[ { "enabled":1, "version_min":300000, "title":"Testing Variables :: MULTIPART_STRICT_ERROR", "client":{ "ip":"200.249.12.31", "port":123 }, "server":{ "ip":"200.249.12.31", "port":80 }, "request":{ "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", "Content-Length":"330", "Content-Type":"multipart/form-data; boundary= --------------------------756b6d74fa1a8ee2", "Expect":"100-continue" }, "uri":"/", "method":"POST", "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", "test", "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is a very small test file..", "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is another very small test file..", "--------------------------756b6d74fa1a8ee2--" ] }, "response":{ "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, "body":[ "no need." ] }, "expected":{ "debug_log":"Multipart: Warning: boundary whitespace in C-T header" }, "rules":[ "SecRuleEngine On", "SecRule MULTIPART_STRICT_ERROR \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" ] }, { "enabled":1, "version_min":300000, "title":"Testing Variables :: MULTIPART_STRICT_ERROR", "client":{ "ip":"200.249.12.31", "port":123 }, "server":{ "ip":"200.249.12.31", "port":80 }, "request":{ "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", "Content-Length":"330", "Content-Type":"multipart/form-data; boundary=\"--------------------------756b6d74fa1a8ee2\"", "Expect":"100-continue" }, "uri":"/", "method":"POST", "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", "test", "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is a very small test file..", "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is another very small test file..", "--------------------------756b6d74fa1a8ee2--" ] }, "response":{ "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, "body":[ "no need." ] }, "expected":{ "debug_log":"Multipart: Warning: boundary was quoted." }, "rules":[ "SecRuleEngine On", "SecRule MULTIPART_STRICT_ERROR \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" ] }, { "enabled":1, "version_min":300000, "title":"Testing Variables :: MULTIPART_STRICT_ERROR", "client":{ "ip":"200.249.12.31", "port":123 }, "server":{ "ip":"200.249.12.31", "port":80 }, "request":{ "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", "Content-Length":"330", "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", "Expect":"100-continue" }, "uri":"/", "method":"POST", "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", "test", "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is a very small test file..", "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is another very small test file..", "--------------------------756b6d74fa1a8ee2--whee." ] }, "response":{ "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, "body":[ "no need." ] }, "expected":{ "debug_log":"Multipart: Warning: seen data before first boundary" }, "rules":[ "SecRuleEngine On", "SecRule MULTIPART_STRICT_ERROR \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" ] }, { "enabled":1, "version_min":300000, "title":"Testing Variables :: MULTIPART_STRICT_ERROR", "client":{ "ip":"200.249.12.31", "port":123 }, "server":{ "ip":"200.249.12.31", "port":80 }, "request":{ "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", "Content-Length":"330", "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", "Expect":"100-continue" }, "uri":"/", "method":"POST", "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", "test", "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is a very small test file..", "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is another very small test file..", "----------------------------756b6d74fa1a8ee2--" ] }, "response":{ "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, "body":[ "no need." ] }, "expected":{ "debug_log":"Warning: incorrect line endings used \\(LF\\)" }, "rules":[ "SecRuleEngine On", "SecRule MULTIPART_STRICT_ERROR \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" ] }, { "enabled":1, "version_min":300000, "title":"Testing Variables :: MULTIPART_STRICT_ERROR", "client":{ "ip":"200.249.12.31", "port":123 }, "server":{ "ip":"200.249.12.31", "port":80 }, "request":{ "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", "Content-Length":"330", "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", "Expect":"100-continue" }, "uri":"/", "method":"POST", "body":[ "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", "test", "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name='filedata'; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is a very small test file..", "--------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is another very small test file..", "--------------------------756b6d74fa1a8ee2--" ] }, "response":{ "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, "body":[ "no need." ] }, "expected":{ "debug_log":"Multipart: Warning: seen data before first boundary" }, "rules":[ "SecRuleEngine On", "SecRule MULTIPART_STRICT_ERROR \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" ] }, { "enabled":1, "version_min":300000, "title":"Testing Variables :: MULTIPART_STRICT_ERROR - RFC2046", "client":{ "ip":"200.249.12.31", "port":123 }, "server":{ "ip":"200.249.12.31", "port":80 }, "request":{ "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", "Content-Length":"330", "Content-Type":"multipart/form-data; boundary=0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?", "Expect":"100-continue" }, "uri":"/", "method":"POST", "body":[ "--0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?", "Content-Disposition: form-data; name=\"name\"", "", "1", "--0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?--" ] }, "response":{ "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, "body":[ "no need." ] }, "expected":{ "debug_log":"Target value: \"0\" \\(Variable: REQBODY_ERROR\\)" }, "rules":[ "SecRuleEngine On", "SecRule REQBODY_ERROR \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" ] }, { "enabled":1, "version_min":300000, "title":"Testing Variables :: MULTIPART_STRICT_ERROR - IQ ", "client":{ "ip":"200.249.12.31", "port":123 }, "server":{ "ip":"200.249.12.31", "port":80 }, "request":{ "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", "Content-Length":"330", "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", "Expect":"100-continue" }, "uri":"/", "method":"POST", "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", "test", "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=file'data; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is a very small test file..", "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is another very small test file..", "----------------------------756b6d74fa1a8ee2--" ] }, "response":{ "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, "body":[ "no need." ] }, "expected":{ "http_code": 403, "debug_log":"Warning: invalid quoting used" }, "rules":[ "SecRuleEngine On", "SecRule MULTIPART_STRICT_ERROR \"!@eq 0\" \"id:1,phase:2,deny,status:403\"" ] }, { "enabled":1, "version_min":300000, "title":"Testing Variables :: MULTIPART_STRICT_ERROR - IQ ", "client":{ "ip":"200.249.12.31", "port":123 }, "server":{ "ip":"200.249.12.31", "port":80 }, "request":{ "headers":{ "Host":"localhost", "User-Agent":"curl/7.38.0", "Accept":"*/*", "Content-Length":"330", "Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2", "Expect":"100-continue" }, "uri":"/", "method":"POST", "body":[ "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"name\"", "", "test", "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"file'data\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is a very small test file..", "----------------------------756b6d74fa1a8ee2", "Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"", "Content-Type: text/plain", "", "This is another very small test file..", "----------------------------756b6d74fa1a8ee2--" ] }, "response":{ "headers":{ "Date":"Mon, 13 Jul 2015 20:02:41 GMT", "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", "Content-Type":"text/html" }, "body":[ "no need." ] }, "expected":{ "http_code": 200 }, "rules":[ "SecRuleEngine On", "SecRule MULTIPART_INVALID_QUOTING \"!@eq 0\" \"id:1,phase:2,deny,status:403\"", "SecRule MULTIPART_STRICT_ERROR \"!@eq 0\" \"id:2,phase:2,pass\"" ] } ]