mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-09-29 19:24:29 +03:00
Allow mod_proxy's "nocanon" behavior to be specified in proxy actions.
This commit is contained in:
committed by
Felipe Zimmerle
parent
258e5545a2
commit
e3b3721ee3
@@ -474,6 +474,37 @@
|
||||
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
||||
),
|
||||
},
|
||||
{
|
||||
type => "action",
|
||||
comment => "nocanon proxy in phase:1 (get)",
|
||||
conf => qq(
|
||||
SecRuleEngine On
|
||||
SecRequestBodyAccess On
|
||||
SecResponseBodyAccess On
|
||||
SecResponseBodyMimeType null
|
||||
SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'[nocanon]http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500005"
|
||||
),
|
||||
match_log => {
|
||||
error => {
|
||||
apache => [qr/ModSecurity: Access denied using proxy to \(phase 1\)/, 1],
|
||||
nginx => [qr/ModSecurity: Access denied with code 500 \(phase 1\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
|
||||
},
|
||||
},
|
||||
match_response => {
|
||||
status => {
|
||||
apache => qr/^200$/,
|
||||
nginx => qr/^500$/,
|
||||
},
|
||||
content => {
|
||||
apache => qr/^TEST$/,
|
||||
nginx => qr/^*$/,
|
||||
},
|
||||
},
|
||||
|
||||
request => new HTTP::Request(
|
||||
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
|
||||
),
|
||||
},
|
||||
{
|
||||
type => "action",
|
||||
comment => "proxy in phase:2 (get)",
|
||||
|
Reference in New Issue
Block a user