Adds support for ctl:requestBodyProcessor=URLENCODED

src/Makefile.am

@@ -112,6 +112,7 @@ ACTIONS = \
 	actions/ctl/rule_engine.cc \
 	actions/ctl/request_body_processor_json.cc \
 	actions/ctl/request_body_processor_xml.cc \
+	actions/ctl/request_body_processor_urlencoded.cc \
 	actions/ctl/rule_remove_target_by_tag.cc \
 	actions/ctl/rule_remove_target_by_id.cc \
 	actions/ctl/rule_remove_by_id.cc \

src/actions/ctl/request_body_processor_urlencoded.cc

@@ -0,0 +1,40 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include "src/actions/ctl/request_body_processor_urlencoded.h"
+
+#include <iostream>
+#include <string>
+
+#include "modsecurity/transaction.h"
+
+namespace modsecurity {
+namespace actions {
+namespace ctl {
+
+
+bool RequestBodyProcessorURLENCODED::evaluate(Rule *rule,
+    Transaction *transaction) {
+    transaction->m_requestBodyProcessor = Transaction::WWWFormUrlEncoded;
+    transaction->m_variableReqbodyProcessor.set("URLENCODED",
+        transaction->m_variableOffset);
+
+    return true;
+}
+
+
+}  // namespace ctl
+}  // namespace actions
+}  // namespace modsecurity

src/actions/ctl/request_body_processor_urlencoded.h

@@ -0,0 +1,42 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+#include <string>
+
+#include "modsecurity/actions/action.h"
+#include "modsecurity/transaction.h"
+
+#ifndef SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_URLENCODED_H_
+#define SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_URLENCODED_H_
+
+namespace modsecurity {
+namespace actions {
+namespace ctl {
+
+
+class RequestBodyProcessorURLENCODED : public Action {
+ public:
+    explicit RequestBodyProcessorURLENCODED(std::string action)
+        : Action(action, RunTimeOnlyIfMatchKind) { }
+
+    bool evaluate(Rule *rule, Transaction *transaction) override;
+};
+
+
+}  // namespace ctl
+}  // namespace actions
+}  // namespace modsecurity
+
+#endif  // SRC_ACTIONS_CTL_REQUEST_BODY_PROCESSOR_URLENCODED_H_

src/parser/seclang-parser.yy

@@ -28,6 +28,7 @@ class Driver;
 #include "src/actions/ctl/rule_engine.h"
 #include "src/actions/ctl/request_body_processor_json.h"
 #include "src/actions/ctl/request_body_processor_xml.h"
+#include "src/actions/ctl/request_body_processor_urlencoded.h"
 #include "src/actions/ctl/rule_remove_by_id.h"
 #include "src/actions/ctl/rule_remove_by_tag.h"
 #include "src/actions/ctl/rule_remove_target_by_id.h"
@@ -523,6 +524,7 @@ using modsecurity::operators::Operator;
   ACTION_CTL_AUDIT_LOG_PARTS                   "ACTION_CTL_AUDIT_LOG_PARTS"
   ACTION_CTL_BDY_JSON                          "ACTION_CTL_BDY_JSON"
   ACTION_CTL_BDY_XML                           "ACTION_CTL_BDY_XML"
+  ACTION_CTL_BDY_URLENCODED                    "ACTION_CTL_BDY_URLENCODED"
   ACTION_CTL_FORCE_REQ_BODY_VAR                "ACTION_CTL_FORCE_REQ_BODY_VAR"
   ACTION_CTL_REQUEST_BODY_ACCESS               "ACTION_CTL_REQUEST_BODY_ACCESS"
   ACTION_CTL_RULE_REMOVE_BY_ID                 "ACTION_CTL_RULE_REMOVE_BY_ID"
@@ -2554,6 +2556,10 @@ act:
       {
         ACTION_CONTAINER($$, new actions::ctl::RequestBodyProcessorXML($1));
       }
+    | ACTION_CTL_BDY_URLENCODED
+      {
+        ACTION_CONTAINER($$, new actions::ctl::RequestBodyProcessorURLENCODED($1));
+      }
     | ACTION_CTL_FORCE_REQ_BODY_VAR CONFIG_VALUE_ON
       {
         //ACTION_NOT_SUPPORTED("CtlForceReequestBody", @0);

src/parser/seclang-scanner.ll

@@ -88,6 +88,7 @@ ACTION_CTL_AUDIT_ENGINE                         (?i:ctl:auditEngine)
 ACTION_CTL_AUDIT_LOG_PARTS                      (?i:ctl:auditLogParts)
 ACTION_CTL_BDY_JSON                             (?i:ctl:requestBodyProcessor=JSON)
 ACTION_CTL_BDY_XML                              (?i:ctl:requestBodyProcessor=XML)
+ACTION_CTL_BDY_URLENCODED                       (?i:ctl:requestBodyProcessor=URLENCODED)
 ACTION_CTL_FORCE_REQ_BODY_VAR                   (?i:ctl:forceRequestBodyVariable)
 ACTION_CTL_REQUEST_BODY_ACCESS                  (?i:ctl:requestBodyAccess)
 ACTION_CTL_RULE_ENGINE                          (?i:ctl:ruleEngine)
@@ -529,6 +530,7 @@ EQUALS_MINUS                            (?i:=\-)
 {ACTION_CTL_AUDIT_LOG_PARTS}=[+|-]{AUDIT_PARTS}                         { return p::make_ACTION_CTL_AUDIT_LOG_PARTS(yytext, *driver.loc.back()); }
 {ACTION_CTL_BDY_JSON}                                                   { return p::make_ACTION_CTL_BDY_JSON(yytext, *driver.loc.back()); }
 {ACTION_CTL_BDY_XML}                                                    { return p::make_ACTION_CTL_BDY_XML(yytext, *driver.loc.back()); }
+{ACTION_CTL_BDY_URLENCODED}                                             { return p::make_ACTION_CTL_BDY_URLENCODED(yytext, *driver.loc.back()); }
 {ACTION_CTL_FORCE_REQ_BODY_VAR}=                                        { return p::make_ACTION_CTL_FORCE_REQ_BODY_VAR(yytext, *driver.loc.back()); }
 {ACTION_CTL_REQUEST_BODY_ACCESS}=                                       { return p::make_ACTION_CTL_REQUEST_BODY_ACCESS(yytext, *driver.loc.back()); }
 {ACTION_CTL_RULE_ENGINE}=                                               { return p::make_ACTION_CTL_RULE_ENGINE(*driver.loc.back()); }