Fills ARGS variable even on POST

2025-08-14 13:56:01 +03:00 · 2015-07-14 01:31:32 -03:00 · 2015-07-14 01:31:32 -03:00 · b2954ff223
commit b2954ff223
parent 9f869a6aab
1 changed files with 28 additions and 0 deletions
--- a/src/assay.cc
+++ b/src/assay.cc
@ -350,6 +350,34 @@ int Assay::addRequestHeader(const unsigned char *key, size_t key_n,
 */
 int Assay::processRequestBody() {
    debug(4, "Starting phase REQUEST_BODY. (SecRules 2)");
+
+    if (m_requestBody.tellp() > 0) {
+        /**
+         * FIXME:
+         *
+         * This is configurable by secrules, we should respect whatever
+         * the secrules said about it.
+         *
+         */
+        std::string content = m_requestBody.str();
+        char sep1 = '&';
+
+        std::vector<std::string> key_value = split(content, sep1);
+
+        for (std::string t : key_value) {
+            /**
+             * FIXME:
+             *
+             * Mimic modsecurity when there are multiple keys with the same name.
+             *
+             */
+            char sep2 = '=';
+
+            std::vector<std::string> key_value = split(t, sep2);
+            store_variable("ARGS:" + key_value[0], key_value[1]);
+        }
+    }
+
    this->m_rules->evaluate(ModSecurity::RequestBodyPhase, this);
    return 0;
 }