Having the Sec[Request|Response]BodyAccess deprecated

2025-11-17 18:05:28 +03:00 · 2020-12-23 12:31:07 -03:00
parent 62d35fbf97
commit ae128ad94d
6 changed files with 1086 additions and 938 deletions
--- a/test/test-cases/regression/config-warning.json
+++ b/test/test-cases/regression/config-warning.json
@@ -59,5 +59,31 @@
      "SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:5,ctl:forceRequestBodyVariable=Off\"",
      "SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:7,ctl:forceRequestBodyVariable=On\""
    ]
+  },
+  {
+    "enabled":1,
+    "version_min":300000,
+    "title":"Testing parser warning (4/n)",
+    "expected":{
+      "parser_warn": "Configuration SecRequestBodyAccess is deprecated and not working. You can read more info about it at https://github.com/SpiderLabs/ModSecurity/wiki/deprecated#requestBodyAccess"
+    },
+    "client":{
+      "ip":"200.249.12.31",
+      "port":12300
+    },
+    "request":{
+      "headers":{
+        "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
+      },
+      "uri":"/path1",
+      "method":"GET"
+    },
+    "server":{
+      "ip":"200.249.12.31",
+      "port":80
+    },
+    "rules":[
+      "SecRequestBodyAccess On"
+    ]
  }
 ]