ModSecurity/test/test-cases/regression/variable-ARGS_POST_NAMES.json

[
  {
    "enabled":1,
    "version_min":300000,
    "title":"Testing Variables :: ARGS_POST_NAMES (1/x)",
    "client":{
      "ip":"200.249.12.31",
      "port":123
    },
    "server":{
      "ip":"200.249.12.31",
      "port":80
    },
    "request":{
      "headers":{
        "Host":"localhost",
        "User-Agent":"curl/7.38.0",
        "Accept":"*/*",
        "Content-Length": "27",
        "Content-Type": "application/x-www-form-urlencoded"
      },
      "uri":"/",
      "method":"POST",
      "body": [
        "param1=value1&param2=value2"
      ]
    },
    "response":{
      "headers":{
        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
        "Content-Type":"text/html"
      },
      "body":[
        "no need."
      ]
    },
    "expected":{
      "debug_log":"Target value: \"param1\""
    },
    "rules":[
      "SecRuleEngine On",
      "SecRule ARGS_POST_NAMES \"@contains test \" \"id:1,phase:3,pass,t:trim\""
    ]
  },
  {
    "enabled":1,
    "version_min":300000,
    "title":"Testing Variables :: ARGS_POST_NAMES (2/x)",
    "client":{
      "ip":"200.249.12.31",
      "port":123
    },
    "server":{
      "ip":"200.249.12.31",
      "port":80
    },
    "request":{
      "headers":{
        "Host":"localhost",
        "User-Agent":"curl/7.38.0",
        "Accept":"*/*",
        "Content-Length": "27",
        "Content-Type": "application/x-www-form-urlencoded"
      },
      "uri":"/",
      "method":"POST",
      "body": [
        "param1=value1&param2=value2"
      ]
    },
    "response":{
      "headers":{
        "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
        "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
        "Content-Type":"text/html"
      },
      "body":[
        "no need."
      ]
    },
    "expected":{
      "debug_log":"Target value: \"param2\""
    },
    "rules":[
      "SecRuleEngine On",
      "SecRule ARGS_POST_NAMES \"@contains test \" \"id:1,phase:3,pass,t:trim\""
    ]
  },
  {
    "enabled":1,
    "version_min":300000,
    "title":"Testing Variables :: ARGS_POST_NAMES (3/x)",
    "client":{
      "ip":"200.249.12.31",
      "port":123
    },
    "server":{
      "ip":"200.249.12.31",
      "port":80
    },
    "request":{
      "headers":{
        "Host":"localhost",
        "User-Agent":"curl/7.38.0",
        "Accept":"*/*",
        "Content-Length":"330",
        "Content-Type":"multipart/form-data; boundary=0000",
        "Expect":"100-continue"
      },
      "uri":"/",
      "method":"POST",
      "body":[
                "--0000\r",
                "Content-Disposition: form-data; name=\"name1\"\r",
                "\r",
                "content1\r",
                "--0000\r",
                "Content-Disposition: form-data; name=\"name2\"\r",
                "\r",
                "content2\r",
                "--0000--\r"
      ]
    },
    "response":{
      "headers":{
        "Content-Type":"text/html"
      },
      "body":[
        "no need."
      ]
    },
    "expected":{
      "debug_log":"Target value: \"name1\" \\(Variable: ARGS_POST_NAMES\\)"
    },
    "rules":[
        "SecRuleEngine On",
        "SecRequestBodyAccess On",
        "SecRule ARGS_POST_NAMES \"@contains test \" \"id:1,phase:3,pass,t:trim\""
    ]
  },
  {
    "enabled":1,
    "version_min":300000,
    "title":"Testing Variables :: ARGS_POST_NAMES (3/x)",
    "client":{
      "ip":"200.249.12.31",
      "port":123
    },
    "server":{
      "ip":"200.249.12.31",
      "port":80
    },
    "request":{
      "headers":{
        "Host":"localhost",
        "User-Agent":"curl/7.38.0",
        "Accept":"*/*",
        "Content-Length":"330",
        "Content-Type":"multipart/form-data; boundary=0000",
        "Expect":"100-continue"
      },
      "uri":"/",
      "method":"POST",
      "body":[
                "--0000\r",
                "Content-Disposition: form-data; name=\"name1\"\r",
                "\r",
                "content1\r",
                "--0000\r",
                "Content-Disposition: form-data; name=\"name2\"\r",
                "\r",
                "content2\r",
                "--0000--\r"
      ]
    },
    "response":{
      "headers":{
        "Content-Type":"text/html"
      },
      "body":[
        "no need."
      ]
    },
    "expected":{
      "error_log":"o0,5v206,5t:trim"
    },
    "rules":[
        "SecRuleEngine On",
        "SecRequestBodyAccess On",
        "SecRule ARGS_POST_NAMES \"@contains name1\" \"id:1,phase:3,pass,t:trim\""
    ]
  }
]