diff --git a/Makefile.am b/Makefile.am index 10141828..54f2666e 100644 --- a/Makefile.am +++ b/Makefile.am @@ -219,3 +219,4 @@ TESTS+=test/test-cases/regression/variable-REQBODY_PROCESSOR_ERROR.json TESTS+=test/test-cases/regression/variable-URLENCODED_ERROR.json TESTS+=test/test-cases/regression/variable-RULE.json TESTS+=test/test-cases/regression/variable-STATUS.json +TESTS+=test/test-cases/regression/variable-RESPONSE_PROTOCOL.json diff --git a/src/transaction.cc b/src/transaction.cc index 89f2b56b..4f350ec4 100644 --- a/src/transaction.cc +++ b/src/transaction.cc @@ -838,6 +838,7 @@ int Transaction::processResponseHeaders(int code, const std::string& proto) { this->m_httpCodeReturned = code; this->m_collections.store("STATUS", std::to_string(code)); + m_collections.store("RESPONSE_PROTOCOL", proto); if (m_rules->secRuleEngine == Rules::DisabledRuleEngine) { #ifndef NO_LOGS diff --git a/test/regression/regression.cc b/test/regression/regression.cc index 4c84949d..d7905667 100644 --- a/test/regression/regression.cc +++ b/test/regression/regression.cc @@ -291,7 +291,7 @@ void perform_unit_test(ModSecurityTest *test, headers.second.c_str()); } - modsec_transaction->processResponseHeaders(r.status, "HTTP 1.1"); + modsec_transaction->processResponseHeaders(r.status, t->response_protocol); actions(&r, modsec_transaction); #if 0 if (r.status != 200) { diff --git a/test/regression/regression_test.cc b/test/regression/regression_test.cc index 4e175599..9da08dfa 100644 --- a/test/regression/regression_test.cc +++ b/test/regression/regression_test.cc @@ -169,6 +169,9 @@ RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) { if (strcmp(key2, "body") == 0) { u->response_body = yajl_array_to_str(val2); } + if (strcmp(key2, "protocol") == 0) { + u->response_protocol = YAJL_GET_STRING(val2); + } } } if (strcmp(key, "expected") == 0) { diff --git a/test/regression/regression_test.h b/test/regression/regression_test.h index 75b9a00a..3ba30edf 100644 --- a/test/regression/regression_test.h +++ b/test/regression/regression_test.h @@ -48,6 +48,7 @@ class RegressionTest { std::unordered_map response_headers; std::string request_body; std::string response_body; + std::string response_protocol; std::string audit_log; std::string debug_log; diff --git a/test/test-cases/regression/variable-RESPONSE_PROTOCOL.json b/test/test-cases/regression/variable-RESPONSE_PROTOCOL.json new file mode 100644 index 00000000..c5a5dcdd --- /dev/null +++ b/test/test-cases/regression/variable-RESPONSE_PROTOCOL.json @@ -0,0 +1,46 @@ +[ + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: RESPONSE_PROTOCOL", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*" + }, + "uri":"/?key=value&key=other_value", + "method":"GET", + "http_version":1.1 + }, + "response":{ + "protocol": "HTTP/1.1", + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Target value: \"HTTP/1.1\" \\(Variable: RESPONSE_PROTOCOL\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecDebugLog \/tmp\/modsec_debug.log", + "SecDebugLogLevel 9", + "SecRule RESPONSE_PROTOCOL \"^HTTP\" \"id:1,phase:5,pass,t:trim\"" + ] + } +] +