Handling key exceptions on the variable itself

This is the first step towords to solve #1697
2025-09-29 19:24:29 +03:00 · 2018-09-20 09:08:08 -03:00
parent 0d53111cb0
commit ee50fea266
54 changed files with 2337 additions and 2080 deletions
--- a/test/test-cases/regression/issue-1831.json
+++ b/test/test-cases/regression/issue-1831.json
@@ -3,7 +3,7 @@
    "enabled": 1,
    "version_min": 209000,
    "version_max": -1,
-    "title": "Invalid actions break CRS 3.1 on rule 912160",
+    "title": "Invalid actions break CRS 3.1 on rule 912160 - 1",
    "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830",
    "client": {
      "ip": "200.249.12.31",
@@ -50,7 +50,7 @@
    "enabled": 1,
    "version_min": 209000,
    "version_max": -1,
-    "title": "Invalid actions break CRS 3.1 on rule 912160",
+    "title": "Invalid actions break CRS 3.1 on rule 912160 - 2",
    "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830",
    "client": {
      "ip": "200.249.12.31",
@@ -100,7 +100,7 @@
    "enabled": 1,
    "version_min": 209000,
    "version_max": -1,
-    "title": "Invalid actions break CRS 3.1 on rule 912160",
+    "title": "Invalid actions break CRS 3.1 on rule 912160 - 3",
    "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830",
    "client": {
      "ip": "200.249.12.31",
@@ -149,7 +149,7 @@
    "enabled": 1,
    "version_min": 209000,
    "version_max": -1,
-    "title": "Invalid actions break CRS 3.1 on rule 912160",
+    "title": "Invalid actions break CRS 3.1 on rule 912160 - 4",
    "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1830",
    "client": {
      "ip": "200.249.12.31",
--- a/test/test-cases/regression/variable-variation-exclusion.json
+++ b/test/test-cases/regression/variable-variation-exclusion.json
@@ -48,12 +48,13 @@
    },
    "expected":{  
      "audit_log":"",
-      "debug_log":"Variable: REQUEST_HEADERS:Accept is part of the exclusion list, skipping...",
-      "error_log":""
+      "debug_log":"",
+      "error_log":"",
+      "http_code":200
    },
    "rules":[  
      "SecRuleEngine On",
-      "SecRule REQUEST_HEADERS|!REQUEST_HEADERS:Accept|!REMOTE_HOST \"@contains test \" \"id:1,t:lowercase,t:none\""
+      "SecRule REQUEST_HEADERS|!REQUEST_HEADERS:Accept|!REMOTE_HOST \"@contains html\" \"id:1,t:lowercase,t:none,block,deny,status:300\""
    ]
  },
  {  
@@ -105,12 +106,13 @@
    },
    "expected":{  
      "audit_log":"",
-      "debug_log":"Variable: REQUEST_HEADERS:Accept-Encoding is part of the exclusion list, skipping...",
-      "error_log":""
+      "debug_log":"",
+      "error_log":"",
+      "http_code": 200
    },
    "rules":[  
      "SecRuleEngine On",
-      "SecRule REQUEST_HEADERS|!REQUEST_HEADERS \"@contains test \" \"id:1,t:lowercase,t:none\""
+      "SecRule REQUEST_HEADERS|!REQUEST_HEADERS \"@contains html\" \"id:1,t:lowercase,t:none,block,deny,status:300\""
    ]
  }
 ]