github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix xml processing tests

Browse Source
This commit is contained in:
Ervin Hegedus 2025-07-28 17:21:44 +02:00
parent 63af83080c
commit c7cacf80f2
No known key found for this signature in database
GPG Key ID: 5FA5BC3F5EC41F61
1 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
tests/regression/rule/10-xml.t
View File

@ -169,13 +169,13 @@
phase:2,deny,id:12345" phase:2,deny,id:12345"
), ),
match_log => { match_log => {
debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation failed because content is not well formed/s, 1 ], debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error: XML: Failed to parse document./s, 1 ],
-debug => [ qr/Failed to load|Successfully validated/, 1 ], debug => [ qr/XML parser error: XML: Failed to parse document./, 1 ],
-error => [ qr/Failed to load|Successfully validated/, 1 ], error => [ qr/XML parser error: XML: Failed to parse document./, 1 ],
audit => [ qr/^Message: .*Failed parsing document.*\nMessage:/m, 1 ], audit => [ qr/XML parser error: XML: Failed to parse document./m, 1 ],
}, },
match_response => { match_response => {
status => qr/^403$/, status => qr/^500$/,
}, },
request => new HTTP::Request( request => new HTTP::Request(
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt", POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
@ -350,6 +350,8 @@
SecXmlExternalEntity On SecXmlExternalEntity On
SecDebugLog $ENV{DEBUG_LOG} SecDebugLog $ENV{DEBUG_LOG}
SecDebugLogLevel 9 SecDebugLogLevel 9
SecAuditEngine RelevantOnly
SecAuditLog "$ENV{AUDIT_LOG}"
SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500026, \\ SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500026, \\
phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML" phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500027 SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500027
@ -357,12 +359,12 @@
phase:2,deny,id:12345" phase:2,deny,id:12345"
), ),
match_log => { match_log => {
debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation failed because content is not well formed/s, 1 ], debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error: XML: Failed to parse document./s, 1 ],
-debug => [ qr/Failed to load|Successfully validated/, 1 ], debug => [ qr/XML parser error: XML: Failed to parse document./, 1 ],
-error => [ qr/Failed to load|Successfully validated/, 1 ], audit => [ qr/^Message: .*Failed to parse document.*\nMessage:/m, 1 ],
}, },
match_response => { match_response => {
status => qr/^403$/, status => qr/^500$/,
}, },
request => new HTTP::Request( request => new HTTP::Request(
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt", POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",