.h"
+
+namespace ModSecurity {
+namespace actions {
+
+
+std::string & Action::evaluate(std::string value,
+    Assay *assay) {
+    return value;
+}
+
+
+bool Action::evaluate(Assay *assay) {
+    return true;
+}
+
+
+bool Action::evaluate(Rule *rule) {
+    return true;
+}
+
+
+void Action::fill_intervention(ModSecurityIntervention *i) {
+}
+
+Action *Action::instantiate(std::string name) {
+    std::string status("status:");
+    std::string redirect("redirect:");
+    std::string block("block");
+    std::string phase("phase:");
+    std::string rule_id("id:");
+
+    if (name.compare(0, status.length(), status) == 0) {
+        return new Status(name);
+    }
+    if (name.compare(0, redirect.length(), redirect) == 0) {
+        return new Redirect(name);
+    }
+    if (name.compare(0, block.length(), block) == 0) {
+        return new Block(name);
+    }
+    if (name.compare(0, phase.length(), phase) == 0) {
+        return new Phase(name);
+    }
+    if (name.compare(0, rule_id.length(), rule_id) == 0) {
+        return new RuleId(name);
+    }
+
+    return new Action(name);
+}
+
+}  // namespace actions
+}  // namespace ModSecurity

src/actions/action.h

@@ -0,0 +1,90 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "modsecurity/intervention.h"
+
+#ifndef SRC_ACTIONS_ACTION_H_
+#define SRC_ACTIONS_ACTION_H_
+
+#ifdef __cplusplus
+
+namespace ModSecurity {
+class Assay;
+class Rule;
+
+namespace actions {
+
+
+class Action {
+ public:
+    explicit Action(std::string _action)
+        : action_kind(2),
+        action(_action) { }
+
+    /**
+     *
+     * Define the action kind regarding to the execution time.
+     * 
+     * 
+     */
+    enum Kind {
+    /**
+     *
+     * Action that are executed while loading the configuration. For instance
+     * the rule ID or the rule phase.
+     *
+     */
+     ConfigurationKind,
+    /**
+     *
+     * Those are actions that demands to be executed before call the operator.
+     * For instance the tranformations.
+     *
+     *
+     */
+     RunTimeBeforeMatchAttemptKind,
+    /**
+     *
+     * Actions that are executed after the execution of the operator, only if
+     * the operator returned Match (or True). For instance the disruptive
+     * actions.
+     *
+     */
+     RunTimeOnlyIfMatchKind,
+    };
+
+    std::string action;
+    int action_kind;
+    std::string name;
+
+    virtual std::string& evaluate(std::string exp,
+        Assay *assay);
+    virtual bool evaluate(Assay *assay);
+    virtual bool evaluate(Rule *rule);
+
+    static Action *instantiate(std::string action);
+
+    virtual void fill_intervention(ModSecurityIntervention *intervention);
+};
+
+
+}  // namespace actions
+}  // namespace ModSecurity
+
+#endif
+
+#endif  // SRC_ACTIONS_ACTION_H_

src/actions/block.cc

@@ -0,0 +1,44 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/block.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace actions {
+
+Block::Block(std::string action)
+    : Action(action) {
+    this->action = action;
+    this->action_kind = 2;
+}
+
+
+bool Block::evaluate(Assay *assay) {
+    assay->actions.push_back(this);
+    return true;
+}
+
+void Block::fill_intervention(ModSecurityIntervention *i) {
+    i->status = 403;
+    i->log = "Blocked request!";
+}
+
+}  // namespace actions
+}  // namespace ModSecurity

src/actions/block.h

@@ -0,0 +1,44 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+
+#ifndef SRC_ACTIONS_BLOCK_H_
+#define SRC_ACTIONS_BLOCK_H_
+
+#ifdef __cplusplus
+class Assay;
+
+namespace ModSecurity {
+class Assay;
+
+namespace actions {
+
+
+class Block : public Action {
+ public:
+    explicit Block(std::string action);
+
+    bool evaluate(Assay *assay) override;
+    void fill_intervention(ModSecurityIntervention *i) override;
+};
+
+}  // namespace actions
+}  // namespace ModSecurity
+#endif
+
+#endif  // SRC_ACTIONS_BLOCK_H_

src/actions/phase.cc

@@ -0,0 +1,50 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/phase.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/assay.h"
+#include "src/rule.h"
+#include "modsecurity/modsecurity.h"
+
+namespace ModSecurity {
+namespace actions {
+
+Phase::Phase(std::string action)
+    : Action(action) {
+    this->action_kind = ConfigurationKind;
+    std::string a = action;
+    a.erase(0, 6);
+    this->phase = std::stoi(a);
+
+    if (this->phase == 0) {
+      /* Phase 0 is something new, we want to use as ConnectionPhase */
+      this->phase = ModSecurity::Phases::ConnectionPhase;
+    } else {
+      /* Otherwise we want to shift the rule to the correct phase */
+      this->phase = phase + ModSecurity::Phases::RequestHeadersPhase - 1;
+    }
+}
+
+bool Phase::evaluate(Rule *rule) {
+    rule->phase = this->phase;
+    return true;
+}
+
+}  // namespace actions
+}  // namespace ModSecurity

src/actions/phase.h

@@ -0,0 +1,45 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+
+#ifndef SRC_ACTIONS_PHASE_H_
+#define SRC_ACTIONS_PHASE_H_
+
+#ifdef __cplusplus
+class Assay;
+
+namespace ModSecurity {
+class Assay;
+class Rule;
+
+namespace actions {
+
+
+class Phase : public Action {
+ public:
+    explicit Phase(std::string action);
+
+    bool evaluate(Rule *rule) override;
+    int phase;
+};
+
+}  // namespace actions
+}  // namespace ModSecurity
+#endif
+
+#endif  // SRC_ACTIONS_PHASE_H_

src/actions/redirect.cc

@@ -0,0 +1,52 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/redirect.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace actions {
+
+Redirect::Redirect(std::string action)
+    : Action(action) {
+    this->url = action;
+    this->url.erase(0, 9);
+    this->action = action;
+    this->action_kind = 2;
+    this->status = 302;
+}
+
+
+bool Redirect::evaluate(Assay *assay) {
+    assay->actions.push_back(this);
+    return true;
+}
+
+void Redirect::fill_intervention(ModSecurityIntervention *i) {
+    /* if it was changed before, lets keep it. */
+    if (i->status == 200) {
+        i->status = this->status;
+    }
+    // reinterpret_cast<char *>
+    i->url = (char *) this->url.c_str();  //** TODO: wheee */
+    i->log = "Redirecting";
+}
+
+}  // namespace actions
+}  // namespace ModSecurity

src/actions/redirect.h

@@ -0,0 +1,45 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+
+#ifndef SRC_ACTIONS_REDIRECT_H_
+#define SRC_ACTIONS_REDIRECT_H_
+
+#ifdef __cplusplus
+class Assay;
+
+namespace ModSecurity {
+class Assay;
+
+namespace actions {
+
+class Redirect : public Action {
+ public:
+    explicit Redirect(std::string action);
+
+    bool evaluate(Assay *assay) override;
+    int status;
+    std::string url;
+    void fill_intervention(ModSecurityIntervention *i) override;
+};
+
+}  // namespace actions
+}  // namespace ModSecurity
+#endif
+
+#endif  // SRC_ACTIONS_REDIRECT_H_

src/actions/rule_id.cc

@@ -0,0 +1,42 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/rule_id.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/assay.h"
+#include "src/rule.h"
+
+namespace ModSecurity {
+namespace actions {
+
+RuleId::RuleId(std::string action)
+    : Action(action) {
+    this->action_kind = ConfigurationKind;
+    std::string a = action;
+    a.erase(0, 3);
+    this->rule_id = std::stod(a);
+    }
+
+
+bool RuleId::evaluate(Rule *rule) {
+    rule->rule_id = this->rule_id;
+    return true;
+}
+
+}  // namespace actions
+}  // namespace ModSecurity

src/actions/rule_id.h

@@ -0,0 +1,45 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+
+#ifndef SRC_ACTIONS_RULE_ID_H_
+#define SRC_ACTIONS_RULE_ID_H_
+
+#ifdef __cplusplus
+class Assay;
+
+namespace ModSecurity {
+class Assay;
+class Rule;
+
+namespace actions {
+
+
+class RuleId : public Action {
+ public:
+    explicit RuleId(std::string action);
+
+    bool evaluate(Rule *rule) override;
+    double rule_id;
+};
+
+}  // namespace actions
+}  // namespace ModSecurity
+#endif
+
+#endif  // SRC_ACTIONS_RULE_ID_H_

src/actions/status.cc

@@ -0,0 +1,48 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/status.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/assay.h"
+
+namespace ModSecurity {
+namespace actions {
+
+Status::Status(std::string action)
+    : Action(action) {
+    std::string a = action;
+    a.erase(0, 7);
+    this->action = action;
+    this->action_kind = 2;
+    this->status = stoi(a);
+}
+
+
+bool Status::evaluate(Assay *assay) {
+    assay->actions.push_back(this);
+    return true;
+}
+
+
+void Status::fill_intervention(ModSecurityIntervention *i) {
+    i->status = this->status;
+    i->log = "Status";
+}
+
+}  // namespace actions
+}  // namespace ModSecurity

src/actions/status.h

@@ -0,0 +1,43 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+
+#ifndef SRC_ACTIONS_STATUS_H_
+#define SRC_ACTIONS_STATUS_H_
+
+#ifdef __cplusplus
+class Assay;
+
+namespace ModSecurity {
+class Assay;
+namespace actions {
+
+class Status : public Action {
+ public:
+    explicit Status(std::string actions);
+
+    bool evaluate(Assay *assay) override;
+    void fill_intervention(ModSecurityIntervention *i) override;
+    int status;
+};
+
+}  // namespace actions
+}  // namespace ModSecurity
+#endif
+
+#endif  // SRC_ACTIONS_STATUS_H_

src/actions/transformations/lowercase.cc

@@ -0,0 +1,47 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/transformations/lowercase.h"
+
+#include <algorithm>
+#include <string>
+
+#include "modsecurity/assay.h"
+#include "actions/transformations/transformation.h"
+#include "actions/action.h"
+
+namespace ModSecurity {
+namespace actions {
+namespace transformations {
+
+
+LowerCase::LowerCase(std::string a)
+    : Transformation(a) {
+}
+
+std::string & LowerCase::evaluate(std::string value,
+    Assay *assay) {
+    std::locale loc;
+
+    for (std::string::size_type i=0; i < value.length(); ++i) {
+        value[i] = std::tolower(value[i], loc);
+    }
+
+    return value;
+}
+
+}  // namespace transformations
+}  // namespace actions
+}  // namespace ModSecurity

src/actions/transformations/lowercase.h

@@ -0,0 +1,45 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+#include "actions/transformations/transformation.h"
+
+#ifndef SRC_ACTIONS_TRANSFORMATIONS_LOWERCASE_H_
+#define SRC_ACTIONS_TRANSFORMATIONS_LOWERCASE_H_
+
+#ifdef __cplusplus
+
+namespace ModSecurity {
+class Assay;
+namespace actions {
+namespace transformations {
+
+
+class LowerCase : public Transformation {
+ public:
+    explicit LowerCase(std::string action);
+    std::string& evaluate(std::string exp,
+        Assay *assay) override;
+};
+
+}  // namespace transformations
+}  // namespace actions
+}  // namespace ModSecurity
+
+#endif
+
+#endif  // SRC_ACTIONS_TRANSFORMATIONS_LOWERCASE_H_

src/actions/transformations/transformation.cc

@@ -0,0 +1,55 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/transformations/transformation.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/assay.h"
+#include "actions/transformations/trim.h"
+#include "actions/transformations/lowercase.h"
+#include "actions/action.h"
+
+namespace ModSecurity {
+namespace actions {
+namespace transformations {
+
+Transformation::Transformation(std::string action)
+    : Action(action) {
+    this->name = this->action;
+    this->name.erase(0, 2);
+    this->action_kind = 1;
+}
+
+std::string &Transformation::evaluate(std::string value,
+    Assay *assay) {
+    return value;
+}
+
+Transformation* Transformation::instantiate(std::string a) {
+    if (a == "t:trim") {
+        return new transformations::Trim(a);
+    }
+    if (a == "t:lowercase") {
+        return new LowerCase(a);
+    }
+
+    return new Transformation(a);
+}
+
+}  // namespace transformations
+}  // namespace actions
+}  // namespace ModSecurity

src/actions/transformations/transformation.h

@@ -0,0 +1,46 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+
+#ifndef SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_
+#define SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_
+
+#ifdef __cplusplus
+
+namespace ModSecurity {
+class Assay;
+
+namespace actions {
+namespace transformations {
+
+class Transformation : public Action {
+ public:
+    explicit Transformation(std::string action);
+    static Transformation* instantiate(std::string);
+
+    std::string& evaluate(std::string exp,
+        Assay *assay) override;
+};
+
+}  // namespace transformations
+}  // namespace actions
+}  // namespace ModSecurity
+
+#endif
+
+#endif  // SRC_ACTIONS_TRANSFORMATIONS_TRANSFORMATION_H_

src/actions/transformations/trim.cc

@@ -0,0 +1,61 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "actions/transformations/trim.h"
+
+#include <iostream>
+#include <string>
+#include <algorithm>
+#include <functional>
+#include <cctype>
+#include <locale>
+
+#include "modsecurity/assay.h"
+#include "actions/transformations/transformation.h"
+#include "actions/action.h"
+
+namespace ModSecurity {
+namespace actions {
+namespace transformations {
+
+static inline std::string *ltrim(std::string *s) {
+    s->erase(s->begin(), std::find_if(s->begin(), s->end(),
+        std::not1(std::ptr_fun<int, int>(std::isspace))));
+    return s;
+}
+
+static inline std::string *rtrim(std::string *s) {
+    s->erase(std::find_if(s->rbegin(), s->rend(),
+        std::not1(std::ptr_fun<int, int>(std::isspace))).base(), s->end());
+    return s;
+}
+
+static inline std::string *trim(std::string *s) {
+    return ltrim(rtrim(s));
+}
+
+Trim::Trim(std::string action)
+    : Transformation(action) {
+    this->action_kind = 1;
+}
+
+std::string & Trim::evaluate(std::string value,
+    Assay *assay) {
+    return *trim(&value);
+}
+
+}  // namespace transformations
+}  // namespace actions
+}  // namespace ModSecurity

src/actions/transformations/trim.h

@@ -0,0 +1,44 @@
+/**
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "actions/action.h"
+#include "actions/transformations/transformation.h"
+
+#ifndef SRC_ACTIONS_TRANSFORMATIONS_TRIM_H_
+#define SRC_ACTIONS_TRANSFORMATIONS_TRIM_H_
+
+#ifdef __cplusplus
+namespace ModSecurity {
+class Assay;
+
+namespace actions {
+namespace transformations {
+
+class Trim : public Transformation {
+ public:
+    explicit Trim(std::string action);
+    std::string& evaluate(std::string exp,
+        Assay *assay) override;
+};
+
+}  // namespace transformations
+}  // namespace actions
+}  // namespace ModSecurity
+
+#endif
+
+#endif  // SRC_ACTIONS_TRANSFORMATIONS_TRIM_H_