mirror of
https://github.com/owasp-modsecurity/ModSecurity.git
synced 2025-08-13 21:36:00 +03:00
6421ff087a
ModSecurity version 3 is capable to handle disruptive actions in different rules from the chain. However, lets get it working in the same fashion that we have in version 2.
87 lines
2.0 KiB
JSON
87 lines
2.0 KiB
JSON
[
|
|
{
|
|
"enabled":1,
|
|
"version_min":300000,
|
|
"title":"Testing Variables :: MATCHED_VARS (1/2)",
|
|
"client":{
|
|
"ip":"200.249.12.31",
|
|
"port":123
|
|
},
|
|
"server":{
|
|
"ip":"200.249.12.31",
|
|
"port":80
|
|
},
|
|
"request":{
|
|
"headers":{
|
|
"Host":"localhost",
|
|
"User-Agent":"curl/7.38.0",
|
|
"Accept":"*/*"
|
|
},
|
|
"uri":"/?keyI=value&keyII=other_value",
|
|
"method":"GET"
|
|
},
|
|
"response":{
|
|
"headers":{
|
|
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
|
|
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
|
|
"Content-Type":"text/html"
|
|
},
|
|
"body":[
|
|
"no need."
|
|
]
|
|
},
|
|
"expected":{
|
|
"debug_log":"Target value: \"value\" \\(Variable: MATCHED_VARS:ARGS:keyI\\)"
|
|
},
|
|
"rules":[
|
|
"SecRuleEngine On",
|
|
"SecRule ARGS:keyI \"@contains value\" \"chain,id:28,pass\"",
|
|
"SecRule ARGS:keyII \"@contains other_value\" \"chain\"",
|
|
"SecRule MATCHED_VARS \"@contains asdf\" \"\""
|
|
]
|
|
},
|
|
{
|
|
"enabled":1,
|
|
"version_min":300000,
|
|
"title":"Testing Variables :: MATCHED_VARS (2/2)",
|
|
"client":{
|
|
"ip":"200.249.12.31",
|
|
"port":123
|
|
},
|
|
"server":{
|
|
"ip":"200.249.12.31",
|
|
"port":80
|
|
},
|
|
"request":{
|
|
"headers":{
|
|
"Host":"localhost",
|
|
"User-Agent":"curl/7.38.0",
|
|
"Accept":"*/*"
|
|
},
|
|
"uri":"/?keyI=value&keyII=other_value",
|
|
"method":"GET"
|
|
},
|
|
"response":{
|
|
"headers":{
|
|
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
|
|
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
|
|
"Content-Type":"text/html"
|
|
},
|
|
"body":[
|
|
"no need."
|
|
]
|
|
},
|
|
"expected":{
|
|
"debug_log":"Target value: \"value\" \\(Variable: MATCHED_VARS:ARGS:keyI\\)"
|
|
},
|
|
"rules":[
|
|
"SecRuleEngine On",
|
|
"SecRule ARGS:keyI \"@contains value\" \"chain,id:28,pass\"",
|
|
"SecRule ARGS:keyII \"@contains other_value\" \"chain\"",
|
|
"SecRule MATCHED_VARS \"@contains asdf\" \"\"",
|
|
"SecRule MATCHED_VARS \"@contains value\" \"id:29\""
|
|
]
|
|
}
|
|
]
|
|
|