github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
ModSecurity/test/test-cases/regression/config-update-action-by-id.json
Felipe Zimmerle 2bdc5f9d0a
Adds test case to cover issue #2005
2019-06-18 15:10:43 -03:00

273 lines
6.4 KiB
JSON
Raw Blame History

[
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (1/n)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200,
"debug_log": "Skipped rule id '200005'"
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateActionById 200004 \"allow\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (2/n)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 403
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (3/n)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200,
"debug_log": "Running action: log"
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateActionById 200004 \"pass\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,deny\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (4/n)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200,
"debug_log": "Running action: log"
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateActionById 200004 \"pass\"",
"SecDefaultAction \"phase:3,deny\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (5/n)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 200,
"debug_log": "Dropping the evaluation of upcoming rules in favor of"
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateActionById 200004 \"allow\"",
"SecDefaultAction \"phase:3,deny\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200005,log\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleUpdateActionById (6/n)",
"issue":"2005",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded?param1=value1",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code": 302,
"error_log": "Access denied with code 302"
},
"rules":[
"SecRuleEngine On",
"SecRuleUpdateActionById 200004 \"redirect:'https://%{request_headers.host}/'\"",
"SecRule ARGS \"@contains value1\" \"phase:3,id:200004,block,deny\""
]
}
]
Reference in New Issue View Git Blame Copy Permalink