mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-14 05:45:59 +03:00
Having the Sec[Request|Response]BodyAccess deprecated
This commit is contained in:
parent
62d35fbf97
commit
ae128ad94d
@ -9,11 +9,16 @@ SecRuleEngine DetectionOnly
|
||||
|
||||
# -- Request body handling ---------------------------------------------------
|
||||
|
||||
#
|
||||
# Allow ModSecurity to access request bodies. If you don't, ModSecurity
|
||||
# won't be able to see any POST parameters, which opens a large security
|
||||
# hole for attackers to exploit.
|
||||
#
|
||||
SecRequestBodyAccess On
|
||||
# IMPORTANT: SecRequestBodyAccess is no longer supported. The Request Body
|
||||
# will be processed whenever a variable depends on it.
|
||||
#
|
||||
# SecRequestBodyAccess On
|
||||
#
|
||||
|
||||
|
||||
# Enable XML request body parser.
|
||||
@ -146,7 +151,13 @@ SecRule TX:/^MSC_/ "!@streq 0" \
|
||||
# Do keep in mind that enabling this directive does increases both
|
||||
# memory consumption and response latency.
|
||||
#
|
||||
SecResponseBodyAccess On
|
||||
# IMPORTANT: SecResponseBodyAccess is no longer supported. The Response Body
|
||||
# will be processed whenever a variable depends on it.
|
||||
#
|
||||
# SecResponseBodyAccess On
|
||||
#
|
||||
#
|
||||
|
||||
|
||||
# Which response MIME types do you want to inspect? You should adjust the
|
||||
# configuration below to catch documents but avoid static files
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -323,6 +323,8 @@ using namespace modsecurity::operators;
|
||||
} \
|
||||
if (t)
|
||||
|
||||
#define CONFIG_DEPRECATED(a, b, c) \
|
||||
driver.warn(c, "Configuration " + std::string(a) + " is deprecated and not working. You can read more info about it at https://github.com/SpiderLabs/ModSecurity/wiki/deprecated#" + b);
|
||||
|
||||
#define ACTION_NOT_SUPPORTED(a, b, c) \
|
||||
std::unique_ptr<actions::Action> d(new actions::ActionNotSupported(b)); \
|
||||
@ -360,7 +362,7 @@ using namespace modsecurity::operators;
|
||||
a = std::move(c);
|
||||
|
||||
|
||||
#line 364 "seclang-parser.hh"
|
||||
#line 366 "seclang-parser.hh"
|
||||
|
||||
# include <cassert>
|
||||
# include <cstdlib> // std::abort
|
||||
@ -494,7 +496,7 @@ using namespace modsecurity::operators;
|
||||
#endif
|
||||
|
||||
namespace yy {
|
||||
#line 498 "seclang-parser.hh"
|
||||
#line 500 "seclang-parser.hh"
|
||||
|
||||
|
||||
|
||||
@ -8635,7 +8637,7 @@ switch (yykind)
|
||||
}
|
||||
|
||||
} // yy
|
||||
#line 8639 "seclang-parser.hh"
|
||||
#line 8641 "seclang-parser.hh"
|
||||
|
||||
|
||||
|
||||
|
@ -284,6 +284,8 @@ using namespace modsecurity::operators;
|
||||
} \
|
||||
if (t)
|
||||
|
||||
#define CONFIG_DEPRECATED(a, b, c) \
|
||||
driver.warn(c, "Configuration " + std::string(a) + " is deprecated and not working. You can read more info about it at https://github.com/SpiderLabs/ModSecurity/wiki/deprecated#" + b);
|
||||
|
||||
#define ACTION_NOT_SUPPORTED(a, b, c) \
|
||||
std::unique_ptr<actions::Action> d(new actions::ActionNotSupported(b)); \
|
||||
@ -1257,19 +1259,19 @@ expression:
|
||||
}
|
||||
| CONFIG_DIR_REQ_BODY CONFIG_VALUE_ON
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
CONFIG_DEPRECATED("SecRequestBodyAccess", "requestBodyAccess", @0)
|
||||
}
|
||||
| CONFIG_DIR_REQ_BODY CONFIG_VALUE_OFF
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::FalseConfigBoolean;
|
||||
CONFIG_DEPRECATED("SecRequestBodyAccess", "requestBodyAccess", @0)
|
||||
}
|
||||
| CONFIG_DIR_RES_BODY CONFIG_VALUE_ON
|
||||
{
|
||||
driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
CONFIG_DEPRECATED("SecResponseBodyAccess", "responseBodyAccess", @0)
|
||||
}
|
||||
| CONFIG_DIR_RES_BODY CONFIG_VALUE_OFF
|
||||
{
|
||||
driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::FalseConfigBoolean;
|
||||
CONFIG_DEPRECATED("SecResponseBodyAccess", "responseBodyAccess", @0)
|
||||
}
|
||||
| CONFIG_SEC_ARGUMENT_SEPARATOR
|
||||
{
|
||||
@ -1897,26 +1899,32 @@ variables_may_be_quoted:
|
||||
var:
|
||||
VARIABLE_ARGS DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::Args_DictElement($2));
|
||||
}
|
||||
| VARIABLE_ARGS DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::Args_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_ARGS
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::Args_NoDictElement());
|
||||
}
|
||||
| VARIABLE_ARGS_POST DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ArgsPost_DictElement($2));
|
||||
}
|
||||
| VARIABLE_ARGS_POST DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ArgsPost_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_ARGS_POST
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ArgsPost_NoDictElement());
|
||||
}
|
||||
| VARIABLE_ARGS_GET DICT_ELEMENT
|
||||
@ -1933,62 +1941,77 @@ var:
|
||||
}
|
||||
| VARIABLE_FILES_SIZES DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesSizes_DictElement($2));
|
||||
}
|
||||
| VARIABLE_FILES_SIZES DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesSizes_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_FILES_SIZES
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesSizes_NoDictElement());
|
||||
}
|
||||
| VARIABLE_FILES_NAMES DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesNames_DictElement($2));
|
||||
}
|
||||
| VARIABLE_FILES_NAMES DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesNames_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_FILES_NAMES
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesNames_NoDictElement());
|
||||
}
|
||||
| VARIABLE_FILES_TMP_CONTENT DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesTmpContent_DictElement($2));
|
||||
}
|
||||
| VARIABLE_FILES_TMP_CONTENT DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesTmpContent_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_FILES_TMP_CONTENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesTmpContent_NoDictElement());
|
||||
}
|
||||
| VARIABLE_MULTIPART_FILENAME DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::MultiPartFileName_DictElement($2));
|
||||
}
|
||||
| VARIABLE_MULTIPART_FILENAME DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::MultiPartFileName_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_MULTIPART_FILENAME
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::MultiPartFileName_NoDictElement());
|
||||
}
|
||||
| VARIABLE_MULTIPART_NAME DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::MultiPartName_DictElement($2));
|
||||
}
|
||||
| VARIABLE_MULTIPART_NAME DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::MultiPartName_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_MULTIPART_NAME
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::MultiPartName_NoDictElement());
|
||||
}
|
||||
| VARIABLE_MATCHED_VARS_NAMES DICT_ELEMENT
|
||||
@ -2017,14 +2040,17 @@ var:
|
||||
}
|
||||
| VARIABLE_FILES DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::Files_DictElement($2));
|
||||
}
|
||||
| VARIABLE_FILES DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::Files_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_FILES
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::Files_NoDictElement());
|
||||
}
|
||||
| VARIABLE_REQUEST_COOKIES DICT_ELEMENT
|
||||
@ -2125,14 +2151,17 @@ var:
|
||||
}
|
||||
| VARIABLE_FILES_TMP_NAMES DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesTmpNames_DictElement($2));
|
||||
}
|
||||
| VARIABLE_FILES_TMP_NAMES DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesTmpNames_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_FILES_TMP_NAMES
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesTmpNames_NoDictElement());
|
||||
}
|
||||
| VARIABLE_RESOURCE run_time_string
|
||||
@ -2233,14 +2262,17 @@ var:
|
||||
}
|
||||
| VARIABLE_ARGS_NAMES DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ArgsNames_DictElement($2));
|
||||
}
|
||||
| VARIABLE_ARGS_NAMES DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ArgsNames_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_ARGS_NAMES
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ArgsNames_NoDictElement());
|
||||
}
|
||||
| VARIABLE_ARGS_GET_NAMES DICT_ELEMENT
|
||||
@ -2258,14 +2290,17 @@ var:
|
||||
|
||||
| VARIABLE_ARGS_POST_NAMES DICT_ELEMENT
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ArgsPostNames_DictElement($2));
|
||||
}
|
||||
| VARIABLE_ARGS_POST_NAMES DICT_ELEMENT_REGEXP
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ArgsPostNames_DictElementRegexp($2));
|
||||
}
|
||||
| VARIABLE_ARGS_POST_NAMES
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ArgsPostNames_NoDictElement());
|
||||
}
|
||||
|
||||
@ -2284,6 +2319,7 @@ var:
|
||||
|
||||
| VARIABLE_RESPONSE_CONTENT_TYPE
|
||||
{
|
||||
driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ResponseContentType());
|
||||
}
|
||||
|
||||
@ -2301,6 +2337,7 @@ var:
|
||||
}
|
||||
| VARIABLE_ARGS_COMBINED_SIZE
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ArgsCombinedSize());
|
||||
}
|
||||
| VARIABLE_AUTH_TYPE
|
||||
@ -2309,18 +2346,22 @@ var:
|
||||
}
|
||||
| VARIABLE_FILES_COMBINED_SIZE
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FilesCombinedSize());
|
||||
}
|
||||
| VARIABLE_FULL_REQUEST
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FullRequest());
|
||||
}
|
||||
| VARIABLE_FULL_REQUEST_LENGTH
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::FullRequestLength());
|
||||
}
|
||||
| VARIABLE_INBOUND_DATA_ERROR
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::InboundDataError());
|
||||
}
|
||||
| VARIABLE_MATCHED_VAR
|
||||
@ -2341,6 +2382,7 @@ var:
|
||||
}
|
||||
| VARIABLE_MULTIPART_CRLF_LF_LINES
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::MultipartCrlfLFLines());
|
||||
}
|
||||
| VARIABLE_MULTIPART_DATA_AFTER
|
||||
@ -2385,14 +2427,17 @@ var:
|
||||
}
|
||||
| VARIABLE_MULTIPART_STRICT_ERROR
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::MultipartStrictError());
|
||||
}
|
||||
| VARIABLE_MULTIPART_UNMATCHED_BOUNDARY
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::MultipartUnmatchedBoundary());
|
||||
}
|
||||
| VARIABLE_OUTBOUND_DATA_ERROR
|
||||
{
|
||||
driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::OutboundDataError());
|
||||
}
|
||||
| VARIABLE_PATH_INFO
|
||||
@ -2417,22 +2462,27 @@ var:
|
||||
}
|
||||
| VARIABLE_REQBODY_ERROR
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ReqbodyError());
|
||||
}
|
||||
| VARIABLE_REQBODY_ERROR_MSG
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ReqbodyErrorMsg());
|
||||
}
|
||||
| VARIABLE_REQBODY_PROCESSOR
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ReqbodyProcessor());
|
||||
}
|
||||
| VARIABLE_REQBODY_PROCESSOR_ERROR
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ReqbodyProcessorError());
|
||||
}
|
||||
| VARIABLE_REQBODY_PROCESSOR_ERROR_MSG
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ReqbodyProcessorErrorMsg());
|
||||
}
|
||||
| VARIABLE_REQUEST_BASENAME
|
||||
@ -2441,10 +2491,12 @@ var:
|
||||
}
|
||||
| VARIABLE_REQUEST_BODY
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::RequestBody());
|
||||
}
|
||||
| VARIABLE_REQUEST_BODY_LENGTH
|
||||
{
|
||||
driver.m_secRequestBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::RequestBodyLength());
|
||||
}
|
||||
| VARIABLE_REQUEST_FILE_NAME
|
||||
@ -2473,10 +2525,12 @@ var:
|
||||
}
|
||||
| VARIABLE_RESPONSE_BODY
|
||||
{
|
||||
driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ResponseBody());
|
||||
}
|
||||
| VARIABLE_RESPONSE_CONTENT_LENGTH
|
||||
{
|
||||
driver.m_secResponseBodyAccess = modsecurity::RulesSetProperties::TrueConfigBoolean;
|
||||
VARIABLE_CONTAINER($$, new variables::ResponseContentLength());
|
||||
}
|
||||
| VARIABLE_RESPONSE_PROTOCOL
|
||||
|
@ -913,7 +913,8 @@ int Transaction::processRequestBody() {
|
||||
|
||||
if (m_rules->m_secRequestBodyAccess == RulesSetProperties::FalseConfigBoolean) {
|
||||
if (m_requestBodyAccess != RulesSetProperties::TrueConfigBoolean) {
|
||||
ms_dbg(4, "Request body processing is disabled");
|
||||
ms_dbg(4, "Request body processing is disabled, evaluating rules on the phase and returning...");
|
||||
this->m_rules->evaluate(modsecurity::RequestBodyPhase, this);
|
||||
return true;
|
||||
} else {
|
||||
ms_dbg(4, "Request body processing is disabled, but " \
|
||||
@ -924,7 +925,8 @@ int Transaction::processRequestBody() {
|
||||
if (m_requestBodyAccess == RulesSetProperties::FalseConfigBoolean) {
|
||||
ms_dbg(4, "Request body processing is enabled, but " \
|
||||
"disabled to this transaction due to ctl:requestBodyAccess " \
|
||||
"action");
|
||||
"action. Evaluating rules on the phase and returning...");
|
||||
this->m_rules->evaluate(modsecurity::RequestBodyPhase, this);
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@ -1209,7 +1211,8 @@ int Transaction::processResponseBody() {
|
||||
}
|
||||
|
||||
if (m_rules->m_secResponseBodyAccess != RulesSetProperties::TrueConfigBoolean) {
|
||||
ms_dbg(4, "Response body is disabled, returning... " + std::to_string(m_rules->m_secResponseBodyAccess));
|
||||
ms_dbg(4, "Response body is disabled, evaluating rules on the phase and returning...");
|
||||
m_rules->evaluate(modsecurity::ResponseBodyPhase, this);
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -59,5 +59,31 @@
|
||||
"SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:5,ctl:forceRequestBodyVariable=Off\"",
|
||||
"SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:7,ctl:forceRequestBodyVariable=On\""
|
||||
]
|
||||
},
|
||||
{
|
||||
"enabled":1,
|
||||
"version_min":300000,
|
||||
"title":"Testing parser warning (4/n)",
|
||||
"expected":{
|
||||
"parser_warn": "Configuration SecRequestBodyAccess is deprecated and not working. You can read more info about it at https://github.com/SpiderLabs/ModSecurity/wiki/deprecated#requestBodyAccess"
|
||||
},
|
||||
"client":{
|
||||
"ip":"200.249.12.31",
|
||||
"port":12300
|
||||
},
|
||||
"request":{
|
||||
"headers":{
|
||||
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
|
||||
},
|
||||
"uri":"/path1",
|
||||
"method":"GET"
|
||||
},
|
||||
"server":{
|
||||
"ip":"200.249.12.31",
|
||||
"port":80
|
||||
},
|
||||
"rules":[
|
||||
"SecRequestBodyAccess On"
|
||||
]
|
||||
}
|
||||
]
|
||||
|
Loading…
x
Reference in New Issue
Block a user