mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-14 05:45:59 +03:00
Adds support to SecResponseBodyMimeTypesClear
This commit is contained in:
Felipe Zimmerle
parent
48f1470269
commit
b4051246b1
@ -71,6 +71,14 @@ class ConfigString {
|
||||
};
|
||||
|
||||
|
||||
class ConfigSet {
|
||||
public:
|
||||
ConfigSet() : m_set(false), m_clear(false) { }
|
||||
bool m_set;
|
||||
bool m_clear;
|
||||
std::set<std::string> m_value;
|
||||
};
|
||||
|
||||
class RulesProperties {
|
||||
public:
|
||||
RulesProperties() :
|
||||
@ -334,10 +342,18 @@ class RulesProperties {
|
||||
to->m_components.insert(to->m_components.end(),
|
||||
from->m_components.begin(), from->m_components.end());
|
||||
|
||||
for (std::set<std::string>::iterator
|
||||
it = from->m_responseBodyTypeToBeInspected.begin();
|
||||
it != from->m_responseBodyTypeToBeInspected.end(); ++it) {
|
||||
to->m_responseBodyTypeToBeInspected.insert(*it);
|
||||
if (from->m_responseBodyTypeToBeInspected.m_set == true) {
|
||||
if (from->m_responseBodyTypeToBeInspected.m_clear == true) {
|
||||
to->m_responseBodyTypeToBeInspected.m_value.clear();
|
||||
from->m_responseBodyTypeToBeInspected.m_value.clear();
|
||||
} else {
|
||||
for (std::set<std::string>::iterator
|
||||
it = from->m_responseBodyTypeToBeInspected.m_value.begin();
|
||||
it != from->m_responseBodyTypeToBeInspected.m_value.end(); ++it) {
|
||||
to->m_responseBodyTypeToBeInspected.m_value.insert(*it);
|
||||
}
|
||||
}
|
||||
to->m_responseBodyTypeToBeInspected.m_set = true;
|
||||
}
|
||||
|
||||
for (int i = 0; i <= modsecurity::Phases::NUMBER_OF_PHASES; i++) {
|
||||
@ -447,7 +463,7 @@ class RulesProperties {
|
||||
RulesExceptions m_exceptions;
|
||||
std::list<std::string> m_components;
|
||||
std::ostringstream m_parserError;
|
||||
std::set<std::string> m_responseBodyTypeToBeInspected;
|
||||
ConfigSet m_responseBodyTypeToBeInspected;
|
||||
ConfigString m_httpblKey;
|
||||
ConfigString m_uploadDirectory;
|
||||
ConfigString m_uploadTmpDirectory;
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@ -353,6 +353,7 @@ using modsecurity::operators::Operator;
|
||||
END 0 "end of file"
|
||||
COMMA ","
|
||||
CONFIG_CONTENT_INJECTION "CONFIG_CONTENT_INJECTION"
|
||||
CONGIG_DIR_RESPONSE_BODY_MP_CLEAR "CONGIG_DIR_RESPONSE_BODY_MP_CLEAR"
|
||||
PIPE
|
||||
NEW_LINE
|
||||
VAR_COUNT
|
||||
@ -1362,12 +1363,19 @@ expression:
|
||||
std::istringstream buf($1);
|
||||
std::istream_iterator<std::string> beg(buf), end;
|
||||
std::set<std::string> tokens(beg, end);
|
||||
driver.m_responseBodyTypeToBeInspected.m_set = true;
|
||||
for (std::set<std::string>::iterator it=tokens.begin();
|
||||
it!=tokens.end(); ++it)
|
||||
{
|
||||
driver.m_responseBodyTypeToBeInspected.insert(*it);
|
||||
driver.m_responseBodyTypeToBeInspected.m_value.insert(*it);
|
||||
}
|
||||
}
|
||||
| CONGIG_DIR_RESPONSE_BODY_MP_CLEAR
|
||||
{
|
||||
driver.m_responseBodyTypeToBeInspected.m_set = true;
|
||||
driver.m_responseBodyTypeToBeInspected.m_clear = true;
|
||||
driver.m_responseBodyTypeToBeInspected.m_value.clear();
|
||||
}
|
||||
| CONFIG_XML_EXTERNAL_ENTITY CONFIG_VALUE_OFF
|
||||
{
|
||||
driver.m_secXMLExternalEntity = modsecurity::RulesProperties::FalseConfigBoolean;
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@ -316,6 +316,7 @@ CONFIG_VALUE_SERIAL (?i:Serial)
|
||||
CONFIG_VALUE_WARN (?i:Warn)
|
||||
CONFIG_XML_EXTERNAL_ENTITY (?i:SecXmlExternalEntity)
|
||||
CONGIG_DIR_RESPONSE_BODY_MP (?i:SecResponseBodyMimeType)
|
||||
CONGIG_DIR_RESPONSE_BODY_MP_CLEAR (?i:SecResponseBodyMimeTypesClear)
|
||||
CONGIG_DIR_SEC_ARG_SEP (?i:SecArgumentSeparator)
|
||||
CONGIG_DIR_SEC_COOKIE_FORMAT (?i:SecCookieFormat)
|
||||
CONGIG_DIR_SEC_DATA_DIR (?i:SecDataDir)
|
||||
@ -632,6 +633,7 @@ EQUALS_MINUS (?i:=\-)
|
||||
{CONFIG_VALUE_WARN} { return p::make_CONFIG_VALUE_WARN(yytext, *driver.loc.back()); }
|
||||
{CONFIG_XML_EXTERNAL_ENTITY} { return p::make_CONFIG_XML_EXTERNAL_ENTITY(yytext, *driver.loc.back()); }
|
||||
{CONGIG_DIR_RESPONSE_BODY_MP}[ ]{FREE_TEXT_NEW_LINE} { return p::make_CONGIG_DIR_RESPONSE_BODY_MP(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
{CONGIG_DIR_RESPONSE_BODY_MP_CLEAR} { return p::make_CONGIG_DIR_RESPONSE_BODY_MP_CLEAR(*driver.loc.back()); }
|
||||
{CONGIG_DIR_SEC_ARG_SEP}[ ]{FREE_TEXT_NEW_LINE} { return p::make_CONGIG_DIR_SEC_ARG_SEP(yytext, *driver.loc.back()); }
|
||||
{CONGIG_DIR_SEC_COOKIE_FORMAT}[ ]{CONFIG_VALUE_NUMBER} { return p::make_CONGIG_DIR_SEC_COOKIE_FORMAT(strchr(yytext, ' ') + 1, *driver.loc.back()); }
|
||||
{CONGIG_DIR_SEC_DATA_DIR}[ \t]+{CONFIG_VALUE_PATH} { return p::make_CONGIG_DIR_SEC_DATA_DIR(parserSanitizer(strchr(yytext, ' ') + 1), *driver.loc.back()); }
|
||||
|
||||
@ -1069,9 +1069,9 @@ int Transaction::processResponseBody() {
|
||||
return true;
|
||||
}
|
||||
|
||||
std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected;
|
||||
std::set<std::string> &bi = m_rules->m_responseBodyTypeToBeInspected.m_value;
|
||||
auto t = bi.find(m_variableResponseContentType.m_value);
|
||||
if (t == bi.end() && bi.empty() == false) {
|
||||
if (t == bi.end() && m_rules->m_responseBodyTypeToBeInspected.m_set == true) {
|
||||
#ifndef NO_LOGS
|
||||
debug(5, "Response Content-Type is " \
|
||||
+ m_variableResponseContentType.m_value \
|
||||
@ -1094,7 +1094,7 @@ int Transaction::processResponseBody() {
|
||||
m_variableResponseContentLength.set(std::to_string(
|
||||
m_responseBody.str().size()), m_variableOffset);
|
||||
|
||||
this->m_rules->evaluate(modsecurity::ResponseBodyPhase, this);
|
||||
m_rules->evaluate(modsecurity::ResponseBodyPhase, this);
|
||||
return true;
|
||||
}
|
||||
|
||||
@ -1120,7 +1120,7 @@ int Transaction::processResponseBody() {
|
||||
int Transaction::appendResponseBody(const unsigned char *buf, size_t len) {
|
||||
int current_size = this->m_responseBody.tellp();
|
||||
|
||||
std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected;
|
||||
std::set<std::string> &bi = this->m_rules->m_responseBodyTypeToBeInspected.m_value;
|
||||
auto t = bi.find(m_variableResponseContentType.m_value);
|
||||
if (t == bi.end() && bi.empty() == false) {
|
||||
#ifndef NO_LOGS
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
{
|
||||
"enabled":1,
|
||||
"version_min":300000,
|
||||
"title":"SecResponseBodyMimeType (1/x)",
|
||||
"title":"SecResponseBodyMimeType (1/3)",
|
||||
"client":{
|
||||
"ip":"200.249.12.31",
|
||||
"port":123
|
||||
@ -42,7 +42,7 @@
|
||||
{
|
||||
"enabled":1,
|
||||
"version_min":300000,
|
||||
"title":"SecResponseBodyMimeType (1/x)",
|
||||
"title":"SecResponseBodyMimeType (2/3)",
|
||||
"client":{
|
||||
"ip":"200.249.12.31",
|
||||
"port":123
|
||||
@ -78,6 +78,48 @@
|
||||
"SecResponseBodyMimeType application\/something",
|
||||
"SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\""
|
||||
]
|
||||
},
|
||||
{
|
||||
"enabled":1,
|
||||
"version_min":300000,
|
||||
"title":"SecResponseBodyMimeType (3/3)",
|
||||
"client":{
|
||||
"ip":"200.249.12.31",
|
||||
"port":123
|
||||
},
|
||||
"server":{
|
||||
"ip":"200.249.12.31",
|
||||
"port":80
|
||||
},
|
||||
"request":{
|
||||
"headers":{
|
||||
"Host":"localhost",
|
||||
"User-Agent":"curl/7.38.0",
|
||||
"Accept":"*/*"
|
||||
},
|
||||
"uri":"/?key=value&key=other_value",
|
||||
"method":"GET"
|
||||
},
|
||||
"response":{
|
||||
"headers":{
|
||||
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
|
||||
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
|
||||
"Content-Type":"text/html"
|
||||
},
|
||||
"body":[
|
||||
"no need."
|
||||
]
|
||||
},
|
||||
"expected":{
|
||||
"debug_log":"Response Content-Type is text/html. It is not marked to be inspected."
|
||||
},
|
||||
"rules":[
|
||||
"SecRuleEngine On",
|
||||
"SecResponseBodyMimeType text\/plain text\/tml text\/xml",
|
||||
"SecResponseBodyMimeTypesClear",
|
||||
"SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\""
|
||||
]
|
||||
}
|
||||
|
||||
|
||||
]
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user