github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 03:34:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Adds REQUEST_COOKIES and REQUEST_COOKIES_NAMES variables

Browse Source
This commit is contained in:
Felipe Zimmerle
2015-08-04 17:57:09 -03:00
parent 0720fd4790
commit be4a0cb41c
3 changed files with 272 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/assay.cc
View File

@@ -353,6 +353,20 @@ int Assay::addRequestHeader(const std::string& key,
this->store_variable("AUTH_TYPE", type[0]);
}
if (tolower(key) == "cookie") {
std::vector<std::string> cookies = split(value, ';');
while (cookies.empty() == false) {
std::vector<std::string> s = split(cookies.back(), '=');
if (s.size() > 1) {
if (s[0].at(0) == ' ') {
s[0].erase(0, 1);
}
this->store_variable("REQUEST_COOKIES:" + s[0], s[1]);
this->store_variable("REQUEST_COOKIES_NAMES:" + s[0], s[0]);
}
cookies.pop_back();
}
}
/**
* Simple check to decide the request body content. This is not the right
* place, the "body processor" should be able to tell what he is capable