Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Revert "Remove unused test files and scripts from ModSecurity"

Browse source 
This reverts commit 3a7a25b568.
This commit is contained in:
Théophile Diot 2025-01-16 10:43:54 +01:00
parent 90359705c4
commit b61ded6858
No known key found for this signature in database
GPG key ID: FA995104A0BA376A
260 changed files with 40369 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

0
src/deps/src/modsecurity/doc/.empty vendored Normal file
View file

17
src/deps/src/modsecurity/doc/Makefile.am vendored Normal file
View file

@ -0,0 +1,17 @@
ACLOCAL_AMFLAGS = -I build
# Doxygen support
# include $(top_srcdir)/build/ax_prog_doxygen.m4
# distribution of the Doxygen configuration file
EXTRA_DIST = \
doxygen.cfg
MAINTAINERCLEANFILES = \
Makefile.in \
doxygen_sqlite3.db \
html \
latex

2403
src/deps/src/modsecurity/doc/doxygen.cfg vendored Normal file
View file

File diff suppressed because it is too large Load diff

BIN
src/deps/src/modsecurity/doc/ms-doxygen-logo.png vendored Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 10 KiB

0
src/deps/src/modsecurity/test/.empty vendored Normal file
View file

196
src/deps/src/modsecurity/test/Makefile.am vendored Normal file
View file

@ -0,0 +1,196 @@
if AFL_FUZZER
export MAYBE_AFL_FUZZER = fuzzer
endif
SUBDIRS = \
benchmark \
$(MAYBE_AFL_FUZZER)
# make clean
CLEANFILES =
# make maintainer-clean
MAINTAINERCLEANFILES = \
Makefile.in
bin_PROGRAMS =
noinst_PROGRAMS =
EXTRA_DIST = \
test-cases/* \
custom-test-driver \
test-suite.sh
# unit_tests
noinst_PROGRAMS += unit_tests
unit_tests_SOURCES = \
unit/unit.cc \
unit/unit_test.cc
noinst_HEADERS = \
common/modsecurity_test.cc \
common/*.h \
unit/*.h \
regression/*.h
unit_tests_LDADD = \
$(CURL_LDADD) \
$(GEOIP_LDADD) \
$(MAXMIND_LDADD) \
$(GLOBAL_LDADD) \
$(LIBXML2_LDADD) \
$(LMDB_LDADD) \
$(LUA_LDADD) \
$(PCRE_LDADD) \
$(PCRE2_LDADD) \
$(SSDEEP_LDADD) \
$(YAJL_LDADD)
unit_tests_LDFLAGS = \
-L$(top_builddir)/src/.libs/ \
$(GEOIP_LDFLAGS) \
-lmodsecurity \
-lpthread \
-lm \
-lstdc++ \
$(MAXMIND_LDFLAGS) \
$(LMDB_LDFLAGS) \
$(LUA_LDFLAGS) \
$(SSDEEP_LDFLAGS) \
$(YAJL_LDFLAGS)
unit_tests_CPPFLAGS = \
-Icommon \
-I../ \
-g \
-I$(top_builddir)/headers \
$(CURL_CFLAGS) \
$(MODSEC_NO_LOGS) \
$(GEOIP_CFLAGS) \
$(MAXMIND_CFLAGS) \
$(GLOBAL_CPPFLAGS) \
$(LMDB_CFLAGS) \
$(PCRE_CFLAGS) \
$(PCRE2_CFLAGS) \
$(YAJL_CFLAGS) \
$(LUA_CFLAGS) \
$(SSDEEP_CFLAGS) \
$(LIBXML2_CFLAGS)
# regression
noinst_PROGRAMS += regression_tests
regression_tests_SOURCES = \
regression/regression.cc \
regression/regression_test.cc \
regression/custom_debug_log.cc
regression_tests_LDADD = \
$(CURL_LDADD) \
$(GEOIP_LDADD) \
$(MAXMIND_LDADD) \
$(GLOBAL_LDADD) \
$(LIBXML2_LDADD) \
$(LMDB_LDADD) \
$(LUA_LDADD) \
$(PCRE_LDADD) \
$(PCRE2_LDADD) \
$(SSDEEP_LDADD) \
$(YAJL_LDADD)
regression_tests_LDFLAGS = \
-L$(top_builddir)/src/.libs/ \
$(GEOIP_LDFLAGS) \
-lmodsecurity \
-lpthread \
-lm \
-lstdc++ \
$(MAXMIND_LDFLAGS) \
$(YAJL_LDFLAGS) \
$(LMDB_LDFLAGS) \
$(SSDEEP_LDFLAGS) \
$(LUA_LDFLAGS)
regression_tests_CPPFLAGS = \
-Icommon \
-I../ \
-g \
-I$(top_builddir)/headers \
$(CURL_CFLAGS) \
$(MODSEC_NO_LOGS) \
$(GEOIP_CFLAGS) \
$(MAXMIND_CFLAGS) \
$(GLOBAL_CPPFLAGS) \
$(LMDB_CFLAGS) \
$(LUA_CFLAGS) \
$(SSDEEP_CFLAGS) \
$(PCRE_CFLAGS) \
$(PCRE2_CFLAGS) \
$(YAJL_CFLAGS) \
$(LIBXML2_CFLAGS)
# optimization
noinst_PROGRAMS += rules_optimization
rules_optimization_SOURCES = \
optimization/optimization.cc
rules_optimization_LDADD = \
$(CURL_LDADD) \
$(GEOIP_LDADD) \
$(MAXMIND_LDADD) \
$(GLOBAL_LDADD) \
$(LIBXML2_LDADD) \
$(LMDB_LDADD) \
$(LUA_LDADD) \
$(PCRE_LDADD) \
$(PCRE2_LDADD) \
$(SSDEEP_LDADD) \
$(YAJL_LDADD)
rules_optimization_LDFLAGS = \
-L$(top_builddir)/src/.libs/ \
$(GEOIP_LDFLAGS) \
-lmodsecurity \
-lpthread \
-lm \
-lstdc++ \
$(MAXMIND_LDFLAGS) \
$(LMDB_LDFLAGS) \
$(LUA_LDFLAGS) \
$(SSDEEP_LDFLAGS) \
$(YAJL_LDFLAGS)
rules_optimization_CPPFLAGS = \
-Icommon \
-I../ \
-g \
-I$(top_builddir)/headers \
$(CURL_CFLAGS) \
$(MODSEC_NO_LOGS) \
$(GEOIP_CFLAGS) \
$(MAXMIND_CFLAGS) \
$(GLOBAL_CPPFLAGS) \
$(LMDB_CFLAGS) \
$(LUA_CFLAGS) \
$(SSDEEP_CFLAGS) \
$(PCRE_CFLAGS) \
$(PCRE2_CFLAGS) \
$(YAJL_CFLAGS) \
$(LIBXML2_CFLAGS)

43
src/deps/src/modsecurity/test/benchmark/Makefile.am vendored Normal file
View file

@ -0,0 +1,43 @@
noinst_PROGRAMS = benchmark
benchmark_SOURCES = \
benchmark.cc
benchmark_LDADD = \
$(CURL_LDADD) \
$(GEOIP_LDADD) \
$(MAXMIND_LDADD) \
$(PCRE_LDADD) \
$(YAJL_LDADD) \
$(LMDB_LDADD) \
$(SSDEEP_LDADD) \
$(LUA_LDADD) \
$(LIBXML2_LDADD) \
$(GLOBAL_LDADD)
benchmark_LDFLAGS = \
-L$(top_builddir)/src/.libs/ \
$(GEOIP_LDFLAGS) \
-lmodsecurity \
-lpthread \
-lm \
-lstdc++ \
$(GEOIP_LDFLAGS) \
$(MAXMIND_LDFLAGS) \
$(YAJL_LDFLAGS) \
$(LMDB_LDFLAGS) \
$(SSDEEP_LDFLAGS) \
$(LUA_LDFLAGS)
benchmark_CPPFLAGS = \
-I$(top_builddir)/headers \
$(GLOBAL_CPPFLAGS) \
$(PCRE_CFLAGS) \
$(LMDB_CFLAGS) \
$(LIBXML2_CFLAGS)
MAINTAINERCLEANFILES = \
Makefile.in

3
src/deps/src/modsecurity/test/benchmark/basic_rules.conf vendored Normal file
View file

@ -0,0 +1,3 @@
Include "../../modsecurity.conf-recommended"

176
src/deps/src/modsecurity/test/benchmark/benchmark.cc vendored Normal file
View file

@ -0,0 +1,176 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <string.h>
#include <ctime>
#include <iostream>
#include <string>
#include "modsecurity/rules_set.h"
#include "modsecurity/modsecurity.h"
using modsecurity::Transaction;
char request_uri[] = "/test.pl?param1=test&para2=test2";
unsigned char response_body[] = "" \
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r" \
"<soap:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" " \
"xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\" " \
"xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\">\n\r" \
" <soap:Body>\n\r" \
" <EnlightenResponse xmlns=\"http://clearforest.com/\">\n\r" \
" <EnlightenResult>string</EnlightenResult>\n\r" \
" </EnlightenResponse>\n\r" \
" </soap:Body>\n\r" \
"</soap:Envelope>\n\r";
char ip[] = "200.249.12.31";
char rules_file[] = "basic_rules.conf";
const char* const help_message = "Usage: benchmark [num_iterations|-h|-?|--help]";
int main(int argc, char *argv[]) {
unsigned long long NUM_REQUESTS(1000000);
if (argc > 1) {
if (0 == strcmp(argv[1], "-h") ||
0 == strcmp(argv[1], "-?") ||
0 == strcmp(argv[1], "--help")) {
std::cout << help_message << std::endl;
return 0;
}
errno = 0;
unsigned long long upper = strtoull(argv[1], 0, 10);
if (!errno && upper) {
NUM_REQUESTS = upper;
} else {
if (errno) {
perror("Invalid number of iterations");
} else {
std::cerr << "Failed to convert '" << argv[1] << "' to integer value" << std::endl
<< help_message << std::endl;
return -1;
}
}
}
std::cout << "Doing " << NUM_REQUESTS << " transactions...\n";
modsecurity::ModSecurity *modsec;
modsecurity::RulesSet *rules;
modsecurity::ModSecurityIntervention it;
modsecurity::intervention::clean(&it);
modsec = new modsecurity::ModSecurity();
modsec->setConnectorInformation("ModSecurity-benchmark v0.0.1-alpha" \
" (ModSecurity benchmark utility)");
rules = new modsecurity::RulesSet();
if (rules->loadFromUri(rules_file) < 0) {
std::cout << "Problems loading the rules..." << std::endl;
std::cout << rules->m_parserError.str() << std::endl;
return -1;
}
for (unsigned long long i = 0; i < NUM_REQUESTS; i++) {
//std::cout << "Proceeding with request " << i << std::endl;
Transaction *modsecTransaction = new Transaction(modsec, rules, NULL);
modsecTransaction->processConnection(ip, 12345, "127.0.0.1", 80);
if (modsecTransaction->intervention(&it)) {
std::cout << "There is an intervention" << std::endl;
goto next_request;
}
modsecTransaction->processURI(request_uri, "GET", "1.1");
if (modsecTransaction->intervention(&it)) {
std::cout << "There is an intervention" << std::endl;
goto next_request;
}
modsecTransaction->addRequestHeader("Host",
"net.tutsplus.com");
modsecTransaction->addRequestHeader("User-Agent",
"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) " \
"Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)");
modsecTransaction->addRequestHeader("Accept",
"text/html,application/xhtml+xml,application/xml;" \
"q=0.9,*/*;q=0.8");
modsecTransaction->addRequestHeader("Accept-Language",
"en-us,en;q=0.5");
modsecTransaction->addRequestHeader("Accept-Encoding",
"gzip,deflate");
modsecTransaction->addRequestHeader("Accept-Charset",
"ISO-8859-1,utf-8;q=0.7,*;q=0.7");
modsecTransaction->addRequestHeader("Keep-Alive",
"300");
modsecTransaction->addRequestHeader("Connection",
"keep-alive");
modsecTransaction->addRequestHeader("Cookie",
"PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120");
modsecTransaction->addRequestHeader("Pragma",
"no-cache");
modsecTransaction->addRequestHeader("Cache-Control",
"no-cache");
modsecTransaction->processRequestHeaders();
if (modsecTransaction->intervention(&it)) {
std::cout << "There is an intervention" << std::endl;
goto next_request;
}
modsecTransaction->processRequestBody();
if (modsecTransaction->intervention(&it)) {
std::cout << "There is an intervention" << std::endl;
goto next_request;
}
modsecTransaction->addResponseHeader("HTTP/1.1",
"200 OK");
modsecTransaction->addResponseHeader("Content-Type",
"text/xml; charset=utf-8");
modsecTransaction->addResponseHeader("Content-Length",
"200");
modsecTransaction->processResponseHeaders(200, "HTTP 1.2");
if (modsecTransaction->intervention(&it)) {
std::cout << "There is an intervention" << std::endl;
goto next_request;
}
modsecTransaction->appendResponseBody(response_body,
strlen((const char*)response_body));
modsecTransaction->processResponseBody();
if (modsecTransaction->intervention(&it)) {
std::cout << "There is an intervention" << std::endl;
goto next_request;
}
next_request:
modsecTransaction->processLogging();
delete modsecTransaction;
modsecurity::intervention::free(&it);
modsecurity::intervention::clean(&it);
}
delete rules;
delete modsec;
}

9
src/deps/src/modsecurity/test/benchmark/download-owasp-v3-rules.sh vendored Normal file
View file

@ -0,0 +1,9 @@
#!/bin/bash
git clone -c advice.detachedHead=false --depth 1 --branch v3.0.2 https://github.com/coreruleset/coreruleset.git owasp-v3
echo 'Include "owasp-v3/crs-setup.conf.example"' >> basic_rules.conf
echo 'Include "owasp-v3/rules/*.conf"' >> basic_rules.conf
echo "Done."

9
src/deps/src/modsecurity/test/benchmark/download-owasp-v4-rules.sh vendored Executable file
View file

@ -0,0 +1,9 @@
#!/bin/bash
git clone -c advice.detachedHead=false --depth 1 --branch v4.3.0 https://github.com/coreruleset/coreruleset.git owasp-v4
echo 'Include "owasp-v4/crs-setup.conf.example"' >> basic_rules.conf
echo 'Include "owasp-v4/rules/*.conf"' >> basic_rules.conf
echo "Done."

36
src/deps/src/modsecurity/test/coding_style_suppressions.txt vendored Normal file
View file

@ -0,0 +1,36 @@
./headers/modsecurity/rule.h:59
./others/
./src/audit_log/writer/https.cc:26
./src/audit_log/writer/parallel.cc:26
./src/collection/backend/in_memory-per_process.h:61
./src/config.h:0
./src/parser/driver.h:39
./src/seclang-parser.cc
./src/parser/seclang-parser.cc
./src/seclang-scanner.cc
./src/parser/seclang-scanner.cc
./src/request_body_processor/multipart.h:36
./src/utils/acmp.cc
./src/utils/acmp.h
./src/utils/mbedtls/
./src/utils/md5.h
./src/utils/msc_tree.cc
./src/utils/msc_tree.h
./test/benchmark/owasp-modsecurity-crs/
./test/fuzzer
./test/libfuzzer
./src/parser/seclang-parser.tab.cc
./src/unique_id.cc:226
./test/unit/unit.cc:84
./test/unit/unit.cc:82
./headers/modsecurity/rule.h:110
./test/regression/regression.cc:44
./test/benchmark/owasp-v3/util/av-scanning/runAV/common.h
./src/audit_log/writer/parallel.cc:28
./src/macro_expansion.c
./src/utils/string.h
./headers/modsecurity/rules_properties.h:369
./headers/modsecurity/rules_properties.h:370
./src/actions/transformations/url_decode_uni.cc
./test/unit/unit.cc:47
Total errors found

31
src/deps/src/modsecurity/test/common/colors.h vendored Normal file
View file

@ -0,0 +1,31 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#ifndef TEST_COMMON_COLORS_H_
#define TEST_COMMON_COLORS_H_
#define KNRM "\x1B[0m"
#define KRED "\x1B[31m"
#define KGRN "\x1B[32m"
#define KYEL "\x1B[33m"
#define KBLU "\x1B[34m"
#define KMAG "\x1B[35m"
#define KCYN "\x1B[36m"
#define KWHT "\x1B[97m"
#define RESET "\033[0m"
#endif // TEST_COMMON_COLORS_H_

168
src/deps/src/modsecurity/test/common/modsecurity_test.cc vendored Normal file
View file

@ -0,0 +1,168 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "test/common/modsecurity_test.h"
#ifdef WITH_YAJL
#include <yajl/yajl_tree.h>
#endif
#include <dirent.h>
#include <string.h>
#include <sys/stat.h>
#include <fstream>
#include <cstdlib>
#include <sstream>
#include <string>
#include <iostream>
#include "modsecurity/modsecurity.h"
namespace modsecurity_test {
template <class T>
std::string ModSecurityTest<T>::header() {
std::stringstream i;
i << "ModSecurity " << MODSECURITY_VERSION << " - tests" << std::endl;
#if not HAS_GETOPT
i << "(options are not available -- missing GetOpt)" << std::endl;
#endif
i << std::endl;
return i.str();
}
template <class T>
bool ModSecurityTest<T>::load_test_json(const std::string &file) {
char errbuf[1024];
yajl_val node;
std::ifstream myfile;
myfile.open(file.c_str());
if (myfile.is_open() == false) {
std::cout << "Problems opening file: " << file << std::endl;
return false;
}
std::string str((std::istreambuf_iterator<char>(myfile)),
std::istreambuf_iterator<char>());
node = yajl_tree_parse((const char *) str.c_str(), errbuf, sizeof(errbuf));
if (node == NULL) {
std::cout << "Problems parsing file: " << file << std::endl;
if (strlen(errbuf) > 0) {
std::cout << errbuf << std::endl;
}
return false;
}
size_t num_tests = node->u.array.len;
for ( int i = 0; i < num_tests; i++ ) {
yajl_val obj = node->u.array.values[i];
T *u = T::from_yajl_node(obj);
u->filename = file;
if (this->count(u->filename + ":" + u->name) == 0) {
auto vec = new std::vector<T *>;
vec->push_back(u);
std::string filename(u->filename + ":" + u->name);
this->insert({filename, vec});
} else {
auto vec = this->at(u->filename + ":" + u->name);
vec->push_back(u);
}
}
yajl_tree_free(node);
return true;
}
template <class T>
void
ModSecurityTest<T>::load_tests(const std::string &path) {
DIR *dir;
struct dirent *ent;
struct stat buffer;
if ((dir = opendir(path.c_str())) == nullptr) {
/* if target is a file, use it as a single test. */
if (stat(path.c_str(), &buffer) == 0) {
if (load_test_json(path) == false) {
std::cout << "Problems loading from: " << path;
std::cout << std::endl;
}
}
return;
}
while ((ent = readdir(dir)) != nullptr) {
std::string filename = ent->d_name;
std::string json = ".json";
if (filename.size() < json.size()
|| !std::equal(json.rbegin(), json.rend(), filename.rbegin())) {
continue;
}
if (load_test_json(path + "/" + filename) == false) {
std::cout << "Problems loading tests from: " << filename;
std::cout << std::endl;
}
}
closedir(dir);
}
template <class T>
void ModSecurityTest<T>::load_tests() {
load_tests(this->target);
}
template <class T>
void ModSecurityTest<T>::cmd_options(int argc, char **argv) {
int i = 1;
if (argc > i && strcmp(argv[i], "automake") == 0) {
i++;
m_automake_output = true;
}
if (argc > i && strcmp(argv[i], "countall") == 0) {
i++;
m_count_all = true;
}
if (argc > i && strcmp(argv[i], "mtstress") == 0) {
i++;
m_test_multithreaded = true;
}
if (std::getenv("AUTOMAKE_TESTS")) {
m_automake_output = true;
}
if (argc > i && argv[i]) {
this->target = argv[i];
size_t pos = this->target.find(":");
if (pos != std::string::npos) {
std::string test_numbers = std::string(this->target, pos + 1,
this->target.length() - pos);
this->target = std::string(this->target, 0, pos);
m_test_number = std::atoi(test_numbers.c_str());
}
} else {
this->target = default_test_path;
}
}
} // namespace modsecurity_test

60
src/deps/src/modsecurity/test/common/modsecurity_test.h vendored Normal file
View file

@ -0,0 +1,60 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <iostream>
#include <utility>
#include <string>
#include <vector>
#include <unordered_map>
#ifndef TEST_COMMON_MODSECURITY_TEST_H_
#define TEST_COMMON_MODSECURITY_TEST_H_
extern void print_help();
extern std::string default_test_path;
namespace modsecurity_test {
template <class T> class ModSecurityTest :
public std::unordered_map<std::string, std::vector<T *> *> {
public:
ModSecurityTest()
: m_test_number(0),
m_automake_output(false),
m_count_all(false),
m_test_multithreaded(false) { }
std::string header();
void cmd_options(int, char **);
void load_tests();
void load_tests(const std::string &path);
bool load_test_json(const std::string &file);
std::string target;
bool verbose = false;
bool color = false;
int m_test_number;
bool m_automake_output;
bool m_count_all;
bool m_test_multithreaded;
};
} // namespace modsecurity_test
#include "test/common/modsecurity_test.cc"
#endif // TEST_COMMON_MODSECURITY_TEST_H_

35
src/deps/src/modsecurity/test/common/modsecurity_test_results.h vendored Normal file
View file

@ -0,0 +1,35 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <iostream>
#include <unordered_map>
#include <vector>
#include <string>
#ifndef TEST_COMMON_MODSECURITY_TEST_RESULTS_H_
#define TEST_COMMON_MODSECURITY_TEST_RESULTS_H_
namespace modsecurity_test {
template <class T> class ModSecurityTestResults : public std::vector<T *> {
public:
std::string log_raw_debug_log;
int status;
std::string location;
};
} // namespace modsecurity_test
#endif // TEST_COMMON_MODSECURITY_TEST_RESULTS_H_

57
src/deps/src/modsecurity/test/cppcheck_suppressions.txt vendored Normal file
View file

@ -0,0 +1,57 @@
//
// Ignore libinjection related stuff.
//
*:others/libinjection/src/*
//
// Lets ignore mbedtls.
//
*:others/mbedtls/*
//
// Code imported from ModSecurity v2...
//
shiftNegative:src/utils/msc_tree.cc
*:src/utils/acmp.cc
*:src/utils/msc_tree.cc
//
// ModSecurity v3 code...
//
variableScope:src/operators/rx.cc
variableScope:src/operators/rx_global.cc
noExplicitConstructor:seclang-parser.hh
constParameter:seclang-parser.hh
accessMoved:seclang-parser.hh
returnTempReference:seclang-parser.hh
unreadVariable:src/operators/rx.cc
unreadVariable:src/operators/rx_global.cc
noExplicitConstructor:src/collection/backend/collection_data.h
stlIfStrFind:src/collection/backend/collection_data.cc
unusedFunction
missingIncludeSystem
useStlAlgorithm
preprocessorErrorDirective
funcArgNamesDifferent
missingInclude
purgedConfiguration
nullPointerRedundantCheck
knownConditionTrueFalse
cstyleCast
functionStatic
shadowFunction
stlcstrConstructor
stlcstrStream
uselessCallsSubstr
// Examples
memleak:examples/using_bodies_in_chunks/simple_request.cc

133
src/deps/src/modsecurity/test/custom-test-driver vendored Normal file
View file

@ -0,0 +1,133 @@
#! /bin/sh
# test-driver - basic testsuite driver script.
scriptversion=2013-07-13.22-modsec; # UTC
# Copyright (C) 2011-2014 Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# As a special exception to the GNU General Public License, if you
# distribute this file as part of a program that contains a
# configuration script generated by Autoconf, you may include it under
# the same distribution terms that you use for the rest of that program.
# This file is maintained in Automake, please report
# bugs to <bug-automake@gnu.org> or send patches to
# <automake-patches@gnu.org>.
# Make unconditional expansion of undefined variables an error. This
# helps a lot in preventing typo-related bugs.
set -u
usage_error ()
{
echo "$0: $*" >&2
print_usage >&2
exit 2
}
print_usage ()
{
cat <<END
Usage:
test-driver --test-name NAME --log-file PATH --trs-file PATH
[--expect-failure {yes|no}] [--color-tests {yes|no}]
[--enable-hard-errors {yes|no}] [--]
TEST-SCRIPT [TEST-SCRIPT-ARGUMENTS]
The '--test-name', '--log-file' and '--trs-file' options are mandatory.
END
}
test_name= # Used for reporting.
log_file= # Where to save the output of the test script.
trs_file= # Where to save the metadata of the test run.
expect_failure=no
color_tests=no
enable_hard_errors=yes
while test $# -gt 0; do
case $1 in
--help) print_usage; exit $?;;
--version) echo "test-driver $scriptversion"; exit $?;;
--test-name) test_name=$2; shift;;
--log-file) log_file=$2; shift;;
--trs-file) trs_file=$2; shift;;
--color-tests) color_tests=$2; shift;;
--expect-failure) expect_failure=$2; shift;;
--enable-hard-errors) enable_hard_errors=$2; shift;;
--) shift; break;;
-*) usage_error "invalid option: '$1'";;
*) break;;
esac
shift
done
missing_opts=
test x"$test_name" = x && missing_opts="$missing_opts --test-name"
test x"$log_file" = x && missing_opts="$missing_opts --log-file"
test x"$trs_file" = x && missing_opts="$missing_opts --trs-file"
if test x"$missing_opts" != x; then
usage_error "the following mandatory options are missing:$missing_opts"
fi
if test $# -eq 0; then
usage_error "missing argument"
fi
if test $color_tests = yes; then
# Keep this in sync with 'lib/am/check.am:$(am__tty_colors)'.
red='' # Red.
grn='' # Green.
lgn='' # Light green.
blu='' # Blue.
mgn='' # Magenta.
wht='' # White.
std='' # No color.
else
red= grn= lgn= blu= mgn= std= wht=
fi
do_exit='rm -f $log_file $trs_file; (exit $st); exit $st'
trap "st=129; $do_exit" 1
trap "st=130; $do_exit" 2
trap "st=141; $do_exit" 13
trap "st=143; $do_exit" 15
# Test script is run here.
"$@" >$log_file 2>&1
estatus=$?
cat $log_file >> $trs_file
tfail=`cat $log_file | egrep "^:test-result: FAIL" | wc -l`
tfail=`printf "%3d" $tfail`
tpass=`cat $log_file | egrep "^:test-result: PASS" | wc -l`
tpass=`printf "%4d" $tpass`
ttotal=`cat $log_file | egrep "^:test-result: " | wc -l`
ttotal=`printf "%4d" $ttotal`
# Report outcome to console.
if test ${tfail} -eq 0; then
echo "(${grn}${tpass}$std/${red}${tfail}$std/${wht}${ttotal}${std}): $test_name"
else
echo "(${grn}${tpass}$std/${red}${tfail}$std/${wht}${ttotal}${std}): ${red}$test_name${std}"
fi
# Local Variables:
# mode: shell-script
# sh-indentation: 2
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC"
# time-stamp-end: "; # UTC"
# End:

47
src/deps/src/modsecurity/test/fuzzer/Makefile.am vendored Normal file
View file

@ -0,0 +1,47 @@
# make clean
CLEANFILES =
# make maintainer-clean
MAINTAINERCLEANFILES = \
Makefile.in
noinst_PROGRAMS = afl_fuzzer
afl_fuzzer_SOURCES = \
afl_fuzzer.cc
afl_fuzzer_LDADD = \
$(GLOBAL_LDADD) \
$(CURL_LDADD) \
$(GEOIP_LDFLAGS) $(GEOIP_LDADD) \
$(PCRE_LDADD) \
$(YAJL_LDFLAGS) $(YAJL_LDADD) \
$(LMDB_LDFLAGS) $(LMDB_LDADD) \
$(MAXMIND_LDFLAGS) $(MAXMIND_LDADD) \
$(SSDEEP_LDFLAGS) $(SSDEEP_LDADD) \
$(LUA_LDFLAGS) $(LUA_LDADD) \
$(LIBXML2_LDADD) \
$(top_builddir)/src/.libs/libmodsecurity.a \
$(top_builddir)/others/libinjection.la \
$(top_builddir)/others/libmbedtls.la
afl_fuzzer_CPPFLAGS = \
-Icommon \
-I../ \
-I../../ \
-O0 \
-g \
-I$(top_builddir)/headers \
$(CURL_CFLAGS) \
$(GEOIP_CFLAGS) \
$(MAXMIND_CFLAGS) \
$(GLOBAL_CPPFLAGS) \
$(MODSEC_NO_LOGS) \
$(YAJL_CFLAGS) \
$(LMDB_CFLAGS) \
$(PCRE_CFLAGS) \
$(LIBXML2_CFLAGS)

283
src/deps/src/modsecurity/test/fuzzer/afl_fuzzer.cc vendored Normal file
View file

@ -0,0 +1,283 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <string.h>
#include "modsecurity/rules_set.h"
#include "modsecurity/modsecurity.h"
#include "src/actions/transformations/transformation.h"
/**
* for i in $(ls -l src/actions/transformations/*.h | awk {'print $9'}); do echo "#include \"$i\""; done;
*
*/
#include "src/actions/transformations/base64_decode.h"
#include "src/actions/transformations/base64_decode_ext.h"
#include "src/actions/transformations/base64_encode.h"
#include "src/actions/transformations/cmd_line.h"
#include "src/actions/transformations/compress_whitespace.h"
#include "src/actions/transformations/css_decode.h"
#include "src/actions/transformations/escape_seq_decode.h"
#include "src/actions/transformations/hex_decode.h"
#include "src/actions/transformations/hex_encode.h"
#include "src/actions/transformations/html_entity_decode.h"
#include "src/actions/transformations/js_decode.h"
#include "src/actions/transformations/length.h"
#include "src/actions/transformations/lower_case.h"
#include "src/actions/transformations/md5.h"
#include "src/actions/transformations/none.h"
#include "src/actions/transformations/normalise_path.h"
#include "src/actions/transformations/normalise_path_win.h"
#include "src/actions/transformations/parity_even_7bit.h"
#include "src/actions/transformations/parity_odd_7bit.h"
#include "src/actions/transformations/parity_zero_7bit.h"
#include "src/actions/transformations/remove_comments.h"
#include "src/actions/transformations/remove_comments_char.h"
#include "src/actions/transformations/remove_nulls.h"
#include "src/actions/transformations/remove_whitespace.h"
#include "src/actions/transformations/replace_comments.h"
#include "src/actions/transformations/replace_nulls.h"
#include "src/actions/transformations/sha1.h"
#include "src/actions/transformations/sql_hex_decode.h"
#include "src/actions/transformations/transformation.h"
#include "src/actions/transformations/trim.h"
#include "src/actions/transformations/trim_left.h"
#include "src/actions/transformations/trim_right.h"
#include "src/actions/transformations/upper_case.h"
#include "src/actions/transformations/url_decode.h"
#include "src/actions/transformations/url_decode_uni.h"
#include "src/actions/transformations/url_encode.h"
#include "src/actions/transformations/utf8_to_unicode.h"
/**
* for i in $(ls -l src/operators/*.h | awk {'print $9'}); do echo "#include \"$i\""; done;
*
*/
#include "src/operators/begins_with.h"
#include "src/operators/contains.h"
#include "src/operators/contains_word.h"
#include "src/operators/detect_sqli.h"
#include "src/operators/detect_xss.h"
#include "src/operators/ends_with.h"
#include "src/operators/eq.h"
#include "src/operators/fuzzy_hash.h"
#include "src/operators/ge.h"
#include "src/operators/geo_lookup.h"
#include "src/operators/gsblookup.h"
#include "src/operators/gt.h"
#include "src/operators/inspect_file.h"
#include "src/operators/ip_match_f.h"
#include "src/operators/ip_match_from_file.h"
#include "src/operators/ip_match.h"
#include "src/operators/le.h"
#include "src/operators/lt.h"
#include "src/operators/no_match.h"
#include "src/operators/operator.h"
#include "src/operators/pm_f.h"
#include "src/operators/pm_from_file.h"
#include "src/operators/pm.h"
#include "src/operators/rbl.h"
#include "src/operators/rsub.h"
#include "src/operators/rx.h"
#include "src/operators/str_eq.h"
#include "src/operators/str_match.h"
#include "src/operators/unconditional_match.h"
#include "src/operators/validate_byte_range.h"
#include "src/operators/validate_dtd.h"
#include "src/operators/validate_hash.h"
#include "src/operators/validate_schema.h"
#include "src/operators/validate_url_encoding.h"
#include "src/operators/validate_utf8_encoding.h"
#include "src/operators/verify_cc.h"
#include "src/operators/verify_cpf.h"
#include "src/operators/verify_ssn.h"
#include "src/operators/within.h"
using namespace modsecurity::actions::transformations;
using namespace modsecurity::operators;
using namespace modsecurity;
#include <stdio.h>
#include <stdlib.h>
#ifndef WIN32
#include <unistd.h>
#else
#include <io.h>
#endif
#include <signal.h>
#include <string.h>
inline void op_test(const std::string &opName, const std::string &s) {
Operator *op = Operator::instantiate(opName, "");
op->init("", nullptr);
op->evaluate(nullptr, nullptr, s, nullptr);
delete op;
}
int main(int argc, char** argv) {
uint8_t buf[128];
#if 0
std::string lastString;
#endif
while (__AFL_LOOP(1000)) {
ssize_t read_bytes;
// (re-) initialize the library and read new input
memset(buf, 0, 128);
read_bytes = read(STDIN_FILENO, buf, 128);
std::string currentString = std::string(read_bytes, 128);
std::string s = currentString;
#if 0
std::string z = lastString;
#endif
ModSecurity *ms = new ModSecurity();
RulesSet *rules = new RulesSet();
// Here it is possible to load a real transaction from a JSON.
// like we do on the regression tests.
Transaction *t = new Transaction(ms, rules, NULL);
/**
* Transformations, generated by:
*
* for i in $(grep "class " -Ri src/actions/transformations/* | grep " :" | grep -v "InstantCache" | awk {'print $2'}); do echo $i *$(echo $i | awk '{print tolower($0)}') = new $i\(\"$i\"\)\; $(echo $i | awk '{print tolower($0)}')-\>evaluate\(s, NULL\)\; delete $(echo $i | awk '{print tolower($0)}')\;; done;
*
*/
Base64Decode *base64decode = new Base64Decode("Base64Decode"); base64decode->evaluate(s, NULL); delete base64decode;
Base64DecodeExt *base64decodeext = new Base64DecodeExt("Base64DecodeExt"); base64decodeext->evaluate(s, NULL); delete base64decodeext;
Base64Encode *base64encode = new Base64Encode("Base64Encode"); base64encode->evaluate(s, NULL); delete base64encode;
CmdLine *cmdline = new CmdLine("CmdLine"); cmdline->evaluate(s, NULL); delete cmdline;
CompressWhitespace *compresswhitespace = new CompressWhitespace("CompressWhitespace"); compresswhitespace->evaluate(s, NULL); delete compresswhitespace;
CssDecode *cssdecode = new CssDecode("CssDecode"); cssdecode->evaluate(s, NULL); delete cssdecode;
EscapeSeqDecode *escapeseqdecode = new EscapeSeqDecode("EscapeSeqDecode"); escapeseqdecode->evaluate(s, NULL); delete escapeseqdecode;
HexDecode *hexdecode = new HexDecode("HexDecode"); hexdecode->evaluate(s, NULL); delete hexdecode;
HexEncode *hexencode = new HexEncode("HexEncode"); hexencode->evaluate(s, NULL); delete hexencode;
HtmlEntityDecode *htmlentitydecode = new HtmlEntityDecode("HtmlEntityDecode"); htmlentitydecode->evaluate(s, NULL); delete htmlentitydecode;
JsDecode *jsdecode = new JsDecode("JsDecode"); jsdecode->evaluate(s, NULL); delete jsdecode;
Length *length = new Length("Length"); length->evaluate(s, NULL); delete length;
LowerCase *lowercase = new LowerCase("LowerCase"); lowercase->evaluate(s, NULL); delete lowercase;
Md5 *md5 = new Md5("Md5"); md5->evaluate(s, NULL); delete md5;
None *none = new None("None"); none->evaluate(s, NULL); delete none;
NormalisePath *normalisepath = new NormalisePath("NormalisePath"); normalisepath->evaluate(s, NULL); delete normalisepath;
NormalisePathWin *normalisepathwin = new NormalisePathWin("NormalisePathWin"); normalisepathwin->evaluate(s, NULL); delete normalisepathwin;
ParityEven7bit *parityeven7bit = new ParityEven7bit("ParityEven7bit"); parityeven7bit->evaluate(s, NULL); delete parityeven7bit;
ParityOdd7bit *parityodd7bit = new ParityOdd7bit("ParityOdd7bit"); parityodd7bit->evaluate(s, NULL); delete parityodd7bit;
ParityZero7bit *parityzero7bit = new ParityZero7bit("ParityZero7bit"); parityzero7bit->evaluate(s, NULL); delete parityzero7bit;
RemoveComments *removecomments = new RemoveComments("RemoveComments"); removecomments->evaluate(s, NULL); delete removecomments;
RemoveCommentsChar *removecommentschar = new RemoveCommentsChar("RemoveCommentsChar"); removecommentschar->evaluate(s, NULL); delete removecommentschar;
RemoveNulls *removenulls = new RemoveNulls("RemoveNulls"); removenulls->evaluate(s, NULL); delete removenulls;
RemoveWhitespace *removewhitespace = new RemoveWhitespace("RemoveWhitespace"); removewhitespace->evaluate(s, NULL); delete removewhitespace;
ReplaceComments *replacecomments = new ReplaceComments("ReplaceComments"); replacecomments->evaluate(s, NULL); delete replacecomments;
ReplaceNulls *replacenulls = new ReplaceNulls("ReplaceNulls"); replacenulls->evaluate(s, NULL); delete replacenulls;
Sha1 *sha1 = new Sha1("Sha1"); sha1->evaluate(s, NULL); delete sha1;
SqlHexDecode *sqlhexdecode = new SqlHexDecode("SqlHexDecode"); sqlhexdecode->evaluate(s, NULL); delete sqlhexdecode;
Transformation *transformation = new Transformation("Transformation"); transformation->evaluate(s, NULL); delete transformation;
Trim *trim = new Trim("Trim"); trim->evaluate(s, NULL); delete trim;
TrimLeft *trimleft = new TrimLeft("TrimLeft"); trimleft->evaluate(s, NULL); delete trimleft;
TrimRight *trimright = new TrimRight("TrimRight"); trimright->evaluate(s, NULL); delete trimright;
UpperCase *uppercase = new UpperCase("UpperCase"); uppercase->evaluate(s, NULL); delete uppercase;
UrlDecode *urldecode = new UrlDecode("UrlDecode"); urldecode->evaluate(s, NULL); delete urldecode;
UrlDecodeUni *urldecodeuni = new UrlDecodeUni("UrlDecodeUni"); urldecodeuni->evaluate(s, NULL); delete urldecodeuni;
UrlEncode *urlencode = new UrlEncode("UrlEncode"); urlencode->evaluate(s, NULL); delete urlencode;
Utf8ToUnicode *utf8tounicode = new Utf8ToUnicode("Utf8ToUnicode"); utf8tounicode->evaluate(s, NULL); delete utf8tounicode;
/**
* Operators, generated by:
*
* for i in $(grep "class " -Ri src/operators/* | grep " :" | awk {'print $2'}); do echo $i *$(echo $i | awk '{print tolower($0)}') = new $i\(\"$i\", z, false\)\; $(echo $i | awk '{print tolower($0)}')-\>evaluate\(t, s\)\; delete $(echo $i | awk '{print tolower($0)}')\;; done;
*
*/
op_test("BeginsWith", s);
op_test("Contains", s);
op_test("ContainsWord", s);
op_test("DetectSQLi", s);
op_test("DetectXSS", s);
op_test("EndsWith", s);
op_test("Eq", s);
//op_test("FuzzyHash", s);
op_test("Ge", s);
//op_test("GeoLookup", s);
//op_test("GsbLookup", s);
op_test("Gt", s);
//op_test("InspectFile", s);
//op_test("IpMatchF", s);
//op_test("IpMatchFromFile", s);
op_test("IpMatch", s);
op_test("Le", s);
op_test("Lt", s);
op_test("NoMatch", s);
//op_test("PmF", s);
//op_test("PmFromFile", s);
op_test("Pm", s);
op_test("Rbl", s);
op_test("Rsub", s);
op_test("Rx", s);
op_test("StrEq", s);
op_test("StrMatch", s);
op_test("UnconditionalMatch", s);
//op_test("ValidateByteRange", s);
//op_test("ValidateDTD", s);
//op_test("ValidateHash", s);
//op_test("ValidateSchema", s);
//op_test("ValidateUrlEncoding", s);
op_test("ValidateUtf8Encoding", s);
op_test("VerifyCC", s);
op_test("VerifyCPF", s);
op_test("VerifySSN", s);
op_test("VerifySVNR", s);
op_test("Within", s);
/**
* ModSec API
*
*/
#if 0
t->processConnection(s.c_str(), 123, s.c_str(), 123);
t->processURI(s.c_str(), z.c_str(), z.c_str());
t->addRequestHeader(s, z);
t->addRequestHeader(s, s);
t->addRequestHeader(z, z);
t->addRequestHeader(z, s);
t->processRequestHeaders();
t->appendRequestBody((const unsigned char *)s.c_str(), s.length());
t->processRequestBody();
t->addResponseHeader(s, z);
t->addResponseHeader(s, s);
t->addResponseHeader(z, z);
t->addResponseHeader(z, s);
t->processResponseHeaders();
t->appendResponseBody((const unsigned char *)s.c_str(), s.length());
t->processResponseBody();
#endif
delete t;
delete rules;
delete ms;
#if 0
lastString = currentString;
#endif
}
return 0;
}

134
src/deps/src/modsecurity/test/optimization/optimization.cc vendored Normal file
View file

@ -0,0 +1,134 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2023 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <string.h>
#include <ctime>
#include <iostream>
#include <string>
#include <list>
#include "modsecurity/rules_set_properties.h"
#include "modsecurity/rules_set.h"
#include "modsecurity/modsecurity.h"
#include "src/utils/system.h"
#include "src/parser/driver.h"
#include "src/utils/https_client.h"
#include "modsecurity/transaction.h"
#include "modsecurity/rule_unconditional.h"
#include "modsecurity/rule_with_operator.h"
void print_help() {
std::cout << "Use ./optimization /path/to/files.something" << std::endl;
std::cout << std::endl;
std::cout << std::endl;
}
int main(int argc, char **argv) {
modsecurity::RulesSet *modsecRules = new modsecurity::RulesSet();
std::list<std::string> files;
int total = 0;
int p = 1;
while (p < argc) {
std::list<std::string> tfiles = modsecurity::utils::expandEnv(
argv[p], 0);
for (const auto &file : tfiles) {
files.insert(files.begin(), file);
}
p++;
}
for (auto &x : files) {
std::cout << "Loading file: " << x << std::endl;
if (modsecRules->loadFromUri(x.c_str()) < 0) {
std::cout << "Not able to load the rules" << std::endl;
std::cout << modsecRules->getParserError() << std::endl;
delete modsecRules;
return -1;
}
}
std::cout << std::endl;
std::cout << std::endl;
std::cout << "Rules optimization" << std::endl;
std::cout << std::endl;
int nphases = modsecurity::Phases::NUMBER_OF_PHASES;
for (int j = 0; j < nphases; j++) {
Rules *rules = modsecRules->m_rulesSetPhases[j];
if (rules->size() == 0) {
continue;
}
std::cout << "Phase: " << std::to_string(j);
std::cout << " (" << std::to_string(rules->size());
std::cout << " rules)" << std::endl;
std::unordered_map<std::string, int> operators;
for (int i = 0; i < rules->size(); i++) {
auto z = rules->at(i);
if (z == NULL) {
continue;
}
if (dynamic_cast<modsecurity::RuleUnconditional *>(z.get())) {
std::string op = "Unconditional";
if (operators.count(op) > 0) {
operators[op] = 1 + operators[op];
} else {
operators[op] = 1;
}
}
if (auto rwo = dynamic_cast<modsecurity::RuleWithOperator *>(z.get())) {
std::string op = rwo->getOperatorName();
if (operators.count(op) > 0) {
operators[op] = 1 + operators[op];
} else {
operators[op] = 1;
}
}
}
if (operators.empty()) {
std::cout << " ~ no SecRule found ~ " << std::endl;
continue;
}
std::cout << " Operators" << std::endl;
for (const auto &z : operators) {
const auto &s = z.second;
std::cout << " " << std::left << std::setw(20) << z.first;
std::cout << std::right << std::setw(4) << s;
std::cout << std::endl;
}
total += rules->size();
}
std::cout << std::endl;
std::cout << "Total of: " << std::to_string(total) << " rules.";
std::cout << std::endl;
std::cout << std::endl;
std::cout << std::endl;
delete modsecRules;
return 0;
}

4
src/deps/src/modsecurity/test/regression-tests-valgrind.sh vendored Normal file
View file

@ -0,0 +1,4 @@
#!/usr/bin/env bash
valgrind --tool=massif ./regression_tests $*
valgrind --leak-check=full --suppressions=./valgrind_suppressions.txt ./regression_tests $*

55
src/deps/src/modsecurity/test/regression/custom_debug_log.cc vendored Normal file
View file

@ -0,0 +1,55 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "test/regression/custom_debug_log.h"
#include <iostream>
#include <string>
#include "modsecurity/debug_log.h"
#include "src/utils/regex.h"
namespace modsecurity_test {
CustomDebugLog::~CustomDebugLog() { }
void CustomDebugLog::write(int level, const std::string& message) {
m_log << "[" << level << "] " << message << std::endl;
}
void CustomDebugLog::write(int level, const std::string &id,
const std::string &uri, const std::string &msg) {
std::string msgf = "[" + std::to_string(level) + "] " + msg;
msgf = "[" + id + "] [" + uri + "] " + msgf;
m_log << msgf << std::endl;
}
bool const CustomDebugLog::contains(const std::string& pattern) const {
modsecurity::Utils::Regex re(pattern);
std::string s = m_log.str();
return modsecurity::Utils::regex_search(s, re);
}
std::string const CustomDebugLog::log_messages() const {
return m_log.str();
}
int CustomDebugLog::getDebugLogLevel() {
return 9;
}
} // namespace modsecurity_test

45
src/deps/src/modsecurity/test/regression/custom_debug_log.h vendored Normal file
View file

@ -0,0 +1,45 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <sstream>
#include <string>
#include "modsecurity/debug_log.h"
#ifndef TEST_REGRESSION_CUSTOM_DEBUG_LOG_H_
#define TEST_REGRESSION_CUSTOM_DEBUG_LOG_H_
namespace modsecurity_test {
class CustomDebugLog : public modsecurity::debug_log::DebugLog {
public:
CustomDebugLog *new_instance();
~CustomDebugLog();
void write(int level, const std::string& message) override;
void write(int level, const std::string &id,
const std::string &uri, const std::string &msg) override;
bool const contains(const std::string& pattern) const;
std::string const log_messages() const;
std::string error_log_messages();
int getDebugLogLevel() override;
private:
std::stringstream m_log;
};
} // namespace modsecurity_test
#endif // TEST_REGRESSION_CUSTOM_DEBUG_LOG_H_

622
src/deps/src/modsecurity/test/regression/regression.cc vendored Normal file
View file

@ -0,0 +1,622 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2023 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <string.h>
#ifndef WIN32
#include <unistd.h>
#else
#include <io.h>
#endif
#include <ctime>
#include <iostream>
#include <string>
#include <list>
#include <algorithm>
#include "modsecurity/rules_set.h"
#include "modsecurity/modsecurity.h"
#include "test/common/modsecurity_test.h"
#include "test/common/colors.h"
#include "test/regression/regression_test.h"
#include "test/common/modsecurity_test_results.h"
#include "test/regression/custom_debug_log.h"
#include "src/utils/regex.h"
using modsecurity_test::CustomDebugLog;
using modsecurity_test::ModSecurityTest;
using modsecurity_test::ModSecurityTestResults;
using modsecurity_test::RegressionTest;
using modsecurity_test::RegressionTestResult;
using modsecurity::Utils::regex_search;
using modsecurity::Utils::SMatch;
using modsecurity::Utils::Regex;
std::string default_test_path = "test-cases/regression";
std::list<std::string> resources;
void print_help() {
std::cout << "Use ./regression-tests /path/to/file" << std::endl;
std::cout << std::endl;
std::cout << std::endl;
}
bool contains(const std::string &s, const std::string &pattern) {
bool ret;
modsecurity::Utils::Regex re(pattern);
ret = modsecurity::Utils::regex_search(s, re);
return ret;
}
void clearAuditLog(const std::string &filename) {
if (!filename.empty()) {
std::ofstream file{filename.c_str(), std::ofstream::out | std::ofstream::trunc};
if (!file.is_open() || file.fail()) {
std::cout << std::endl << "Failed to clear previous contents of audit log: " \
<< filename << std::endl;
}
}
}
std::string getAuditLogContent(const std::string &filename) {
std::stringstream buffer;
if (!filename.empty()) {
try {
std::ifstream t(filename);
buffer << t.rdbuf();
} catch (...) {
std::cout << "Failed to read file:" << filename << std::endl;
}
}
return buffer.str();
}
void actions(ModSecurityTestResults<RegressionTest> *r,
modsecurity::Transaction *a, std::stringstream *serverLog) {
modsecurity::ModSecurityIntervention it;
memset(&it, '\0', sizeof(modsecurity::ModSecurityIntervention));
it.status = 200;
if (a->intervention(&it) == true) {
if (it.pause != 0) {
// FIXME:
}
if (it.status != 0) {
r->status = it.status;
}
if (it.url != NULL) {
r->location.append(it.url);
free(it.url);
it.url = NULL;
}
if (it.log != NULL) {
*serverLog << it.log;
free(it.log);
it.log = NULL;
}
}
}
void logCb(void *data, const void *msgv) {
const char *msg = reinterpret_cast<const char*>(msgv);
std::stringstream *ss = (std::stringstream *) data;
*ss << msg << std::endl;
}
void perform_unit_test(ModSecurityTest<RegressionTest> *test,
std::vector<RegressionTest *> *tests,
ModSecurityTestResults<RegressionTestResult> *res, int *count) {
for (RegressionTest *t : *tests) {
CustomDebugLog *debug_log = new CustomDebugLog();
modsecurity::ModSecurity *modsec = NULL;
modsecurity::RulesSet *modsec_rules = NULL;
modsecurity::Transaction *modsec_transaction = NULL;
ModSecurityTestResults<RegressionTest> r;
std::stringstream serverLog;
RegressionTestResult *testRes = new RegressionTestResult();
testRes->test = t;
r.status = 200;
(*count)++;
size_t offset = t->filename.find_last_of("/\\");
std::string filename("");
if (offset != std::string::npos) {
filename = std::string(t->filename, offset + 1,
t->filename.length() - offset - 1);
} else {
filename = t->filename;
}
if (!test->m_automake_output) {
std::cout << std::setw(3) << std::right <<
std::to_string(*count) << " ";
std::cout << std::setw(50) << std::left << filename;
std::cout << std::setw(70) << std::left << t->name;
}
if (t->enabled == 0) {
if (test->m_automake_output) {
std::cout << ":test-result: SKIP" << filename \
<< ":" << t->name << std::endl;
} else {
std::cout << KCYN << "disabled" << RESET << std::endl;
}
res->push_back(testRes);
testRes->disabled = true;
testRes->reason << "JSON disabled";
continue;
}
#ifdef WITH_LMDB
// some tests (e.g. issue-1831.json) don't like it when data persists between runs
unlink("./modsec-shared-collections");
unlink("./modsec-shared-collections-lock");
#endif
modsec = new modsecurity::ModSecurity();
modsec->setConnectorInformation("ModSecurity-regression v0.0.1-alpha" \
" (ModSecurity regression test utility)");
modsec->setServerLogCb(logCb);
modsec_rules = new modsecurity::RulesSet(debug_log);
bool found = true;
if (t->resource.empty() == false) {
found = (std::find(resources.begin(), resources.end(), t->resource)
!= resources.end());
}
if (!found) {
testRes->passed = false;
testRes->skipped = true;
testRes->reason << KCYN << "ModSecurity was not " << std::endl;
testRes->reason << KCYN << "compiled with support " << std::endl;
testRes->reason << KCYN << "to: " << t->resource << std::endl;
testRes->reason << RESET << std::endl;
if (test->m_automake_output) {
std::cout << ":test-result: SKIP " << filename \
<< ":" << t->name << std::endl;
} else {
std::cout << KCYN << "skipped!" << RESET << std::endl;
}
res->push_back(testRes);
delete modsec_transaction;
delete modsec_rules;
delete modsec;
continue;
}
modsec_rules->load("SecDebugLogLevel 9");
if (modsec_rules->load(t->rules.c_str(), filename) < 0) {
/* Parser error */
if (t->parser_error.empty() == true) {
/*
* Not expecting any error, thus return the error to
* the user.
*/
if (test->m_automake_output) {
std::cout << ":test-result: FAIL " << filename \
<< ":" << t->name << ":" << *count << std::endl;
} else {
std::cout << KRED << "failed!" << RESET << std::endl;
}
testRes->reason << KRED << "parse failed." << RESET \
<< std::endl;
testRes->reason << modsec_rules->getParserError() \
<< std::endl;
testRes->passed = false;
res->push_back(testRes);
delete modsec_transaction;
delete modsec_rules;
delete modsec;
continue;
}
Regex re(t->parser_error);
SMatch match;
std::string s = modsec_rules->getParserError();
if (regex_search(s, &match, re)) {
if (test->m_automake_output) {
std::cout << ":test-result: PASS " << filename \
<< ":" << t->name << std::endl;
} else {
std::cout << KGRN << "passed!" << RESET << std::endl;
}
/* Parser error was expected, thus, the test passed. */
testRes->reason << KGRN << "passed!" << RESET << std::endl;
testRes->passed = true;
res->push_back(testRes);
delete modsec_transaction;
delete modsec_rules;
delete modsec;
continue;
} else {
/* Parser error was expected, but with a different content */
if (test->m_automake_output) {
std::cout << ":test-result: FAIL " << filename \
<< ":" << t->name << ":" << *count << std::endl;
} else {
std::cout << KRED << "failed!" << RESET << std::endl;
}
testRes->reason << KRED << "failed!" << RESET << std::endl;
testRes->reason << KWHT << "Expected a parser error." \
<< RESET << std::endl;
testRes->reason << KWHT << "Expected: " << RESET \
<< t->parser_error << std::endl;
testRes->reason << KWHT << "Produced: " << RESET \
<< s << std::endl;
testRes->passed = false;
res->push_back(testRes);
delete modsec_transaction;
delete modsec_rules;
delete modsec;
continue;
}
} else {
/* Parser error was expected but never happened */
if (t->parser_error.empty() == false) {
if (test->m_automake_output) {
std::cout << ":test-result: FAIL " << filename \
<< ":" << t->name << ":" << *count << std::endl;
} else {
std::cout << KRED << "failed!" << RESET << std::endl;
std::cout << KWHT << "Expected a parser error." \
<< RESET << std::endl;
std::cout << KWHT << "Expected: " << RESET \
<< t->parser_error << std::endl;
}
testRes->passed = false;
res->push_back(testRes);
delete modsec_transaction;
delete modsec_rules;
delete modsec;
continue;
}
}
modsec_transaction = new modsecurity::Transaction(modsec, modsec_rules,
&serverLog);
clearAuditLog(modsec_transaction->m_rules->m_auditLog->m_path1);
modsec_transaction->processConnection(t->clientIp.c_str(),
t->clientPort, t->serverIp.c_str(), t->serverPort);
if (t->hostname != "") {
modsec_transaction->setRequestHostName(t->hostname);
}
actions(&r, modsec_transaction, &serverLog);
#if 0
if (r.status != 200) {
goto end;
}
#endif
modsec_transaction->processURI(t->uri.c_str(), t->method.c_str(),
t->httpVersion.c_str());
actions(&r, modsec_transaction, &serverLog);
#if 0
if (r.status != 200) {
goto end;
}
#endif
for (std::pair<std::string, std::string> headers :
t->request_headers) {
modsec_transaction->addRequestHeader(headers.first.c_str(),
headers.second.c_str());
}
modsec_transaction->processRequestHeaders();
actions(&r, modsec_transaction, &serverLog);
#if 0
if (r.status != 200) {
goto end;
}
#endif
modsec_transaction->appendRequestBody(
(unsigned char *)t->request_body.c_str(),
t->request_body.size());
modsec_transaction->processRequestBody();
actions(&r, modsec_transaction, &serverLog);
#if 0
if (r.status != 200) {
goto end;
}
#endif
for (std::pair<std::string, std::string> headers :
t->response_headers) {
modsec_transaction->addResponseHeader(headers.first.c_str(),
headers.second.c_str());
}
modsec_transaction->processResponseHeaders(r.status,
t->response_protocol);
actions(&r, modsec_transaction, &serverLog);
#if 0
if (r.status != 200) {
goto end;
}
#endif
modsec_transaction->appendResponseBody(
(unsigned char *)t->response_body.c_str(),
t->response_body.size());
modsec_transaction->processResponseBody();
actions(&r, modsec_transaction, &serverLog);
#if 0
if (r.status != 200) {
goto end;
}
#endif
#if 0
end:
#endif
modsec_transaction->processLogging();
CustomDebugLog *d = reinterpret_cast<CustomDebugLog *>
(modsec_rules->m_debugLog);
if (d != NULL) {
if (!d->contains(t->debug_log)) {
if (test->m_automake_output) {
std::cout << ":test-result: FAIL " << filename \
<< ":" << t->name << ":" << *count << std::endl;
} else {
std::cout << KRED << "failed!" << RESET << std::endl;
}
testRes->reason << "Debug log was not matching the " \
<< "expected results." << std::endl;
testRes->reason << KWHT << "Expecting: " << RESET \
<< t->debug_log + "";
testRes->passed = false;
} else if (r.status != t->http_code) {
if (test->m_automake_output) {
std::cout << ":test-result: FAIL " << filename \
<< ":" << t->name << ":" << *count << std::endl;
} else {
std::cout << KRED << "failed!" << RESET << std::endl;
}
testRes->reason << "HTTP code mismatch. expecting: " + \
std::to_string(t->http_code) + \
" got: " + std::to_string(r.status) + "\n";
testRes->passed = false;
} else if (!contains(serverLog.str(), t->error_log)) {
if (test->m_automake_output) {
std::cout << ":test-result: FAIL " << filename \
<< ":" << t->name << std::endl;
} else {
std::cout << KRED << "failed!" << RESET << std::endl;
}
testRes->reason << "Error log was not matching the " \
<< "expected results." << std::endl;
testRes->reason << KWHT << "Expecting: " << RESET \
<< t->error_log + "";
testRes->passed = false;
} else if (!t->audit_log.empty()
&& !contains(getAuditLogContent(modsec_transaction->m_rules->m_auditLog->m_path1), t->audit_log)) {
if (test->m_automake_output) {
std::cout << ":test-result: FAIL " << filename \
<< ":" << t->name << ":" << *count << std::endl;
} else {
std::cout << KRED << "failed!" << RESET << std::endl;
}
testRes->reason << "Audit log was not matching the " \
<< "expected results." << std::endl;
testRes->reason << KWHT << "Expecting: " << RESET \
<< t->audit_log + "";
testRes->passed = false;
} else {
if (test->m_automake_output) {
std::cout << ":test-result: PASS " << filename \
<< ":" << t->name << std::endl;
} else {
std::cout << KGRN << "passed!" << RESET << std::endl;
}
testRes->passed = true;
goto after_debug_log;
}
if (testRes->passed == false) {
testRes->reason << std::endl;
testRes->reason << KWHT << "Debug log:" << RESET << std::endl;
testRes->reason << d->log_messages() << std::endl;
testRes->reason << KWHT << "Error log:" << RESET << std::endl;
testRes->reason << serverLog.str() << std::endl;
testRes->reason << KWHT << "Audit log:" << RESET << std::endl;
testRes->reason << getAuditLogContent(modsec_transaction->m_rules->m_auditLog->m_path1) << std::endl;
}
}
after_debug_log:
if (d != NULL) {
r.log_raw_debug_log = d->log_messages();
}
delete modsec_transaction;
delete modsec_rules;
delete modsec;
/* delete debug_log; */
res->push_back(testRes);
}
}
int main(int argc, char **argv) {
ModSecurityTest<RegressionTest> test;
std::string ver(MODSECURITY_VERSION);
std::string envvar("ModSecurity " + ver + " regression tests");
#ifndef WIN32
setenv("MODSECURITY", envvar.c_str(), 1);
#else
_putenv_s("MODSECURITY", envvar.c_str());
#endif
#ifndef NO_LOGS
int test_number = 0;
#endif
#if defined(WITH_GEOIP) or defined(WITH_MAXMIND)
resources.push_back("geoip-or-maxmind");
#endif
#if defined(WITH_MAXMIND)
resources.push_back("maxmind");
#endif
#if defined(WITH_GEOIP)
resources.push_back("geoip");
#endif
#ifdef WITH_CURL
resources.push_back("curl");
#endif
#ifdef WITH_SSDEEP
resources.push_back("ssdeep");
#endif
#ifdef WITH_LUA
resources.push_back("lua");
#endif
#ifdef WITH_LIBXML2
resources.push_back("libxml2");
#endif
#ifdef NO_LOGS
std::cout << "Test utility cannot work without logging support." \
<< std::endl;
return 0;
#else
test.cmd_options(argc, argv);
if (!test.m_automake_output && !test.m_count_all) {
std::cout << test.header();
}
test.load_tests();
if (!test.m_automake_output && !test.m_count_all) {
std::cout << std::setw(4) << std::right << "# ";
std::cout << std::setw(50) << std::left << "File Name";
std::cout << std::setw(70) << std::left << "Test Name";
std::cout << std::setw(10) << std::left << "Passed?";
std::cout << std::endl;
std::cout << std::setw(4) << std::right << "--- ";
std::cout << std::setw(50) << std::left << "---------";
std::cout << std::setw(70) << std::left << "---------";
std::cout << std::setw(10) << std::left << "-------";
std::cout << std::endl;
}
int counter = 0;
std::list<std::string> keyList;
for (std::pair<std::string, std::vector<RegressionTest *> *> a : test) {
keyList.push_back(a.first);
}
keyList.sort();
if (test.m_count_all) {
std::cout << std::to_string(keyList.size()) << std::endl;
exit(0);
}
ModSecurityTestResults<RegressionTestResult> res;
for (const std::string &a : keyList) {
test_number++;
if ((test.m_test_number == 0)
|| (test_number == test.m_test_number)) {
std::vector<RegressionTest *> *tests = test[a];
perform_unit_test(&test, tests, &res, &counter);
}
}
std::cout << std::endl;
int passed = 0;
int failed = 0;
int disabled = 0;
int skipped = 0;
for (RegressionTestResult *r : res) {
if (r->skipped == true) {
skipped++;
}
if (r->disabled == true) {
disabled++;
}
if (r->passed == true) {
passed++;
}
if (!r->passed && !r->skipped && !r->disabled) {
if (!test.m_automake_output) {
std::cout << KRED << "Test failed." << RESET << KWHT \
<< " From: " \
<< RESET << r->test->filename << "." << std::endl;
std::cout << KWHT << "Test name: " << RESET \
<< r->test->name \
<< "." << std::endl;
std::cout << KWHT << "Reason: " << RESET << std::endl;
std::cout << r->reason.str() << std::endl;
}
failed++;
}
delete r;
}
if (!test.m_automake_output) {
std::cout << "Ran a total of: " << std::to_string(failed + passed) \
<< " regression tests - ";
if (failed == 0) {
std::cout << KGRN << "All tests passed. " << RESET;
} else {
std::cout << KRED << failed << " failed. " << RESET;
}
std::cout << KCYN << std::to_string(skipped) << " ";
std::cout << "skipped test(s). " << std::to_string(disabled) << " ";
std::cout << "disabled test(s)." << RESET << std::endl;
}
for (std::pair<std::string, std::vector<RegressionTest *> *> a : test) {
std::vector<RegressionTest *> *vec = a.second;
for (int i = 0; i < vec->size(); i++) {
delete vec->at(i);
}
delete vec;
}
return failed;
#endif
}

221
src/deps/src/modsecurity/test/regression/regression_test.cc vendored Normal file
View file

@ -0,0 +1,221 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include "test/regression/regression_test.h"
#include <string.h>
#include <sstream>
#include <unordered_map>
#include <string>
namespace modsecurity_test {
std::string RegressionTest::print() {
std::stringstream i;
#if 0
i << KRED << "Test failed." << RESET << " From: " \
i << this->filename << std::endl;
i << "{" << std::endl;
i << " \"ret\": \"" << this->ret << "\"" << std::endl;
i << " \"type\": \"" << this->type << "\"" << std::endl;
i << " \"name\": \"" << this->name << "\"" << std::endl;
i << " \"input\": \"" << this->input << "\"" << std::endl;
i << " \"param\": \"" << this->param << "\"" << std::endl;
i << "}" << std::endl;
i << "Expecting: " << this->ret << " - operator returned: " << \
this->obtained << std::endl;
#endif
return i.str();
}
inline std::string RegressionTest::yajl_array_to_str(const yajl_val &node) {
std::stringstream i;
for (int z = 0; z < node->u.array.len; z++) {
yajl_val val3 = node->u.array.values[z];
const char *key = YAJL_GET_STRING(val3);
i << key << "\n";
}
return i.str();
}
inline std::vector<std::string> RegressionTest::yajl_array_to_vec_str(
const yajl_val &node) {
std::vector<std::string> vec;
for (int z = 0; z < node->u.array.len; z++) {
yajl_val val3 = node->u.array.values[z];
const char *key = YAJL_GET_STRING(val3);
vec.push_back(key);
}
return vec;
}
inline std::vector<std::pair<std::string, std::string>>
RegressionTest::yajl_array_to_map(const yajl_val &node) {
std::vector<std::pair<std::string, std::string>> vec;
for (int z = 0; z < node->u.object.len; z++) {
const char *key = node->u.object.keys[z];
yajl_val val3 = node->u.object.values[z];
const char *value = YAJL_GET_STRING(val3);
std::pair<std::string, std::string> a(key, value);
vec.push_back(a);
}
return vec;
}
RegressionTest *RegressionTest::from_yajl_node(const yajl_val &node) {
size_t nelem = node->u.object.len;
RegressionTest *u = new RegressionTest();
u->http_code = 200;
for (int i = 0; i < nelem; i++) {
const char *key = node->u.object.keys[ i ];
yajl_val val = node->u.object.values[ i ];
if (strcmp(key, "enabled") == 0) {
u->enabled = YAJL_GET_INTEGER(val);
}
if (strcmp(key, "version_min") == 0) {
u->version_min = YAJL_GET_INTEGER(val);
}
if (strcmp(key, "version_max") == 0) {
u->version_max = YAJL_GET_INTEGER(val);
}
if (strcmp(key, "title") == 0) {
u->title = YAJL_GET_STRING(val);
}
if (strcmp(key, "url") == 0) {
u->url = YAJL_GET_STRING(val);
}
if (strcmp(key, "resource") == 0) {
u->resource = YAJL_GET_STRING(val);
}
if (strcmp(key, "github_issue") == 0) {
u->github_issue = YAJL_GET_INTEGER(val);
}
if (strcmp(key, "client") == 0) {
for (int j = 0; j < val->u.object.len; j++) {
const char *key2 = val->u.object.keys[j];
yajl_val val2 = val->u.object.values[j];
if (strcmp(key2, "ip") == 0) {
u->clientIp = YAJL_GET_STRING(val2);
}
if (strcmp(key2, "port") == 0) {
u->clientPort = YAJL_GET_INTEGER(val2);
}
}
}
if (strcmp(key, "server") == 0) {
for (int j = 0; j < val->u.object.len; j++) {
const char *key2 = val->u.object.keys[j];
yajl_val val2 = val->u.object.values[j];
if (strcmp(key2, "ip") == 0) {
u->serverIp = YAJL_GET_STRING(val2);
}
if (strcmp(key2, "port") == 0) {
u->serverPort = YAJL_GET_INTEGER(val2);
}
if (strcmp(key2, "hostname") == 0) {
u->hostname = YAJL_GET_STRING(val2);
}
}
}
if (strcmp(key, "request") == 0) {
for (int j = 0; j < val->u.object.len; j++) {
const char *key2 = val->u.object.keys[j];
yajl_val val2 = val->u.object.values[j];
if (strcmp(key2, "uri") == 0) {
u->uri = YAJL_GET_STRING(val2);
}
if (strcmp(key2, "method") == 0) {
u->method = YAJL_GET_STRING(val2);
}
if (strcmp(key2, "http_version") == 0) {
u->httpVersion = YAJL_GET_NUMBER(val2);
}
if (strcmp(key2, "headers") == 0) {
u->request_headers = yajl_array_to_map(val2);
}
if (strcmp(key2, "body") == 0) {
u->request_body = yajl_array_to_str(val2);
}
}
}
if (strcmp(key, "response") == 0) {
for (int j = 0; j < val->u.object.len; j++) {
const char *key2 = val->u.object.keys[j];
yajl_val val2 = val->u.object.values[j];
if (strcmp(key2, "headers") == 0) {
u->response_headers = yajl_array_to_map(val2);
}
if (strcmp(key2, "body") == 0) {
u->response_body = yajl_array_to_str(val2);
}
if (strcmp(key2, "protocol") == 0) {
u->response_protocol = YAJL_GET_STRING(val2);
}
}
}
if (strcmp(key, "expected") == 0) {
for (int j = 0; j < val->u.object.len; j++) {
const char *key2 = val->u.object.keys[j];
yajl_val val2 = val->u.object.values[j];
if (strcmp(key2, "audit_log") == 0) {
u->audit_log = YAJL_GET_STRING(val2);
}
if (strcmp(key2, "debug_log") == 0) {
u->debug_log = YAJL_GET_STRING(val2);
}
if (strcmp(key2, "error_log") == 0) {
u->error_log = YAJL_GET_STRING(val2);
}
if (strcmp(key2, "http_code") == 0) {
u->http_code = YAJL_GET_INTEGER(val2);
}
if (strcmp(key2, "redirect_url") == 0) {
u->redirect_url = YAJL_GET_STRING(val2);
}
if (strcmp(key2, "parser_error") == 0) {
u->parser_error = YAJL_GET_STRING(val2);
}
}
}
if (strcmp(key, "rules") == 0) {
std::stringstream si;
for (int j = 0; j < val->u.array.len; j++) {
yajl_val val2 = val->u.array.values[ j ];
const char *keyj = YAJL_GET_STRING(val2);
si << keyj << "\n";
}
u->rules = si.str();
}
}
u->name = u->title;
return u;
}
} // namespace modsecurity_test

100
src/deps/src/modsecurity/test/regression/regression_test.h vendored Normal file
View file

@ -0,0 +1,100 @@
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address security@modsecurity.org.
*
*/
#include <yajl/yajl_tree.h>
#include <iostream>
#include <sstream>
#include <unordered_map>
#include <map>
#include <vector>
#include <string>
#include <utility>
#ifndef TEST_REGRESSION_REGRESSION_TEST_H_
#define TEST_REGRESSION_REGRESSION_TEST_H_
namespace modsecurity_test {
class RegressionTest {
public:
static RegressionTest *from_yajl_node(const yajl_val &);
static std::string print();
std::string filename;
std::string name;
std::string title;
std::string rules;
std::string url;
int enabled;
int version_min;
int version_max;
int github_issue;
std::vector<std::pair<std::string, std::string>> request_headers;
std::vector<std::pair<std::string, std::string>> response_headers;
std::string request_body;
std::string response_body;
std::string response_protocol;
std::string audit_log;
std::string debug_log;
std::string error_log;
std::string parser_error;
std::string clientIp;
std::string serverIp;
int clientPort;
int serverPort;
std::string hostname;
std::string method;
std::string httpVersion;
std::string uri;
std::string resource;
static inline std::string yajl_array_to_str(const yajl_val &node);
static inline std::vector<std::string> yajl_array_to_vec_str(
const yajl_val &node);
static inline std::vector<std::pair<std::string, std::string>>
yajl_array_to_map(const yajl_val &node);
int http_code;
std::string redirect_url;
};
class RegressionTestResult {
public:
RegressionTestResult() :
passed(false),
skipped(false),
disabled(false),
test(NULL) { }
bool passed;
bool skipped;
bool disabled;
RegressionTest *test;
std::stringstream reason;
};
} // namespace modsecurity_test
#endif // TEST_REGRESSION_REGRESSION_TEST_H_

44
src/deps/src/modsecurity/test/test-cases/data/GeoIP2-City-Test-source.json vendored Normal file
View file

@ -0,0 +1,44 @@
[
{
"::200.249.12.31/120" : {
"continent" : {
"code" : "SA",
"geoname_id" : 123,
"names" : {
"en" : "South America",
"pt-BR" : "America do Sul"
}
},
"country" : {
"geoname_id" : 123,
"iso_code" : "BR",
"names" : {
"en" : "Brazil",
"pt-BR" : "Brasil"
}
},
"location" : {
"accuracy_radius" : 100,
"latitude" : "-8.051502",
"longitude" : "-34.874919"
},
"registered_country" : {
"geoname_id" : 123,
"iso_code" : "BR",
"names" : {
"en" : "Brazil",
"pt-BR" : "Brasil"
}
},
"postal": {
"code": "50040090"
},
"city": {
"names": {
"en": "Recife"
}
}
}
}
]

BIN
src/deps/src/modsecurity/test/test-cases/data/GeoIP2-City-Test.mmdb vendored Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 3.1 KiB

8
src/deps/src/modsecurity/test/test-cases/data/SoapEnvelope-bad.dtd vendored Normal file
View file

@ -0,0 +1,8 @@
<!-- A stupid Soap DTD example -->
<!ELEMENT Envelope (Header?,Body)>
<!ELEMENT Header (#PCDATA)>
<!ELEMENT Body (getInput)>
<!ELEMENT getInput (id)>
<!ELEMENT id (#PCDATA)>
<!ATLIST id type CDATA #REQUIRED>

126
src/deps/src/modsecurity/test/test-cases/data/SoapEnvelope-bad.xsd vendored Normal file
View file

@ -0,0 +1,126 @@
<?xml version='1.0' encoding='UTF-8' ?>
<!-- Schema for the SOAP/1.1 envelope
Portions © 2001 DevelopMentor.
© 2001 W3C (Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved.
This document is governed by the W3C Software License [1] as described in the FAQ [2].
[1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
[2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
By obtaining, using and/or copying this work, you (the licensee) agree that you have read, understood, and will comply with the following terms and conditions:
Permission to use, copy, modify, and distribute this software and its documentation, with or without modification, for any purpose and without fee or royalty is hereby granted, provided that you include the following on ALL copies of the software and documentation or portions thereof, including modifications, that you make:
1. The full text of this NOTICE in a location viewable to users of the redistributed or derivative work.
2. Any pre-existing intellectual property disclaimers, notices, or terms and conditions. If none exist, a short notice of the following form (hypertext is preferred, text is permitted) should be used within the body of any redistributed or derivative code: "Copyright © 2001 World Wide Web Consortium, (Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved. http://www.w3.org/Consortium/Legal/"
3. Notice of any changes or modifications to the W3C files, including the date changes were made. (We recommend you provide URIs to the location from which the code is derived.)
Original W3C files; http://www.w3.org/2001/06/soap-envelope
Changes made:
- reverted namespace to http://schemas.xmlsoap.org/soap/envelope/
- reverted mustUnderstand to only allow 0 and 1 as lexical values
- made encodingStyle a global attribute 20020825
- removed default value from mustUnderstand attribute declaration
THIS SOFTWARE AND DOCUMENTATION IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS.
COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE SOFTWARE OR DOCUMENTATION.
The name and trademarks of copyright holders may NOT be used in advertising or publicity pertaining to the software without specific, written prior permission. Title to copyright in this software and any associated documentation will at all times remain with copyright holders.
-->
<xs:chema xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:tns="http://schemas.xmlsoap.org/soap/envelope/"
targetNamespace="http://schemas.xmlsoap.org/soap/envelope/" >
<!-- Envelope, header and body -->
<xs:element name="Envelope" type="tns:Envelope" />
<xs:complexType name="Envelope" >
<xs:sequence>
<xs:element ref="tns:Header" minOccurs="0" />
<xs:element ref="tns:Body" minOccurs="1" />
<xs:any namespace="##other" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##other" processContents="lax" />
</xs:complexType>
<xs:element name="Header" type="tns:Header" />
<xs:complexType name="Header" >
<xs:sequence>
<xs:any namespace="##other" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##other" processContents="lax" />
</xs:complexType>
<xs:element name="Body" type="tns:Body" />
<xs:complexType name="Body" >
<xs:sequence>
<xs:any namespace="##any" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##any" processContents="lax" >
<xs:annotation>
<xs:documentation>
Prose in the spec does not specify that attributes are allowed on the Body element
</xs:documentation>
</xs:annotation>
</xs:anyAttribute>
</xs:complexType>
<!-- Global Attributes. The following attributes are intended to be usable via qualified attribute names on any complex type referencing them. -->
<xs:attribute name="mustUnderstand" >
<xs:simpleType>
<xs:restriction base='xs:boolean'>
<xs:pattern value='0|1' />
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="actor" type="xs:anyURI" />
<xs:simpleType name="encodingStyle" >
<xs:annotation>
<xs:documentation>
'encodingStyle' indicates any canonicalization conventions followed in the contents of the containing element. For example, the value 'http://schemas.xmlsoap.org/soap/encoding/' indicates the pattern described in SOAP specification
</xs:documentation>
</xs:annotation>
<xs:list itemType="xs:anyURI" />
</xs:simpleType>
<xs:attribute name="encodingStyle" type="tns:encodingStyle" />
<xs:attributeGroup name="encodingStyle" >
<xs:attribute ref="tns:encodingStyle" />
</xs:attributeGroup>
<xs:element name="Fault" type="tns:Fault" />
<xs:complexType name="Fault" final="extension" >
<xs:annotation>
<xs:documentation>
Fault reporting structure
</xs:documentation>
</xs:annotation>
<xs:sequence>
<xs:element name="faultcode" type="xs:QName" />
<xs:element name="faultstring" type="xs:string" />
<xs:element name="faultactor" type="xs:anyURI" minOccurs="0" />
<xs:element name="detail" type="tns:detail" minOccurs="0" />
</xs:sequence>
</xs:complexType>
<xs:complexType name="detail">
<xs:sequence>
<xs:any namespace="##any" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##any" processContents="lax" />
</xs:complexType>
</xs:schema>

8
src/deps/src/modsecurity/test/test-cases/data/SoapEnvelope.dtd vendored Normal file
View file

@ -0,0 +1,8 @@
<!-- A stupid Soap DTD example -->
<!ELEMENT Envelope (Header?,Body)>
<!ELEMENT Header (#PCDATA)>
<!ELEMENT Body (getInput)>
<!ELEMENT getInput (id)>
<!ELEMENT id (#PCDATA)>
<!ATTLIST id type CDATA #REQUIRED>

126
src/deps/src/modsecurity/test/test-cases/data/SoapEnvelope.xsd vendored Normal file
View file

@ -0,0 +1,126 @@
<?xml version='1.0' encoding='UTF-8' ?>
<!-- Schema for the SOAP/1.1 envelope
Portions © 2001 DevelopMentor.
© 2001 W3C (Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved.
This document is governed by the W3C Software License [1] as described in the FAQ [2].
[1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
[2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
By obtaining, using and/or copying this work, you (the licensee) agree that you have read, understood, and will comply with the following terms and conditions:
Permission to use, copy, modify, and distribute this software and its documentation, with or without modification, for any purpose and without fee or royalty is hereby granted, provided that you include the following on ALL copies of the software and documentation or portions thereof, including modifications, that you make:
1. The full text of this NOTICE in a location viewable to users of the redistributed or derivative work.
2. Any pre-existing intellectual property disclaimers, notices, or terms and conditions. If none exist, a short notice of the following form (hypertext is preferred, text is permitted) should be used within the body of any redistributed or derivative code: "Copyright © 2001 World Wide Web Consortium, (Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved. http://www.w3.org/Consortium/Legal/"
3. Notice of any changes or modifications to the W3C files, including the date changes were made. (We recommend you provide URIs to the location from which the code is derived.)
Original W3C files; http://www.w3.org/2001/06/soap-envelope
Changes made:
- reverted namespace to http://schemas.xmlsoap.org/soap/envelope/
- reverted mustUnderstand to only allow 0 and 1 as lexical values
- made encodingStyle a global attribute 20020825
- removed default value from mustUnderstand attribute declaration
THIS SOFTWARE AND DOCUMENTATION IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS.
COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE SOFTWARE OR DOCUMENTATION.
The name and trademarks of copyright holders may NOT be used in advertising or publicity pertaining to the software without specific, written prior permission. Title to copyright in this software and any associated documentation will at all times remain with copyright holders.
-->
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:tns="http://schemas.xmlsoap.org/soap/envelope/"
targetNamespace="http://schemas.xmlsoap.org/soap/envelope/" >
<!-- Envelope, header and body -->
<xs:element name="Envelope" type="tns:Envelope" />
<xs:complexType name="Envelope" >
<xs:sequence>
<xs:element ref="tns:Header" minOccurs="0" />
<xs:element ref="tns:Body" minOccurs="1" />
<xs:any namespace="##other" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##other" processContents="lax" />
</xs:complexType>
<xs:element name="Header" type="tns:Header" />
<xs:complexType name="Header" >
<xs:sequence>
<xs:any namespace="##other" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##other" processContents="lax" />
</xs:complexType>
<xs:element name="Body" type="tns:Body" />
<xs:complexType name="Body" >
<xs:sequence>
<xs:any namespace="##any" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##any" processContents="lax" >
<xs:annotation>
<xs:documentation>
Prose in the spec does not specify that attributes are allowed on the Body element
</xs:documentation>
</xs:annotation>
</xs:anyAttribute>
</xs:complexType>
<!-- Global Attributes. The following attributes are intended to be usable via qualified attribute names on any complex type referencing them. -->
<xs:attribute name="mustUnderstand" >
<xs:simpleType>
<xs:restriction base='xs:boolean'>
<xs:pattern value='0|1' />
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="actor" type="xs:anyURI" />
<xs:simpleType name="encodingStyle" >
<xs:annotation>
<xs:documentation>
'encodingStyle' indicates any canonicalization conventions followed in the contents of the containing element. For example, the value 'http://schemas.xmlsoap.org/soap/encoding/' indicates the pattern described in SOAP specification
</xs:documentation>
</xs:annotation>
<xs:list itemType="xs:anyURI" />
</xs:simpleType>
<xs:attribute name="encodingStyle" type="tns:encodingStyle" />
<xs:attributeGroup name="encodingStyle" >
<xs:attribute ref="tns:encodingStyle" />
</xs:attributeGroup>
<xs:element name="Fault" type="tns:Fault" />
<xs:complexType name="Fault" final="extension" >
<xs:annotation>
<xs:documentation>
Fault reporting structure
</xs:documentation>
</xs:annotation>
<xs:sequence>
<xs:element name="faultcode" type="xs:QName" />
<xs:element name="faultstring" type="xs:string" />
<xs:element name="faultactor" type="xs:anyURI" minOccurs="0" />
<xs:element name="detail" type="tns:detail" minOccurs="0" />
</xs:sequence>
</xs:complexType>
<xs:complexType name="detail">
<xs:sequence>
<xs:any namespace="##any" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##any" processContents="lax" />
</xs:complexType>
</xs:schema>

126
src/deps/src/modsecurity/test/test-cases/data/SoapEnvelope2.xsd vendored Normal file
View file

@ -0,0 +1,126 @@
<?xml version='1.0' encoding='UTF-8' ?>
<!-- Schema for the SOAP/1.1 envelope
Portions © 2001 DevelopMentor.
© 2001 W3C (Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved.
This document is governed by the W3C Software License [1] as described in the FAQ [2].
[1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
[2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
By obtaining, using and/or copying this work, you (the licensee) agree that you have read, understood, and will comply with the following terms and conditions:
Permission to use, copy, modify, and distribute this software and its documentation, with or without modification, for any purpose and without fee or royalty is hereby granted, provided that you include the following on ALL copies of the software and documentation or portions thereof, including modifications, that you make:
1. The full text of this NOTICE in a location viewable to users of the redistributed or derivative work.
2. Any pre-existing intellectual property disclaimers, notices, or terms and conditions. If none exist, a short notice of the following form (hypertext is preferred, text is permitted) should be used within the body of any redistributed or derivative code: "Copyright © 2001 World Wide Web Consortium, (Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved. http://www.w3.org/Consortium/Legal/"
3. Notice of any changes or modifications to the W3C files, including the date changes were made. (We recommend you provide URIs to the location from which the code is derived.)
Original W3C files; http://www.w3.org/2001/06/soap-envelope
Changes made:
- reverted namespace to http://schemas.xmlsoap.org/soap/envelope/
- reverted mustUnderstand to only allow 0 and 1 as lexical values
- made encodingStyle a global attribute 20020825
- removed default value from mustUnderstand attribute declaration
THIS SOFTWARE AND DOCUMENTATION IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS.
COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE SOFTWARE OR DOCUMENTATION.
The name and trademarks of copyright holders may NOT be used in advertising or publicity pertaining to the software without specific, written prior permission. Title to copyright in this software and any associated documentation will at all times remain with copyright holders.
-->
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:tns="http://schemas.xmlsoap.org/soap/envelope/"
targetNamespace="http://schemas.xmlsoap.org/soap/envelope/" >
<!-- Envelope, header and body -->
<xs:element name="Envelope" type="tns:Envelope" />
<xs:complexType name="Envelope" >
<xs:sequence>
<xs:element ref="tns:Header" minOccurs="0" />
<xs:element ref="tns:Body" minOccurs="1" />
<xs:any namespace="##other" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##other" processContents="lax" />
</xs:complexType>
<xs:element name="Header" type="tns:Header" />
<xs:complexType name="Header" >
<xs:sequence>
<xs:any namespace="##other" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##other" processContents="lax" />
</xs:complexType>
<xs:element name="Body" type="tns:Body" />
<xs:complexType name="Body" >
<xs:sequence>
<xs:any namespace="##any" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##any" processContents="lax" >
<xs:annotation>
<xs:documentation>
Prose in the spec does not specify that attributes are allowed on the Body element
</xs:documentation>
</xs:annotation>
</xs:anyAttribute>
</xs:complexType>
<!-- Global Attributes. The following attributes are intended to be usable via qualified attribute names on any complex type referencing them. -->
<xs:attribute name="mustUnderstand" >
<xs:simpleType>
<xs:restriction base='xs:boolean'>
<xs:pattern value='0|1' />
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="actor" type="xs:anyURI" />
<xs:simpleType name="encodingStyle" >
<xs:annotation>
<xs:documentation>
'encodingStyle' indicates any canonicalization conventions followed in the contents of the containing element. For example, the value 'http://schemas.xmlsoap.org/soap/encoding/' indicates the pattern described in SOAP specification
</xs:documentation>
</xs:annotation>
<xs:list itemType="xs:anyURI" />
</xs:simpleType>
<xs:attribute name="encodingStyle" type="tns:encodingStyle" />
<xs:attributeGroup name="encodingStyle" >
<xs:attribute ref="tns:encodingStyle" />
</xs:attributeGroup>
<xs:element name="Fault" type="tns:Fault" />
<xs:complexType name="Fault" final="extension" >
<xs:annotation>
<xs:documentation>
Fault reporting structure
</xs:documentation>
</xs:annotation>
<xs:sequence>
<xs:element name="faultcode" type="xs:QName" />
<xs:element name="faultstring" type="xs:string" />
<xs:element name="faultactor" type="xs:anyURI" minOccurs="0" />
<xs:element name="detail" type="tns:detail" minOccurs="0" />
</xs:sequence>
</xs:complexType>
<xs:complexType name="detail">
<xs:sequence>
<xs:any namespace="##any" minOccurs="0" maxOccurs="unbounded" processContents="lax" />
</xs:sequence>
<xs:anyAttribute namespace="##any" processContents="lax" />
</xs:complexType>
</xs:schema>

198
src/deps/src/modsecurity/test/test-cases/data/big-file.conf vendored Normal file
View file

@ -0,0 +1,198 @@
# 1
# 2
# 3
# 4
# 5
# 6
# 7
# 8
# 10
# 11
# 12
SecRule TX:PARANOIA_LEVEL "@lt 1" "phase:1,id:930011,nolog,pass,skipAfter:END-REQUEST-930-APPLICATION-ATTACK-LFI"
SecRule TX:PARANOIA_LEVEL "@lt 1" "phase:2,id:930012,nolog,pass,skipAfter:END-REQUEST-930-APPLICATION-ATTACK-LFI"
# 18
# 19
# 20
# 22
# 23
# 24
# 25
# 26
# 27
# 28
SecRule REQUEST_URI_RAW|REQUEST_BODY|REQUEST_HEADERS|!REQUEST_HEADERS:Referer|XML:/* "(?i)(?:\x5c|(?:%(?:c(?:0%(?:[2aq]f|5c|9v)|1%(?:[19p]c|8s|af))|2(?:5(?:c(?:0%25af|1%259c)|2f|5c)|%46|f)|(?:(?:f(?:8%8)?0%8|e)0%80%a|bg%q)f|%3(?:2(?:%(?:%6|4)6|F)|5%%63)|u(?:221[56]|002f|EFC8|F025)|1u|5c)|0x(?:2f|5c)|\/))(?:%(?:(?:f(?:(?:c%80|8)%8)?0%8|e)0%80%ae|2(?:(?:5(?:c0%25a|2))?e|%45)|u(?:(?:002|ff0)e|2024)|%32(?:%(?:%6|4)5|E)|c0(?:%[256aef]e|\.))|\.(?:%0[01]|\?)?|\?\.?|0x2e){2}(?:\x5c|(?:%(?:c(?:0%(?:[2aq]f|5c|9v)|1%(?:[19p]c|8s|af))|2(?:5(?:c(?:0%25af|1%259c)|2f|5c)|%46|f)|(?:(?:f(?:8%8)?0%8|e)0%80%a|bg%q)f|%3(?:2(?:%(?:%6|4)6|F)|5%%63)|u(?:221[56]|002f|EFC8|F025)|1u|5c)|0x(?:2f|5c)|\/))|test1" \
"phase:request,\
msg:'Path Traversal Attack (/../)',\
id:930100,\
ver:'OWASP_CRS/3.0.0',\
rev:'3',\
maturity:'9',\
accuracy:'7',\
t:none,\
block,\
severity:CRITICAL,\
logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',\
capture,\
tag:'application-multi',\
tag:'language-multi',\
tag:'platform-multi',\
tag:'attack-lfi',\
tag:'OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL',\
setvar:'tx.msg=%{rule.msg}',\
setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},\
setvar:tx.lfi_score=+%{tx.critical_anomaly_score},\
setvar:'tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL-%{matched_var_name}=%{matched_var}'"
# 52
# 53
# 54
SecRule REQUEST_URI|REQUEST_BODY|REQUEST_HEADERS|!REQUEST_HEADERS:Referer|XML:/* "@pm test2" \
"phase:request,\
msg:'Path Traversal Attack (/../)',\
id:930110,\
ver:'OWASP_CRS/3.0.0',\
rev:'1',\
maturity:'9',\
accuracy:'7',\
multiMatch,\
t:none,t:utf8toUnicode,t:urlDecodeUni,t:removeNulls,t:cmdLine,\
block,\
severity:CRITICAL,\
logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',\
capture,\
tag:'application-multi',\
tag:'language-multi',\
tag:'platform-multi',\
tag:'attack-lfi',\
tag:'OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL',\
setvar:'tx.msg=%{rule.msg}',\
setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},\
setvar:tx.lfi_score=+%{tx.critical_anomaly_score},\
setvar:'tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/DIR_TRAVERSAL-%{matched_var_name}=%{matched_var}'"
# 79
# 80
# 81
# 82
# 83
SecRule REQUEST_COOKIES|!REQUEST_COOKIES:/__utm/|REQUEST_COOKIES_NAMES|ARGS_NAMES|ARGS|XML:/* "@pm test3" \
"phase:request,\
msg:'OS File Access Attempt',\
rev:'4',\
ver:'OWASP_CRS/3.0.0',\
maturity:'9',\
accuracy:'9',\
capture,\
t:none,t:utf8toUnicode,t:urlDecodeUni,t:normalizePathWin,t:lowercase,\
block,\
id:930120,\
tag:'application-multi',\
tag:'language-multi',\
tag:'platform-multi',\
tag:'attack-lfi',\
tag:'OWASP_CRS/WEB_ATTACK/FILE_INJECTION',\
tag:'WASCTC/WASC-33',\
tag:'OWASP_TOP_10/A4',\
tag:'PCI/6.5.4',\
logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',\
severity:'CRITICAL',\
setvar:'tx.msg=%{rule.msg}',\
setvar:tx.lfi_score=+%{tx.critical_anomaly_score},\
setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},\
setvar:tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/FILE_INJECTION-%{matched_var_name}=%{tx.0}"
# 110
# 111
# 112
# 113
# 114
# 115
SecRule REQUEST_FILENAME|ARGS "@pm test4" \
"phase:request,\
msg:'Restricted File Access Attempt',\
rev:'1',\
ver:'OWASP_CRS/3.0.0',\
maturity:'7',\
accuracy:'8',\
capture,\
t:none,t:utf8toUnicode,t:urlDecodeUni,t:normalizePathWin,t:lowercase,\
block,\
id:930130,\
tag:'application-multi',\
tag:'language-multi',\
tag:'platform-multi',\
tag:'attack-lfi',\
tag:'OWASP_CRS/WEB_ATTACK/FILE_INJECTION',\
tag:'WASCTC/WASC-33',\
tag:'OWASP_TOP_10/A4',\
tag:'PCI/6.5.4',\
logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',\
severity:'CRITICAL',\
setvar:'tx.msg=%{rule.msg}',\
setvar:tx.lfi_score=+%{tx.critical_anomaly_score},\
setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},\
setvar:tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/FILE_INJECTION-%{matched_var_name}=%{tx.0}"
SecRule TX:PARANOIA_LEVEL "@lt 2" "phase:1,id:930013,nolog,pass,skipAfter:END-REQUEST-930-APPLICATION-ATTACK-LFI"
SecRule TX:PARANOIA_LEVEL "@lt 2" "phase:2,id:930014,nolog,pass,skipAfter:END-REQUEST-930-APPLICATION-ATTACK-LFI"
# 146
# 147
# 148
SecRule TX:PARANOIA_LEVEL "@lt 3" "phase:1,id:930015,nolog,pass,skipAfter:END-REQUEST-930-APPLICATION-ATTACK-LFI"
SecRule TX:PARANOIA_LEVEL "@lt 3" "phase:2,id:930016,nolog,pass,skipAfter:END-REQUEST-930-APPLICATION-ATTACK-LFI"
# 154
# 155
# 156
SecRule TX:PARANOIA_LEVEL "@lt 4" "phase:1,id:930017,nolog,pass,skipAfter:END-REQUEST-930-APPLICATION-ATTACK-LFI"
SecRule TX:PARANOIA_LEVEL "@lt 4" "phase:2,id:930018,nolog,pass,skipAfter:END-REQUEST-930-APPLICATION-ATTACK-LFI"
# 162
# 163
# 164
# 168
# 169
# 170
SecMarker "END-REQUEST-930-APPLICATION-ATTACK-LFI"
# 172
SecRule REQUEST_FILENAME|ARGS "@pm test5" \
"phase:request,\
msg:'Restricted File Access Attempt',\
rev:'1',\
ver:'OWASP_CRS/3.0.0',\
maturity:'7',\
accuracy:'8',\
capture,\
t:none,t:utf8toUnicode,t:urlDecodeUni,t:normalizePathWin,t:lowercase,\
block,\
id:9304130,\
tag:'application-multi',\
tag:'language-multi',\
tag:'platform-multi',\
tag:'attack-lfi',\
tag:'OWASP_CRS/WEB_ATTACK/FILE_INJECTION',\
tag:'WASCTC/WASC-33',\
tag:'OWASP_TOP_10/A4',\
tag:'PCI/6.5.4',\
logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}',\
severity:'CRITICAL',\
setvar:'tx.msg=%{rule.msg}',\
setvar:tx.lfi_score=+%{tx.critical_anomaly_score},\
setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},\
setvar:tx.%{rule.id}-OWASP_CRS/WEB_ATTACK/FILE_INJECTION-%{matched_var_name}=%{tx.0}"

2
src/deps/src/modsecurity/test/test-cases/data/config_example-bad-op-include.txt vendored Normal file
View file

@ -0,0 +1,2 @@
SecRule ARGS "@contains config_example" "id:10,pass,t:trim"
SecRule ARGS 123 "@missingOperator config_example" "id:11,pass,t:trim"

1
src/deps/src/modsecurity/test/test-cases/data/config_example-ops-include.txt vendored Normal file
View file

@ -0,0 +1 @@
Include test-cases/data/config_example-not-exist.txt

2
src/deps/src/modsecurity/test/test-cases/data/config_example.txt vendored Normal file
View file

@ -0,0 +1,2 @@
Include test-cases/data/config_example2.txt
SecRule ARGS "@contains config_example" "id:101,pass,t:trim"

1
src/deps/src/modsecurity/test/test-cases/data/config_example2.txt vendored Normal file
View file

@ -0,0 +1 @@
SecRule ARGS "@contains config_example2" "id:40,pass,t:trim"

2
src/deps/src/modsecurity/test/test-cases/data/config_example3.txt vendored Normal file
View file

@ -0,0 +1,2 @@
Include test-cases/data/config_example2.txt
SecRule ARGS "@contains config_example" ops "id:1000,pass,t:trim"

BIN
src/deps/src/modsecurity/test/test-cases/data/geo/GeoIPCity.dat vendored Normal file
View file

Binary file not shown.

4
src/deps/src/modsecurity/test/test-cases/data/geo/README.txt vendored Normal file
View file

@ -0,0 +1,4 @@
This data was download from:
https://github.com/maxmind/geoip-api-php/tree/master/tests

10
src/deps/src/modsecurity/test/test-cases/data/inspectFile-abcdef.lua vendored Normal file
View file

@ -0,0 +1,10 @@
#!/usr/bin/lua
function main(filename)
local file = io.open(filename, 'r')
local chunk = file:read(1024)
local ret = string.match(chunk, 'abcdef')
io.close(file)
return ret
end

6
src/deps/src/modsecurity/test/test-cases/data/ipMatchFromFile.txt vendored Normal file
View file

@ -0,0 +1,6 @@
127.0.0.1
# Comment line
10.10.10.1
::1
200.249.12.31

21
src/deps/src/modsecurity/test/test-cases/data/match-getvar-multi-transformations.lua vendored Normal file
View file

@ -0,0 +1,21 @@
function main()
ret = nil
m.log(9, "Lets rock.");
var = m.getvar("tx.test" , { "lowercase", "uppercase" });
if var == nil then
m.log(9, "Don't know what to say...");
return ret;
end
if var == "FELIPE" then
m.log(9, "Whee. Working like a charm. That is what we have: " .. var);
elseif var == "felipe" then
m.log(9, "Oh boy. Got: " .. var);
ret ="ok";
else
m.log(9, "Really?");
end
return "whee"
end

21
src/deps/src/modsecurity/test/test-cases/data/match-getvar-transformation.lua vendored Normal file
View file

@ -0,0 +1,21 @@
function main()
ret = nil
m.log(9, "Lets rock.");
var = m.getvar("tx.test" , "lowercase");
if var == nil then
m.log(9, "Don't know what to say...");
return ret;
end
if var == "FELIPE" then
m.log(9, "Ops.");
elseif var == "felipe" then
m.log(9, "Just fine.");
ret ="ok";
else
m.log(9, "Really?");
end
return "whee"
end

7
src/deps/src/modsecurity/test/test-cases/data/match-getvar-withTnfs.lua vendored Normal file
View file

@ -0,0 +1,7 @@
function main()
ret = nil
var = m.getvar("tx.test", "lowercase");
return ret
end

19
src/deps/src/modsecurity/test/test-cases/data/match-getvar.lua vendored Normal file
View file

@ -0,0 +1,19 @@
function main()
ret = nil
num = m.getvar("tx.test");
if num == nil then
m.log(9, "Don't know what to say about this so called number.");
return ret
end
num = tonumber(num)
if num > 1 then
m.log(9, "Number is bigger than one.");
ret = "Whee :)"
else
m.log(9, "Really?");
end
return ret
end

13
src/deps/src/modsecurity/test/test-cases/data/match-getvars-args.lua vendored Normal file
View file

@ -0,0 +1,13 @@
function main()
local d = m.getvars("ARGS");
local size = #d;
m.log(9,"ARGS count read =" .. tostring(size));
ret = nil
if ( #d == 2 ) then
return nil
end
return "Unexpected result"
end

21
src/deps/src/modsecurity/test/test-cases/data/match-getvars.lua vendored Normal file
View file

@ -0,0 +1,21 @@
function dump(o)
if type(o) == 'table' then
local s = '{ '
for k,v in pairs(o) do
if type(k) ~= 'number' then k = '"'..k..'"' end
s = s .. '['..k..'] = ' .. dump(v) .. ','
end
return s .. '} '
else
return tostring(o)
end
end
function main()
ret = nil
m.log(9, "Here I am");
z = m.getvars("QUERY_STRING");
m.log(9, "Z: " .. dump(z))
return ret
end

4
src/deps/src/modsecurity/test/test-cases/data/match-log.lua vendored Normal file
View file

@ -0,0 +1,4 @@
function main()
m.log(9, "echo 123");
return "Lua script matched.";
end

5
src/deps/src/modsecurity/test/test-cases/data/match-set.lua vendored Normal file
View file

@ -0,0 +1,5 @@
function main()
m.log(9, "echo 123");
m.setvar("tx.test", "whee");
return "Lua script matched.";
end

3
src/deps/src/modsecurity/test/test-cases/data/match.lua vendored Normal file
View file

@ -0,0 +1,3 @@
function main()
return "Lua script matched.";
end

26
src/deps/src/modsecurity/test/test-cases/data/not-so-big-file.conf vendored Normal file
View file

@ -0,0 +1,26 @@
# 1
# 2
# 3
# 4
# 5
# 6
# 7
# 8
# 10
# 11
# 12
Include "big-file.conf"
# 18
# 19
# 20
# 22
# 23
# 24
# 25
# 26
# 27
# 28

29
src/deps/src/modsecurity/test/test-cases/data/script.lua vendored Normal file
View file

@ -0,0 +1,29 @@
-- Your script must define the main entry
-- point, as below.
function main()
-- Log something at level 1. Normally you shouldn't be
-- logging anything, especially not at level 1, but this is
-- just to show you can. Useful for debugging.
m.log(1, "Hello world!");
-- Retrieve one variable.
local var1 = m.getvar("REMOTE_ADDR");
-- Retrieve one variable, applying one transformation function.
-- The second parameter is a string.
local var2 = m.getvar("ARGS", "lowercase");
-- Retrieve one variable, applying several transformation functions.
-- The second parameter is now a list. You should note that m.getvar()
-- requires the use of comma to separate collection names from
-- variable names. This is because only one variable is returned.
local var3 = m.getvar("ARGS.p", { "lowercase", "compressWhitespace" } );
-- If you want this rule to match return a string
-- containing the error message. The message must contain the name
-- of the variable where the problem is located.
-- return "Variable ARGS:p looks suspicious!"
-- Otherwise, simply return nil.
return nil;
end

10
src/deps/src/modsecurity/test/test-cases/data/setvar.lua vendored Normal file
View file

@ -0,0 +1,10 @@
function main()
var = 2;
m.setvar("TX.lua_set_var", var);
m.setvar("IP.lua_set_var", var);
m.setvar("GLOBAL.lua_set_var", var);
m.setvar("RESOURCE.lua_set_var", var);
m.setvar("SESSION.lua_set_var", var);
m.setvar("USER.lua_set_var", var);
return nil;
end

4
src/deps/src/modsecurity/test/test-cases/data/ssdeep.txt vendored Normal file
View file

@ -0,0 +1,4 @@
ssdeep,1.1--blocksize:hash:hash,filename
96:MbQ1L0LDX8GPI8ov3D2D9zd6/gz2wZhFvV0O598La8Kqvfi0znNa8Xi5SM7XRWCK:KvL8Gg8rWIz2ZKqvfjzQ55RpRHjftQ++,"modsecurity.conf-recommended"
192:b8B5UQvywcMIJuavpde/Yyz/U/vF+vGCoCvrQr/dw:afcnrvp8zqUvGrzr6,"README_WINDOWS.TXT"
96:+qK8Z4gA165/hquKNMi68zuEyMM9qNB26x:+RG4z6c1LyZOB26x,"README.TXT"

0
src/deps/src/modsecurity/test/test-cases/data/test.lua vendored Normal file
View file

1
src/deps/src/modsecurity/test/test-cases/data/unicode.mapping-reduced vendored Normal file
View file

@ -0,0 +1 @@
1251 0434:64 043e:6f 0440:70

101
src/deps/src/modsecurity/test/test-cases/regression/action-allow.json vendored Normal file
View file

@ -0,0 +1,101 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing allow action (1/3)",
"expected":{
"debug_log": "Skipped rule id 'action-allow.json:3' as request trough the utilization of an `allow' action",
"http_code": 200
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecAction \"phase:1,allow,msg:'ALLOWED',id:500065\"",
"SecAction \"phase:1,deny,msg:'DENIED',id:500066\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing allow action (2/3)",
"expected":{
"debug_log": "",
"http_code": 500
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecAction \"phase:1,allow:request,msg:'ALLOWED',id:500065\"",
"SecRule ARGS \"@contains value\" \"id:1,t:trim,status:500,deny,phase:3\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing allow action (3/3)",
"expected":{
"debug_log": "",
"http_code": 500
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecAction \"phase:1,allow:phase,msg:'ALLOWED',id:500065\"",
"SecRule ARGS \"@contains value\" \"id:1,t:trim,status:500,deny,phase:3\""
]
}
]

66
src/deps/src/modsecurity/test/test-cases/regression/action-block.json vendored Normal file
View file

@ -0,0 +1,66 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing 'block' action without desruptive action",
"expected":{
"parser_error": "Line: 1. Column: 16. SecDefaultAction must specify a disruptive action."
},
"client":{
"ip":"200.249.12.31",
"port":12300
},
"request":{
"headers":{
"Host":"a.b.com",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/path1",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecDefaultAction \"phase:1,log,block,status:404\"",
"SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:5\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing 'block' action with desruptive action",
"expected":{
"http_code": 400
},
"client":{
"ip":"200.249.12.31",
"port":12300
},
"request":{
"headers":{
"Host":"a.b.com",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/path1",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecDefaultAction \"phase:1,log,block,deny,status:400\"",
"SecRule REQUEST_URI \"@contains path1\" \"phase:1,block,id:5\""
]
}
]

51
src/deps/src/modsecurity/test/test-cases/regression/action-ctl_audit_engine.json vendored Normal file
View file

@ -0,0 +1,51 @@
[
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "auditengine : Config=Off, ctl:auditEngine=on",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "www.modsecurity.org",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?parm1=test1&parm2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"expected": {
"audit_log": "--A--",
"error_log": "",
"http_code": 200
},
"rules": [
"SecRuleEngine On",
"SecDefaultAction \"phase:2,nolog,pass\"",
"SecAuditEngine Off",
"SecAuditLogParts ABCFHZ",
"SecAuditLog /tmp/modsec_test_ctl_auditengine_auditlog_1.log",
"SecAuditLogDirMode 0766",
"SecAuditLogFileMode 0666",
"SecAuditLogType Serial",
"SecAuditLogRelevantStatus \"^(?:5|4(?!04))\"",
"SecRule ARGS \"@contains test2\" \"id:1701,phase:2,pass,nolog,ctl:auditEngine=on\""
]
}
]

185
src/deps/src/modsecurity/test/test-cases/regression/action-ctl_request_body_access.json vendored Normal file
View file

@ -0,0 +1,185 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRequestBodyAccess (1)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2",
"Expect":"100-continue"
},
"uri":"/test",
"method":"POST",
"body":[
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"name\"",
"",
"test",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is a very small test file..",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is another very small test file..",
"--------------------------756b6d74fa1a8ee2--"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Request body processing is enabled, but disabled to this transaction due to ctl:requestBodyAccess action"
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RequestBodyAccess=Off\"",
"SecRule REQUEST_BODY \"@contains very small test file\" \"id:2,log,phase:3\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRequestBodyAccess (2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2",
"Expect":"100-continue"
},
"uri":"/test",
"method":"POST",
"body":[
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"name\"",
"",
"test",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is a very small test file..",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is another very small test file..",
"--------------------------756b6d74fa1a8ee2--"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"--------------------------756b6d74fa1a8ee2"
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim\"",
"SecRule REQUEST_BODY \"@contains very small test file\" \"id:2,log,phase:3\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRequestBodyAccess (3)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"multipart/form-data; boundary=--------------------------756b6d74fa1a8ee2",
"Expect":"100-continue"
},
"uri":"/test",
"method":"POST",
"body":[
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"name\"",
"",
"test",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is a very small test file..",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is another very small test file..",
"--------------------------756b6d74fa1a8ee2--"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"--------------------------756b6d74fa1a8ee2"
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess Off",
"SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RequestBodyAccess=On\"",
"SecRule REQUEST_BODY \"@contains very small test file\" \"id:2,log,phase:3\""
]
}
]

178
src/deps/src/modsecurity/test/test-cases/regression/action-ctl_request_body_processor.json vendored Normal file
View file

@ -0,0 +1,178 @@
[
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing CtlRequestBodyProcessor=XML (1)",
"expected":{
"debug_log": "Registered XML namespace href \"http://schemas.xmlsoap.org/soap/envelope/\" prefix \"soap\""
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/?key=value&key=other_value",
"method":"POST",
"body": [
"<?xml version=\"1.0\" encoding=\"UTF-8\"?>",
"<bookstore>",
"<book category=\"COOKING\">",
"<title lang=\"en\">Everyday Italian</title>",
"<author>Giada De Laurentiis</author>",
"<year>2005</year>",
"<price>30.00</price>",
"</book>",
"<book category=\"CHILDREN\">",
"<title lang=\"en\">Harry Potter</title>",
"<author>J K. Rowling</author>",
"<year>2005</year>",
"<price>29.99</price>",
"</book>",
"<book category=\"WEB\">",
"<title lang=\"en\">XQuery Kick Start</title>",
"<author>James McGovern</author>",
"<author>Per Bothner</author>",
"<author>Kurt Cagle</author>",
"<author>James Linn</author>",
"<author>Vaidyanathan Nagarajan</author>",
"<year>2003</year>",
"<price>49.99</price>",
"</book>",
"<book category=\"WEB\">",
"<title lang=\"en\">Learning XML</title>",
"<author>Erik T. Ray</author>",
"<year>2003</year>",
"<price>39.95</price>",
"</book>",
"</bookstore>"
]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\""
]
},
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing CtlRequestBodyProcessor=XML (2)",
"expected":{
"debug_log": "Rule returned 0"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/?key=value&key=other_value",
"method":"POST",
"body": [
"<?xml version=\"1.0\" encoding=\"UTF-8\"?>",
"<bookstore>",
"<book category=\"COOKING\">",
"<title lang=\"en\">Everyday Italian</title>",
"<author>Giada De Laurentiis</author>",
"<year>2005</year>",
"<price>30.00</price>",
"</book>",
"<book category=\"CHILDREN\">",
"<title lang=\"en\">Harry Potter</title>",
"<author>J K. Rowling</author>",
"<year>2005</year>",
"<price>29.99</price>",
"</book>",
"<book category=\"WEB\">",
"<title lang=\"en\">XQuery Kick Start</title>",
"<author>James McGovern</author>",
"<author>Per Bothner</author>",
"<author>Kurt Cagle</author>",
"<author>James Linn</author>",
"<author>Vaidyanathan Nagarajan</author>",
"<year>2003</year>",
"<price>49.99</price>",
"</book>",
"<book category=\"WEB\">",
"<title lang=\"en\">Learning XML</title>",
"<author>Erik T. Ray</author>",
"<year>2003</year>",
"<price>39.95</price>",
"</book>",
"</bookstore>"
]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\""
]
},
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing CtlRequestBodyProcessor=XML (3)",
"expected":{
"debug_log": "XML: Failed parsing document."
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/?key=value&key=other_value",
"method":"POST",
"body": [
"not a xml"
]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\""
]
}
]

97
src/deps/src/modsecurity/test/test-cases/regression/action-ctl_request_body_processor_urlencoded.json vendored Normal file
View file

@ -0,0 +1,97 @@
[
{
"enabled":1,
"version_min":300000,
"title":"ctl:requestBodyProcessor=URLENCODED",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/lhebs",
"Expect":"100-continue"
},
"uri":"/a=urlencoded",
"method":"POST",
"body":[
"param1=value1\r"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \\\"value1",
"http_code": 403
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule REQUEST_HEADERS:Content-Type \"@contains lhebs\" \"phase:1,id:122,t:none,log,auditlog,pass,ctl:requestBodyProcessor=URLENCODED\"",
"SecRule ARGS_POST \"@contains value1\" \"phase:2,id:123,t:none,deny,log,auditlog\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"ctl:requestBodyProcessor=URLENCODED",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
"Content-Type":"application/x-www-form-urlencoded",
"Expect":"100-continue"
},
"uri":"/a=urlencoded",
"method":"POST",
"body":[
"param1=value1\r"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \\\"value1",
"http_code": 403
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule ARGS_POST \"@contains value1\" \"phase:2,id:123,t:none,deny,log,auditlog\""
]
}
]

315
src/deps/src/modsecurity/test/test-cases/regression/action-ctl_rule_engine.json vendored Normal file
View file

@ -0,0 +1,315 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleEngine (1)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"12",
"Content-Type":"plain/text",
"Expect":"100-continue"
},
"uri":"/test?test=test",
"method":"POST",
"body":[ ]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Setting SecRuleEngine to Disabled as requested by a ctl:ruleEngine action",
"http_code": 200
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=Off\"",
"SecRule ARGS \"@contains test\" \"id:2,log,phase:3,block,deny,status:302\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleEngine (2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"12",
"Content-Type":"plain/text",
"Expect":"100-continue"
},
"uri":"/test?test=test",
"method":"POST",
"body":[ ]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action",
"http_code": 200
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=DetectionOnly\"",
"SecRule ARGS \"@contains test\" \"id:2,log,phase:3,block,deny,status:302\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleEngine (3)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"12",
"Content-Type":"plain/text",
"Expect":"100-continue"
},
"uri":"/test?test=test",
"method":"GET",
"body":[ ]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Setting SecRuleEngine to Enabled as requested by a ctl:ruleEngine action",
"http_code": 302
},
"rules":[
"SecRuleEngine DetectionOnly",
"SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=On\"",
"SecRule ARGS \"@contains test\" \"id:2,log,phase:3,block,deny,status:302\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleEngine (4)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"12",
"Content-Type":"plain/text",
"Expect":"100-continue"
},
"uri":"/test?test=test",
"method":"GET",
"body":[ ]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Setting SecRuleEngine to Enabled as requested by a ctl:ruleEngine action",
"http_code": 302
},
"rules":[
"SecRuleEngine DetectionOnly",
"SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=On,log,phase:3,block,deny,status:302\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleEngine (5)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"12",
"Content-Type":"plain/text",
"Expect":"100-continue"
},
"uri":"/test?test=test",
"method":"GET",
"body":[ ]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Setting SecRuleEngine to Disabled as requested by a ctl:ruleEngine action",
"http_code": 200
},
"rules":[
"SecRuleEngine DetectionOnly",
"SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=Off,log,phase:3,block,deny,status:302\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleEngine (6)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"12",
"Content-Type":"plain/text",
"Expect":"100-continue"
},
"uri":"/test?test=test",
"method":"GET",
"body":[ ]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action",
"http_code": 200
},
"rules":[
"SecRuleEngine DetectionOnly",
"SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,ctl:RuleEngine=DetectionOnly,log,phase:3,block,deny,status:302\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleEngine (7)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"12",
"Content-Type":"plain/text",
"Expect":"100-continue"
},
"uri":"/test?test=test",
"method":"GET",
"body":[ ]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Setting SecRuleEngine to DetectionOnly as requested by a ctl:ruleEngine action",
"http_code": 200
},
"rules":[
"SecRuleEngine DetectionOnly",
"SecRule REQUEST_URI \"@contains test\" \"id:1,phase:1,pass,t:trim,log,phase:3,block,deny,status:302,ctl:RuleEngine=DetectionOnly\""
]
}
]

66
src/deps/src/modsecurity/test/test-cases/regression/action-ctl_rule_remove_by_id.json vendored Normal file
View file

@ -0,0 +1,66 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleRemoteById (1)",
"expected":{
"debug_log": "Rule id: 1 was skipped due to a ruleRemoveById action..."
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/wp-login.php?whee=something&pwd=lhebs",
"method":"GET",
"body": [ ]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveById=1\"",
"SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS'\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleRemoteById (2)",
"expected":{
"debug_log": "Target value: .*Variable: ARGS_NAMES:whee"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/wp-login.php?whee=something&pwd=lhebs",
"method":"GET",
"body": [ ]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveById=123\"",
"SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\""
]
}
]

84
src/deps/src/modsecurity/test/test-cases/regression/action-ctl_rule_remove_by_tag.json vendored Normal file
View file

@ -0,0 +1,84 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing ctl:ruleRemoveByTag (1/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Skipped rule id '2'. Skipped due to a ruleRemoveByTag action."
},
"rules":[
"SecRule ARGS:key \".\" \"id:4,ctl:ruleRemoveByTag=tag123\"",
"SecRule ARGS \"@contains test1\" \"id:1,pass,t:trim\"",
"SecRule ARGS \"@contains test2\" \"id:2,pass,t:trim,tag:tag123\"",
"SecRule ARGS \"@contains test3\" \"id:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing ctl:ruleRemoveByTag (2/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Skipped rule id '3'. Skipped due to a ruleRemoveByTag action."
},
"rules":[
"SecRule ARGS:key \".\" \"id:4,ctl:ruleRemoveByTag=whee\"",
"SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:3,pass,t:trim,tag:whee\""
]
}
]

99
src/deps/src/modsecurity/test/test-cases/regression/action-ctl_rule_remove_target_by_id.json vendored Normal file
View file

@ -0,0 +1,99 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleRemoveTargetById (1)",
"expected":{
"http_code": 200
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/wp-login.php?whee&pwd=lhebs",
"method":"GET",
"body": [ ]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS:pwd\"",
"SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,status:202,block,deny,tag:'CRS'\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleRemoveTargetById (2)",
"expected":{
"debug_log": "Target value: .*Variable: ARGS_NAMES:whee"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/wp-login.php?whee=something&pwd=lhebs",
"method":"GET",
"body": [ ]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=123;ARGS:pwd\"",
"SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleRemoveTargetById (3)",
"expected":{
"http_code": 200
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/wp-login.php?whee=something&pwd=lhebs",
"method":"GET",
"body": [ ]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetById=1;ARGS\"",
"SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,status:202,block,deny,tag:'CRS'\""
]
}
]

99
src/deps/src/modsecurity/test/test-cases/regression/action-ctl_rule_remove_target_by_tag.json vendored Normal file
View file

@ -0,0 +1,99 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleRemoteTargetByTag (1)",
"expected":{
"http_code": 200
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/wp-login.php?whee&pwd=lhebs",
"method":"GET",
"body": [ ]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"",
"SecRule ARGS \"@contains lhebs\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS',deny\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleRemoteTargetByTag (2)",
"expected":{
"debug_log": "Target value: .*Variable: ARGS_NAMES:pwd"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/wp-login.php?whee&pwd=lhebs",
"method":"GET",
"body": [ ]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS:pwd\"",
"SecRule ARGS_NAMES \"@contains pwd\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing CtlRuleRemoteTargetByTag (3)",
"expected":{
"debug_log": "Target value: .*Variable: ARGS_NAMES:whee"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/wp-login.php?whee=something&pwd=lhebs",
"method":"GET",
"body": [ ]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRule REQUEST_FILENAME \"@endsWith /wp-login.php\" \"id:9002100,phase:2,t:none,nolog,pass,ctl:ruleRemoveTargetByTag=CRS;ARGS\"",
"SecRule ARGS_NAMES \"@contains whee\" \"id:1,phase:3,t:none,nolog,pass,tag:'CRS2'\""
]
}
]

80
src/deps/src/modsecurity/test/test-cases/regression/action-disruptive.json vendored Normal file
View file

@ -0,0 +1,80 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing Disruptive actions (1/n)",
"expected":{
"debug_log": "Running action deny",
"http_code":403
},
"rules":[
"SecRuleEngine On",
"SecDefaultAction \"phase:2,deny,status:404\"",
"SecAction \"id:'900001',phase:request,nolog,status:403,t:none,block\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Disruptive actions (2/n)",
"expected":{
"debug_log": "Running action deny",
"http_code":404
},
"rules":[
"SecRuleEngine On",
"SecDefaultAction \"phase:2,deny,status:404\"",
"SecAction \"id:'1',phase:request,nolog,t:none,block\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Disruptive actions (3/n)",
"expected":{
"http_code":404
},
"rules":[
"SecRuleEngine On",
"SecDefaultAction \"phase:2,deny,status:404\"",
"SecAction \"id:'1',phase:request,nolog,block,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Disruptive actions (4/n)",
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecAction \"id:'1',phase:request,nolog,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Disruptive actions (5/n)",
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecDefaultAction \"phase:2,deny,status:404\"",
"SecAction \"id:'1',phase:request,nolog,pass,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Disruptive actions (6/n)",
"expected":{
"http_code":403
},
"rules":[
"SecRuleEngine On",
"SecAction \"id:'1',phase:request,drop,nolog,t:none\""
]
}
]

148
src/deps/src/modsecurity/test/test-cases/regression/action-exec.json vendored Normal file
View file

@ -0,0 +1,148 @@
[
{
"enabled":1,
"version_min":300000,
"version_max":0,
"resource":"lua",
"title":"Testing action :: exec (1/3)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
}
},
"expected":{
"audit_log":"",
"debug_log":"Saving msg: This is a test, text\/html,application",
"error_log":"",
"parser_error":"exec: Expecting a Lua script: /bin/ech"
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,exec:/bin/echo\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"resource":"lua",
"title":"Testing action :: exec (2/2)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
}
},
"expected":{
"audit_log":"",
"debug_log":"Running script... test-cases/data/test.lua",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:1,exec:test-cases/data/test.lua\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"resource":"lua",
"title":"Testing action :: exec (3/3)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
}
},
"expected":{
"audit_log":"",
"debug_log":"Running script... test-cases/data/match.lua",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:1,exec:test-cases/data/match.lua\""
]
}
]

126
src/deps/src/modsecurity/test/test-cases/regression/action-expirevar.json vendored Normal file
View file

@ -0,0 +1,126 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing expirevar action (1/x) - ip, expire later",
"expected":{
"debug_log": "Saving msg: mycount1 is 100"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecAction \"initcol:ip='127.0.0.1',id:5000,phase:1\"",
"SecRule ARGS \"@rx value\" \"id:'5001',phase:2,setvar:ip.mycount1=100,expirevar:ip.mycount1=60,pass\"",
"SecRule &IP:mycount1 \"@eq 1\" \"id:'5002',phase:2,pass,log,msg:'mycount1 is %{ip.mycount1}'\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing expirevar action (2/x) - ip, expire immediately",
"expected":{
"debug_log": "Saving msg: mycount1 is "
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecAction \"initcol:ip='127.0.0.1',id:5010,phase:1\"",
"SecRule ARGS \"@rx value\" \"id:'5011',phase:2,setvar:ip.mycount1=100,expirevar:ip.mycount1=0,pass\"",
"SecRule &IP:mycount1 \"@eq 0\" \"id:'5012',phase:2,pass,log,msg:'mycount1 is %{ip.mycount1}'\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing expirevar action (3/x) session, expire later",
"expected":{
"debug_log": "Saving msg: mycount1 is 12"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@rx .\" \"id:5150,phase:2,pass,setsid:sess1234\"",
"SecRule ARGS \"@rx value\" \"id:5151,phase:2,pass,setvar:session.mycount1=12,expirevar:session.mycount1=30\"",
"SecRule &SESSION:mycount1 \"@eq 1\" \"id:'5152',phase:2,pass,log,msg:'mycount1 is %{session.mycount1}'\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing expirevar action (4/x) session, expire immediately",
"expected":{
"debug_log": "Saving msg: mycount1 is"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@rx .\" \"id:5150,phase:2,pass,setsid:sess1234\"",
"SecRule ARGS \"@rx value\" \"id:5151,phase:2,pass,setvar:session.mycount1=12,expirevar:session.mycount1=0\"",
"SecRule &SESSION:mycount1 \"@eq 0\" \"id:'5152',phase:2,pass,log,msg:'mycount1 is %{session.mycount1}'\""
]
}
]

266
src/deps/src/modsecurity/test/test-cases/regression/action-id.json vendored Normal file
View file

@ -0,0 +1,266 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing Action :: id (1/6)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"parser_error": "The input \"111111111111222222222222222222222222222333333333333333333333333333444444444444444444444444444444555555555555555555555555666666666666666666666666666666666666666666\" does not seems to be a valid rule id."
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@rx (value1)\" \"id:111111111111222222222222222222222222222333333333333333333333333333444444444444444444444444444444555555555555555555555555666666666666666666666666666666666666666666,phase:2,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Action :: id (2/6)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"parser_error": "File: action-id.json. Line: 2. Column: 56. Expecting an action, got: id:-1,phase:2,pass,t:trim\""
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@rx (value1)\" \"id:-1,phase:2,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Action :: id (3/6)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log": " t:trim: \"value2\""
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@rx (value1)\" \"id:1,phase:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Action :: id (4/6)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log": " t:trim: \"value2\""
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@rx (value1)\" \"id:'1',phase:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Action :: id (5/6)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"parser_error": "action-id.json. Line: 2. Column: 56. Expecting an action, got: id:'1,phase:2,pass,t:trim\""
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@rx (value1)\" \"id:'1,phase:2,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Action :: id (6/6)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"parser_error": "action-id.json. Line: 2. Column: 56. Expecting an action, got: ',phase:2,pass,t:trim\""
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@rx (value1)\" \"id:1',phase:2,pass,t:trim\""
]
}
]

36
src/deps/src/modsecurity/test/test-cases/regression/action-initcol.json vendored Normal file
View file

@ -0,0 +1,36 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing initcol action",
"expected":{
"debug_log": "Saving variable: IP:auth_attempt with value: "
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setvar:tx.ua_hash=%{matched_var},nolog,pass\"",
"SecRule &TX:REAL_IP \"@eq 0\" \"id:'900021',phase:1,t:none,initcol:global=global,initcol:ip=%{remote_addr}_%{tx.ua_hash},setvar:tx.real_ip=%{remote_addr},nolog,pass\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900019',phase:2,t:none,setvar:ip.auth_attempt=+1,nolog,pass\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900020',phase:2,t:none,setvar:ip.auth_attempt=+1,nolog,pass\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900022',phase:2,t:none,setvar:ip.auth_attempt=+1,nolog,pass\""
]
}
]

118
src/deps/src/modsecurity/test/test-cases/regression/action-msg.json vendored Normal file
View file

@ -0,0 +1,118 @@
[
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing action :: msg (this test is not really testing it)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Saving msg: This is a test, text\/html,application",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,msg:'This is a test, %{REQUEST_HEADERS:Accept}%'\"",
"SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing action :: msg - variable expansion",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Saving msg: This is a test: PHPSESSID ops",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@rx PHPSESSID\" \"id:1,capture,t:lowercase,t:none,msg:'This is a test: %{TX.0}% ops'\"",
"SecRule TX \"@rx to_test\" \"id:2,t:lowercase,capture,t:none\""
]
}
]

95
src/deps/src/modsecurity/test/test-cases/regression/action-setenv.json vendored Normal file
View file

@ -0,0 +1,95 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing setsid action (1/3)",
"expected":{
"debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:Cookie \"^(.*)$\" \"id:'900018',phase:2,setenv:'variable=%{matched_var}',pass\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing setenv action (2/3)",
"expected":{
"debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:Cookie \"^(.*)$\" \"id:'900018',phase:2,setenv:variable=%{matched_var},pass\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing setenv action (3/3)",
"expected":{
"debug_log": "Setting environment variable: variable to PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120==test=test"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:Cookie \"^(.*)$\" \"id:'900018',phase:2,setenv:variable=%{matched_var}==test=test,pass\""
]
}
]

36
src/deps/src/modsecurity/test/test-cases/regression/action-setrsc.json vendored Normal file
View file

@ -0,0 +1,36 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing setrsc action",
"expected":{
"debug_log": "Saving variable: RESOURCE:score with value: "
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setrsc:'test',nolog,pass\"",
"SecRule REQUEST_HEADERS \".*\" \"id:'900021',phase:1,setvar:RESOURCE.score=+10\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900068',phase:1,t:none,t:sha1,t:hexEncode,setrsc:%{REQUEST_COOKIES:PHPSESSID}2,nolog,pass\"",
"SecRule REQUEST_HEADERS \".*\" \"id:'900022',phase:1,setvar:RESOURCE.score=+5\""
]
}
]

36
src/deps/src/modsecurity/test/test-cases/regression/action-setsid.json vendored Normal file
View file

@ -0,0 +1,36 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing setsid action",
"expected":{
"debug_log": "Saving variable: SESSION:score with value: "
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setsid:%{REQUEST_COOKIES:PHPSESSID}%,nolog,pass\"",
"SecRule REQUEST_HEADERS \".*\" \"id:'900021',phase:1,setvar:SESSION.score=+10\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900068',phase:1,t:none,t:sha1,t:hexEncode,setsid:%{REQUEST_COOKIES:PHPSESSID}2,nolog,pass\"",
"SecRule REQUEST_HEADERS \".*\" \"id:'900022',phase:1,setvar:SESSION.score=+5\""
]
}
]

36
src/deps/src/modsecurity/test/test-cases/regression/action-setuid.json vendored Normal file
View file

@ -0,0 +1,36 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing setuid action",
"expected":{
"debug_log": "Saving variable: USER:score with value: "
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900018',phase:1,t:none,t:sha1,t:hexEncode,setuid:%{REQUEST_COOKIES:USER}%,nolog,pass\"",
"SecRule REQUEST_HEADERS \".*\" \"id:'900021',phase:1,setvar:USER.score=+10\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'900068',phase:1,t:none,t:sha1,t:hexEncode,setsid:%{REQUEST_COOKIES:PHPSESSID}2,nolog,pass\"",
"SecRule REQUEST_HEADERS \".*\" \"id:'900022',phase:1,setvar:USER.score=+5\""
]
}
]

104
src/deps/src/modsecurity/test/test-cases/regression/action-skip.json vendored Normal file
View file

@ -0,0 +1,104 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing skip action 1/3",
"expected":{
"debug_log": "\\[9\\] Skipped rule id \\'2\\' due to a \\`skip\\' action."
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:1\"",
"SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'3',phase:1,t:none,nolog,pass\"",
"SecRule REQUEST_HEADERS \".*\" \"id:'4',phase:1,setvar:SESSION.score=+5\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing skip action 2/3",
"expected":{
"parser_error": "Rules error. File: action-skip.json. Line: 2. Column: 71. Expecting an action, got: skip:abc"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:abc\"",
"SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'3',phase:1,t:none,nolog,pass\"",
"SecRule REQUEST_HEADERS \".*\" \"id:'4',phase:1,setvar:SESSION.score=+5\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing skip action 3/3",
"expected":{
"debug_log": "\\[9\\] Skipped rule id \\'3\\' due to a \\`skip\\' action."
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"User-Agent":"My sweet little browser",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'1',phase:1,skip:2\"",
"SecRule REQUEST_HEADERS \"should be skipped\" \"id:'2',phase:1,setvar:SESSION.score=+10\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:'3',phase:1,t:none,nolog,pass\"",
"SecRule REQUEST_HEADERS \".*\" \"id:'4',phase:1,setvar:SESSION.score=+5\""
]
}
]

118
src/deps/src/modsecurity/test/test-cases/regression/action-tag.json vendored Normal file
View file

@ -0,0 +1,118 @@
[
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing action :: tag 1",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Rule tag: teste",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,tag:'teste',t:lowercase,t:none\"",
"SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing action :: tag 2",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Rule tag: teste no-cache",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,tag:'teste %{REQUEST_HEADERS:Pragma}%',t:lowercase,t:none\"",
"SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\""
]
}
]

90
src/deps/src/modsecurity/test/test-cases/regression/action-tnf-base64.json vendored Normal file
View file

@ -0,0 +1,90 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing Transformatio :: base64 (1/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log": "t:base64encode: \"dmFsdWUyCg==\""
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@rx .\" \"id:1,phase:2,t:base64encode,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Transformatio :: base64 (2/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "27",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/",
"method":"POST",
"body": [
"param1=dmFsdWUy&param2=value2"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log": "t:base64decode: \"value2\""
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@rx .\" \"id:1,phase:2,t:base64decode,pass,t:trim\""
]
}
]

108
src/deps/src/modsecurity/test/test-cases/regression/action-xmlns.json vendored Normal file
View file

@ -0,0 +1,108 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing action :: XMLNS (parser error 1)",
"expected":{
"parser_error": "XMLS: Bad format, missing equals sign"
},
"rules":[
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:soap'http://schemas.xmlsoap.org/soap/envelope/'\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing action :: XMLNS (parser error 2)",
"expected":{
"parser_error": "XMLS: XMLNS is invalid. Expecting a name=value format."
},
"rules":[
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:=\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing action :: XMLNS (parser error 3)",
"expected":{
"parser_error": "XMLS: Missing xmlns href for prefix: `schemas.xmlsoap.org/soap/envelope/'."
},
"rules":[
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500008,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule REQUEST_HEADERS:User-Agent \"^(.*)$\" \"id:123,xmlns:soap='schemas.xmlsoap.org/soap/envelope/'\""
]
},
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"Testing XML request body parser (validate ok)",
"expected":{
"debug_log": "Target value: \"39.95\" \\(Variable: XML:\/bookstore\/book\/price\\[text\\(\\)\\]\\)"
},
"client":{
"ip":"200.249.12.31",
"port":123
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Content-Type": "text/xml"
},
"uri":"/?key=value&key=other_value",
"method":"POST",
"body": [
"<?xml version=\"1.0\" encoding=\"UTF-8\"?>",
"<bookstore>",
"<book category=\"COOKING\">",
"<title lang=\"en\">Everyday Italian</title>",
"<author>Giada De Laurentiis</author>",
"<year>2005</year>",
"<price>30.00</price>",
"</book>",
"<book category=\"CHILDREN\">",
"<title lang=\"en\">Harry Potter</title>",
"<author>J K. Rowling</author>",
"<year>2005</year>",
"<price>29.99</price>",
"</book>",
"<book category=\"WEB\">",
"<title lang=\"en\">XQuery Kick Start</title>",
"<author>James McGovern</author>",
"<author>Per Bothner</author>",
"<author>Kurt Cagle</author>",
"<author>James Linn</author>",
"<author>Vaidyanathan Nagarajan</author>",
"<year>2003</year>",
"<price>49.99</price>",
"</book>",
"<book category=\"WEB\">",
"<title lang=\"en\">Learning XML</title>",
"<author>Erik T. Ray</author>",
"<year>2003</year>",
"<price>39.95</price>",
"</book>",
"</bookstore>"
]
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500005,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
"SecRule XML:/bookstore/book/price[text()] \"Fred\" \"phase:3,id:123,xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'\""
]
}
]

360
src/deps/src/modsecurity/test/test-cases/regression/actions.json vendored Normal file
View file

@ -0,0 +1,360 @@
[
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "actions :: trim,deny",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "net.tutsplus.com",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "text\/xml; charset=utf-8\n\r",
"Content-Length": "length\n\r"
},
"body": [
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected": {
"audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "",
"http_code": 403
},
"rules": [
"SecRuleEngine On",
"SecResponseBodyAccess On",
"SecRule ARGS \"@contains test\" \"id:1,t:trim,deny\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "actions :: trim,redirect:'http://www.google.com'",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "net.tutsplus.com",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "text\/xml; charset=utf-8\n\r",
"Content-Length": "length\n\r"
},
"body": [
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected": {
"audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "",
"http_code": 302,
"redirect_url": "http://www.google.com"
},
"rules": [
"SecRuleEngine On",
"SecRule ARGS \"@contains test\" \"id:1,t:trim,redirect:'http://www.google.com'\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "actions :: trim,status:306,redirect:http://www.google.com",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "net.tutsplus.com",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "text\/xml; charset=utf-8\n\r",
"Content-Length": "length\n\r"
},
"body": [
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected": {
"audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "",
"http_code": 306,
"redirect_url": "http://www.google.com"
},
"rules": [
"SecRuleEngine On",
"SecRule ARGS \"@contains test\" \"id:1,t:trim,status:306,redirect:'http://www.google.com'\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "actions :: trim,status:500",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "net.tutsplus.com",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "text\/xml; charset=utf-8\n\r",
"Content-Length": "length\n\r"
},
"body": [
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected": {
"audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "",
"http_code": 500
},
"rules": [
"SecRuleEngine On",
"SecRule ARGS \"@contains test\" \"id:1,t:trim,deny,status:500\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "actions :: phase:2,trim,status:500,deny",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "net.tutsplus.com",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "text\/xml; charset=utf-8\n\r",
"Content-Length": "length\n\r"
},
"body": [
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected": {
"audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "",
"http_code": 500
},
"rules": [
"SecRuleEngine On",
"SecRule ARGS \"@contains test\" \"id:1,phase:2,t:trim,status:500,deny\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "actions :: phase:4,trim,status:500,deny",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "net.tutsplus.com",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Cookie": "PHPSESSID=r2t5uvjq435r4q7ib3vtdjq120",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "text\/xml; charset=utf-8\n\r",
"Content-Length": "length\n\r"
},
"body": [
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected": {
"audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "",
"http_code": 500
},
"rules": [
"SecRuleEngine On",
"SecResponseBodyAccess On",
"SecRule ARGS \"@contains test\" \"id:1,phase:4,t:trim,status:500,deny\""
]
}
]

422
src/deps/src/modsecurity/test/test-cases/regression/auditlog.json vendored Normal file
View file

@ -0,0 +1,422 @@
[
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "auditlog : basic parser test - Parallel",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "www.modsecurity.org",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "plain\/text\n\r"
},
"body": [
"test"
]
},
"expected": {
"audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "",
"http_code": 403
},
"rules": [
"SecRuleEngine On",
"SecRule ARGS \"@contains test\" \"id:1,t:trim,deny,auditlog\"",
"SecAuditEngine RelevantOnly",
"SecAuditLogParts ABCFHZ",
"SecAuditLogStorageDir /tmp/test",
"SecAuditLogDirMode 0766",
"SecAuditLogFileMode 0600",
"SecAuditLogType Parallel",
"SecAuditLogRelevantStatus \"^(?:5|4(?!04))\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "auditlog : basic parser test - Serial",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "www.modsecurity.org",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "plain\/text\n\r"
},
"body": [
"test"
]
},
"expected": {
"audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "",
"http_code": 403
},
"rules": [
"SecRuleEngine On",
"SecRule ARGS \"@contains test\" \"id:1,t:trim,deny,auditlog\"",
"SecAuditEngine RelevantOnly",
"SecAuditLogParts ABCFHZ",
"SecAuditLogStorageDir /tmp/test",
"SecAuditLog /tmp/audit_test.log",
"SecAuditLogDirMode 0766",
"SecAuditLogFileMode 0600",
"SecAuditLogType Serial",
"SecAuditLogRelevantStatus \"^(?:5|4(?!04))\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "auditlog : basic parser test - Parallel",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "www.modsecurity.org",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1= test &param2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"response": {
"headers": {
"Content-Type": "plain\/text\n\r"
},
"body": [
"test"
]
},
"expected": {
"audit_log": "",
"debug_log": "\\[9\\] T \\(0\\) t:trim: \"test",
"error_log": "",
"http_code": 403
},
"rules": [
"SecRuleEngine On",
"SecRule ARGS \"@contains test\" \"id:1,t:trim,deny,auditlog\"",
"SecAuditEngine RelevantOnly",
"SecAuditLogParts ABCFHZ",
"SecAuditLogStorageDir /tmp/test",
"SecAuditLog /tmp/audit_test_parallel.log",
"SecAuditLogDirMode 0766",
"SecAuditLogFileMode 0600",
"SecAuditLogType Parallel",
"SecAuditLogRelevantStatus \"^(?:5|4(?!04))\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "auditlog : messages verification - nolog,auditlog",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "www.modsecurity.org",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1=test&param2=test2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"expected": {
"audit_log": "id \"1556",
"error_log": "",
"http_code": 403
},
"rules": [
"SecRuleEngine On",
"SecDefaultAction \"phase:1,nolog,auditlog,deny,status:403\"",
"SecRule ARGS \"@contains test\" \"id:1556,phase:1,block,nolog,auditlog\"",
"SecAuditEngine RelevantOnly",
"SecAuditLogParts ABCFHZ",
"SecAuditLog /tmp/test/modsec_audit_auditlog_1.log",
"SecAuditLogDirMode 0766",
"SecAuditLogFileMode 0666",
"SecAuditLogType Serial",
"SecAuditLogRelevantStatus \"^(?:5|4(?!04))\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "auditlog : multiMatch data, match after last transform",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "www.modsecurity.org",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1=test&param2=tEst2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"expected": {
"audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]",
"error_log": "",
"http_code": 403
},
"rules": [
"SecRuleEngine On",
"SecDefaultAction \"phase:1,nolog,auditlog,deny,status:403\"",
"SecRule ARGS \"@contains test2\" \"id:1557,phase:1,multiMatch,block,log,t:none,t:urlDecode,t:lowercase,msg:'testmsg',logdata:'testdata',severity:'DEBUG',tag:'testtag1',tag:'testtag2'\"",
"SecAuditEngine RelevantOnly",
"SecAuditLogParts ABCFHZ",
"SecAuditLog /tmp/test/modsec_audit_multimatch_1.log",
"SecAuditLogDirMode 0766",
"SecAuditLogFileMode 0666",
"SecAuditLogType Serial",
"SecAuditLogRelevantStatus \"^(?:5|4(?!04))\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "auditlog : multiMatch data, match only after intermediate transform",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "www.modsecurity.org",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1=test&param2=%20tEst2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"expected": {
"audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]",
"error_log": "",
"http_code": 403
},
"rules": [
"SecRuleEngine On",
"SecDefaultAction \"phase:1,nolog,auditlog,deny,status:403\"",
"SecRule ARGS \"@streq tEst2\" \"id:1558,phase:1,multiMatch,block,log,t:none,t:trim,t:lowercase,msg:'testmsg',logdata:'testdata',severity:'DEBUG',tag:'testtag1',tag:'testtag2'\"",
"SecAuditEngine RelevantOnly",
"SecAuditLogParts ABCFHZ",
"SecAuditLog /tmp/test/modsec_audit_multimatch_2.log",
"SecAuditLogDirMode 0766",
"SecAuditLogFileMode 0666",
"SecAuditLogType Serial",
"SecAuditLogRelevantStatus \"^(?:5|4(?!04))\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "auditlog : rule chain, multiMatch data, match after last transform",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "www.modsecurity.org",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1=test&param2=tEst2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"expected": {
"audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]",
"error_log": "",
"http_code": 403
},
"rules": [
"SecRuleEngine On",
"SecDefaultAction \"phase:1,nolog,auditlog,deny,status:403\"",
"SecRule ARGS \"@contains test2\" \"id:1559,phase:1,multiMatch,block,log,t:none,t:urlDecode,t:lowercase,msg:'testmsg',logdata:'testdata',severity:'DEBUG',tag:'testtag1',tag:'testtag2',chain\"",
"SecRule REQUEST_METHOD \"@streq GET\" \"t:none\"",
"SecAuditEngine RelevantOnly",
"SecAuditLogParts ABCFHZ",
"SecAuditLog /tmp/test/modsec_audit_multimatch_3.log",
"SecAuditLogDirMode 0766",
"SecAuditLogFileMode 0666",
"SecAuditLogType Serial",
"SecAuditLogRelevantStatus \"^(?:5|4(?!04))\""
]
},
{
"enabled": 1,
"version_min": 300000,
"version_max": 0,
"title": "auditlog : rule chain, multiMatch data, match only after intermediate transform",
"client": {
"ip": "200.249.12.31",
"port": 2313
},
"server": {
"ip": "200.249.12.31",
"port": 80
},
"request": {
"headers": {
"Host": "www.modsecurity.org",
"User-Agent": "Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language": "en-us,en;q=0.5",
"Accept-Encoding": "gzip,deflate",
"Accept-Charset": "ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive": "300",
"Connection": "keep-alive",
"Pragma": "no-cache",
"Cache-Control": "no-cache"
},
"uri": "\/test.pl?param1=test&param2=%20tEst2",
"method": "GET",
"http_version": 1.1,
"body": ""
},
"expected": {
"audit_log": "\\[msg \"testmsg\"\\] \\[data \"testdata\"\\] \\[severity \"7\"\\] \\[ver \"\"\\] \\[maturity \"0\"\\] \\[accuracy \"0\"\\] \\[tag \"testtag1\"\\] \\[tag \"testtag2\"\\]",
"error_log": "",
"http_code": 403
},
"rules": [
"SecRuleEngine On",
"SecDefaultAction \"phase:1,nolog,auditlog,deny,status:403\"",
"SecRule ARGS \"@streq tEst2\" \"id:1560,phase:1,multiMatch,block,log,t:none,t:trim,t:lowercase,msg:'testmsg',logdata:'testdata',severity:'DEBUG',tag:'testtag1',tag:'testtag2',chain\"",
"SecRule REQUEST_METHOD \"@streq GET\" \"t:none\"",
"SecAuditEngine RelevantOnly",
"SecAuditLogParts ABCFHZ",
"SecAuditLog /tmp/test/modsec_audit_multimatch_4.log",
"SecAuditLogDirMode 0766",
"SecAuditLogFileMode 0666",
"SecAuditLogType Serial",
"SecAuditLogRelevantStatus \"^(?:5|4(?!04))\""
]
}
]

60
src/deps/src/modsecurity/test/test-cases/regression/collection-case-insensitive.json vendored Normal file
View file

@ -0,0 +1,60 @@
[
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: Case insensitive (1/1)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"matched_var:PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_headers \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=matched_var:%{matched_var}%\"",
"SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\""
]
}
]

292
src/deps/src/modsecurity/test/test-cases/regression/collection-lua.json vendored Normal file
View file

@ -0,0 +1,292 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing LUA :: m.set TX (1/7)",
"resource":"lua",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"My sweet little browser",
"Accept":"*/*",
"Content-Length": "0"
},
"uri":"/whee?res=1",
"method":"GET",
"body": [ ]
},
"response":{
"headers":{},
"body":[
"no need."
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"2\" \\(Variable: TX.lua_set_var\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecAction \"id:1,pass,setvar:TX.lua_set_var=1\"",
"SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"",
"SecRule TX.lua_set_var \"@contains 2\" \"id:3,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing LUA :: m.set IP (2/7)",
"resource":"lua",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"My sweet little browser",
"Accept":"*/*",
"Content-Length": "0"
},
"uri":"/whee?res=1",
"method":"GET",
"body": [ ]
},
"response":{
"headers":{},
"body":[
"no need."
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"2\" \\(Variable: IP:::::lua_set_var\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecAction \"id:1,pass,setvar:IP.lua_set_var=1\"",
"SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"",
"SecRule IP.lua_set_var \"@contains 2\" \"id:3,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing LUA :: m.set GLOBAL (3/7)",
"resource":"lua",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"My sweet little browser",
"Accept":"*/*",
"Content-Length": "0"
},
"uri":"/whee?res=1",
"method":"GET",
"body": [ ]
},
"response":{
"headers":{},
"body":[
"no need."
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"2\" \\(Variable: GLOBAL:::::lua_set_var\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecAction \"id:1,pass,setvar:GLOBAL.lua_set_var=1\"",
"SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"",
"SecRule GLOBAL.lua_set_var \"@contains 2\" \"id:3,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing LUA :: m.set RESOURCE (4/7)",
"resource":"lua",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"My sweet little browser",
"Accept":"*/*",
"Content-Length": "0"
},
"uri":"/whee?res=1",
"method":"GET",
"body": [ ]
},
"response":{
"headers":{},
"body":[
"no need."
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"2\" \\(Variable: RESOURCE:::::lua_set_var\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecAction \"id:1,pass,setvar:RESOURCE.lua_set_var=1\"",
"SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"",
"SecRule RESOURCE.lua_set_var \"@contains 2\" \"id:3,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing LUA :: m.set SESSION (5/7)",
"resource":"lua",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"My sweet little browser",
"Accept":"*/*",
"Content-Length": "0"
},
"uri":"/whee?res=1",
"method":"GET",
"body": [ ]
},
"response":{
"headers":{},
"body":[
"no need."
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"2\" \\(Variable: SESSION:::::lua_set_var\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecAction \"id:1,pass,setvar:SESSION.lua_set_var=1\"",
"SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"",
"SecRule SESSION.lua_set_var \"@contains 2\" \"id:3,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing LUA :: m.set USER (6/7)",
"resource":"lua",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"My sweet little browser",
"Accept":"*/*",
"Content-Length": "0"
},
"uri":"/whee?res=1",
"method":"GET",
"body": [ ]
},
"response":{
"headers":{},
"body":[
"no need."
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"2\" \\(Variable: USER:::::lua_set_var\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecAction \"id:1,pass,setvar:USER.lua_set_var=1\"",
"SecRuleScript test-cases/data/setvar.lua \"id:2,pass\"",
"SecRule USER.lua_set_var \"@contains 2\" \"id:3,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing LUA :: m.getvars ARGS (8/8)",
"resource":"lua",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"My sweet little browser",
"Accept":"*/*",
"Content-Length": "0"
},
"uri":"/whee?parm1=a&parm2=b",
"method":"GET",
"body": [ ]
},
"response":{
"headers":{},
"body":[
"no need."
]
},
"expected":{
"http_code": 200
},
"rules":[
"SecRuleEngine On",
"SecRuleScript test-cases/data/match-getvars-args.lua \"id:2,phase:2,deny,status:403\""
]
}
]

121
src/deps/src/modsecurity/test/test-cases/regression/collection-regular_expression_selection.json vendored Normal file
View file

@ -0,0 +1,121 @@
[
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX/regular expression (1/2)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?id_a=test&nah=nops",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Saving variable: IP:nah with value: nops",
"error_log":"",
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS:/^id_/ \"@contains test\" \"id:1,phase:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"",
"SecRule ARGS:/^id_/ \"@contains test\" \"id:2,phase:2,t:lowercase,setvar:IP.nah=nops\"",
"SecRule IP:/id_a$/ \"rx .\" \"id:3,phase:2,deny,status:403\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX/regular expression (2/2)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?id_a=test&nah=nops",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Saving variable: IP:id_a with value: nops",
"http_code":403
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS:/^id_/ \"@contains test\" \"id:11,phase:2,t:lowercase,initcol:ip=%{REMOTE_ADDR}\"",
"SecRule ARGS:/^id_/ \"@contains test\" \"id:12,phase:2,t:lowercase,setvar:IP.id_a=nops\"",
"SecRule IP:/id_a$/ \"@contains nops\" \"id:13,phase:2,deny,status:403\""
]
}
]

107
src/deps/src/modsecurity/test/test-cases/regression/collection-resource.json vendored Normal file
View file

@ -0,0 +1,107 @@
[
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: RESOURCE (1/2)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?resource=whee",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"123\" \\(Variable: RESOURCE:whee::::test\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,initcol:resource=%{ARGS.resource},id:900003\"",
"SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,setvar:resource.test=123,id:900000\"",
"SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,expirevar:resource.timeout=3600,id:9000033\"",
"SecRule RESOURCE:test \"@unconditionalmatch \" \"phase:2,pass,expirevar:resource.timeout=3600,id:9000034\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: RESOURCE (2/2)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?resource=whee",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
]
},
"expected":{
"audit_log":"",
"debug_log":"RESOURCE:whee::webappid::test",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecWebAppId webappid",
"SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,initcol:resource=%{ARGS.resource},id:900003\"",
"SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,setvar:resource.test=123,id:900000\"",
"SecRule ARGS:resource \"@unconditionalmatch \" \"phase:2,pass,expirevar:resource.timeout=3600,id:9000033\"",
"SecRule RESOURCE:test \"@unconditionalmatch \" \"phase:2,pass,expirevar:resource.timeout=3600,id:9000034\""
]
}
]

237
src/deps/src/modsecurity/test/test-cases/regression/collection-tx-with-macro.json vendored Normal file
View file

@ -0,0 +1,237 @@
[
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX (with macro) (1/4)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\" \\(Variable: TX:something\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=%{REQUEST_HEADERS:Cookie}%\"",
"SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX (with macro) (2/4)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"1\" \\(Variable: TX:somethingPHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something%{REQUEST_HEADERS:Cookie}%\"",
"SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX (with macro) (3/4)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"310\" \\(Variable: TX:something\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=%{REQUEST_HEADERS:Keep-Alive}%\"",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"",
"SecRule TX \"@contains to_test\" \"id:3,t:lowercase,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX (with macro) (4/4)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"5\" \\(Variable: TX:something_else\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something_else=%{tx.something}%\"",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:3,t:lowercase,t:none,setvar:TX.something_else=-5\"",
"SecRule TX:something_else \"@contains to_test\" \"id:4,t:lowercase,t:none\""
]
}
]

337
src/deps/src/modsecurity/test/test-cases/regression/collection-tx.json vendored Normal file
View file

@ -0,0 +1,337 @@
[
{
"enabled": 1,
"version_min":300000,
"version_max":0,
"title":"Collection :: TX full vs partial match",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko/20091102 Firefox/3.5.5 (.NET CLR 3.5.30729)"
},
"uri":"/",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text/xml; charset=utf-8\n"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n"
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecRule REMOTE_ADDR \"@unconditionalMatch\" \"id:1,deny,setvar:TX.partial_match=1,chain\"",
"SecRule TX.partial \"@gt 0\" \"id:2,t:lowercase,t:none,status:444\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX (1/4)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"to_test\" \\(Variable: TX:something\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=to_test\"",
"SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX (2/4)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"1\" \\(Variable: TX:something\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something\"",
"SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX (3/4)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"20\" \\(Variable: TX:something\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"",
"SecRule TX \"@contains to_test\" \"id:3,t:lowercase,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX (4/4)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"15\" \\(Variable: TX:something\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:1,t:lowercase,t:none,setvar:TX.something=+10\"",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:2,t:lowercase,t:none,setvar:TX.something=+10\"",
"SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"id:3,t:lowercase,t:none,setvar:TX.something=-5\"",
"SecRule TX \"@contains to_test\" \"id:4,t:lowercase,t:none\""
]
},
{
"enabled":1,
"version_min":300000,
"version_max":0,
"title":"Testing collection :: TX (5/n)",
"client":{
"ip":"200.249.12.31",
"port":2313
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"User-Agent":"Mozilla\/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.5) Gecko\/20091102 Firefox\/3.5.5 (.NET CLR 3.5.30729)",
"Accept":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,*\/*;q=0.8",
"Accept-Language":"en-us,en;q=0.5",
"Accept-Encoding":"gzip,deflate",
"Accept-Charset":"ISO-8859-1,utf-8;q=0.7,*;q=0.7",
"Keep-Alive":"300",
"Connection":"keep-alive",
"Cookie":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120 - cookie I",
"Cookie2":"PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120 - cookie II",
"Pragma":"no-cache",
"Cache-Control":"no-cache"
},
"uri":"\/test.pl?param1= test &param2=test2",
"method":"GET",
"http_version":1.1,
"body":""
},
"response":{
"headers":{
"Content-Type":"text\/xml; charset=utf-8\n\r",
"Content-Length":"length\n\r"
},
"body":[
"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n\r",
"<soap:Envelope xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\" xmlns:xsd=\"http:\/\/www.w3.org\/2001\/XMLSchema\" xmlns:soap=\"http:\/\/schemas.xmlsoap.org\/soap\/envelope\/\">\n\r",
" <soap:Body>\n\r",
" <EnlightenResponse xmlns=\"http:\/\/clearforest.com\/\">\n\r",
" <EnlightenResult>string<\/EnlightenResult>\n\r",
" <\/EnlightenResponse>\n\r",
" <\/soap:Body>\n\r",
"<\/soap:Envelope>\n\r"
]
},
"expected":{
"audit_log":"",
"debug_log":"Target value: \"40\" \\(Variable: TX:anomaly_score\\)",
"error_log":""
},
"rules":[
"SecRuleEngine On",
"SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:1,setvar:tx.critical_anomaly_score=5\"",
"SecRule REQUEST_HEADERS:Cookie \"@contains PHPSESSID\" \"id:2,setvar:tx.anomaly_score=10\"",
"SecRule REQUEST_HEADERS:Cookie|REQUEST_HEADERS:Cookie2 \"@contains ookie\" \"id:4,t:lowercase,t:removewhitespace,multimatch,setvar:tx.anomaly_score=+%{tx.critical_anomaly_score}\"",
"SecRule TX \"@contains to_test\" \"id:100\""
]
}
]

785
src/deps/src/modsecurity/test/test-cases/regression/config-body_limits.json vendored Normal file
View file

@ -0,0 +1,785 @@
[
{
"enabled":1,
"version_min":300000,
"title":"SecResponseBodyLimitAction Reject",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":403
},
"rules":[
"SecRuleEngine On",
"SecResponseBodyLimitAction Reject",
"SecResponseBodyLimit 5"
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecResponseBodyLimitAction ProcessPartial",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecResponseBodyLimitAction ProcessPartial",
"SecResponseBodyLimit 5"
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRequestBodyLimitAction Reject",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"POST",
"body":[
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"name\"",
"",
"test",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is a very small test file..",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is another very small test file..",
"--------------------------756b6d74fa1a8ee2--"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":403
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyLimitAction Reject",
"SecRequestBodyLimit 5"
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRequestBodyLimitAction Reject - Engine Disabled",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"POST",
"body":[
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"name\"",
"",
"test",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is a very small test file..",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is another very small test file..",
"--------------------------756b6d74fa1a8ee2--"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine Off",
"SecRequestBodyLimitAction Reject",
"SecRequestBodyLimit 5"
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRequestBodyLimitAction Reject - Engine Detection Only",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"POST",
"body":[
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"name\"",
"",
"test",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is a very small test file..",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is another very small test file..",
"--------------------------756b6d74fa1a8ee2--"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine DetectionOnly",
"SecRequestBodyLimitAction Reject",
"SecRequestBodyLimit 5"
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRequestBodyLimitAction ProcessPartial",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"POST",
"body":[
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"name\"",
"",
"test",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is a very small test file..",
"--------------------------756b6d74fa1a8ee2",
"Content-Disposition: form-data; name=\"filedata\"; filename=\"small_text_file.txt\"",
"Content-Type: text/plain",
"",
"This is another very small test file..",
"--------------------------756b6d74fa1a8ee2--"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyLimitAction ProcessPartial",
"SecRequestBodyLimit 5"
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecResponseBodyLimitAction Reject - Engine Disabled",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine Off",
"SecResponseBodyLimitAction Reject",
"SecResponseBodyLimit 5"
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecResponseBodyLimitAction Reject - Engine Detection Only",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine DetectionOnly",
"SecResponseBodyLimitAction Reject",
"SecResponseBodyLimit 5"
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRequestBodyNoFilesLimit - urlencoded, limit exceeded",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "41",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2&param3=value3"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Request body excluding files is bigger than the maximum expected.",
"http_code":400
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRequestBodyNoFilesLimit 20",
"SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRequestBodyNoFilesLimit - urlencoded, limit not exceeded",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "41",
"Content-Type": "application/x-www-form-urlencoded"
},
"uri":"/",
"method":"POST",
"body": [
"param1=value1&param2=value2&param3=value3"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRequestBodyNoFilesLimit 60",
"SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRequestBodyNoFilesLimit - json, limit exceeded",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "41",
"Content-Type": "application/json"
},
"uri":"/",
"method":"POST",
"body": [
"{\"param1\":{\"param2\":\"value2\",\"param3\":\"value3\"}}"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Request body excluding files is bigger than the maximum expected.",
"http_code":400
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRequestBodyNoFilesLimit 20",
"SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"",
"SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRequestBodyNoFilesLimit - json, limit not exceeded",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "41",
"Content-Type": "application/json"
},
"uri":"/",
"method":"POST",
"body": [
"{\"param1\":{\"param2\":\"value2\",\"param3\":\"value3\"}}"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRequestBodyNoFilesLimit 80",
"SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"",
"SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\""
]
},
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"SecRequestBodyNoFilesLimit - xml, limit exceeded",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "77",
"Content-Type": "application/xml"
},
"uri":"/",
"method":"POST",
"body": [
"<?xml version=\"1.0\" encoding=\"UTF-8\"?><aaa><bbb>ccc</bbb><ddd>eee</ddd></aaa>"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Request body excluding files is bigger than the maximum expected.",
"http_code":400
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRequestBodyNoFilesLimit 20",
"SecRule REQUEST_HEADERS:Content-Type \"(?:application(?:/soap\\+|/)|text/)xml\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML\"",
"SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\""
]
},
{
"enabled":1,
"version_min":300000,
"resource":"libxml2",
"title":"SecRequestBodyNoFilesLimit - xml, limit not exceeded",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "77",
"Content-Type": "application/xml"
},
"uri":"/",
"method":"POST",
"body": [
"<?xml version=\"1.0\" encoding=\"UTF-8\"?><aaa><bbb>ccc</bbb><ddd>eee</ddd></aaa>"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRequestBodyNoFilesLimit 90",
"SecRule REQUEST_HEADERS:Content-Type \"(?:application(?:/soap\\+|/)|text/)xml\" \"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML\"",
"SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRequestBodyNoFilesLimit - multipart, limit exceeded",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "77",
"Content-Type": "multipart/form-data; boundary=0000"
},
"uri":"/",
"method":"POST",
"body": [
"--0000",
"Content-Disposition: form-data; name=\"a\"",
"",
"1",
"--0000",
"Content-Disposition: form-data; name=\"b\"; filename=\"c.txt\"",
"",
"2222222222222222222222222222222222222222222222222222222222222222222222",
"--0000--"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Request body excluding files is bigger than the maximum expected.",
"http_code":400
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRequestBodyNoFilesLimit 80",
"SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRequestBodyNoFilesLimit - multipart, limit not exceeded",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length": "77",
"Content-Type": "multipart/form-data; boundary=0000"
},
"uri":"/",
"method":"POST",
"body": [
"--0000",
"Content-Disposition: form-data; name=\"a\"",
"",
"1",
"--0000",
"Content-Disposition: form-data; name=\"b\"; filename=\"c.txt\"",
"",
"2222222222222222222222222222222222222222222222222222222222222222222222",
"--0000--"
]
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"http_code":200
},
"rules":[
"SecRuleEngine On",
"SecRequestBodyAccess On",
"SecRequestBodyNoFilesLimit 120",
"SecRule REQBODY_ERROR \"!@eq 0\" \"id:'200002', phase:2,t:none,log,deny,status:400,msg:'Failed to parse request body.',logdata:'%{reqbody_error_msg}',severity:2\""
]
}
]

86
src/deps/src/modsecurity/test/test-cases/regression/config-calling_phases_by_name.json vendored Normal file
View file

@ -0,0 +1,86 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Testing Config :: Phases by name (1/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)"
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS:key \"@contains other_value\" \"id:1,phase:request,pass,chain\"",
"SecRule MATCHED_VAR \"@contains asdf\" \"\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Testing Config :: Phases by name (2/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Target value: \"other_value\" \\(Variable: MATCHED_VAR\\)"
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS:key \"@contains other_value\" \"chain,pass,phase:response,id:28\"",
"SecRule MATCHED_VAR \"@contains Aasdf\" \"\"",
"SecResponseBodyAccess On",
"SecRule MATCHED_VAR \"@contains other_value\" \"id:29,phase:response,pass\"",
"SecRule MATCHED_VAR \"@contains other_value\" \"id:30,phase:response,pass\""
]
}
]

55
src/deps/src/modsecurity/test/test-cases/regression/config-include-bad.json vendored Normal file
View file

@ -0,0 +1,55 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Include - bad rule",
"expected":{
"parser_error": "Rules error. File: test-cases/data/config_example3.txt. Line: 2. Column: 66. Expecting an action, got: ops \"id:1000,pass,t:trim\""
},
"rules":[
"SecRuleEngine On",
"Include test-cases/data/config_example3.txt",
"SecRule ARGS \"@missing_operator test\" \"id:19,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include - missing file",
"expected":{
"parser_error": "Rules error. File: config-include-bad.json. Line: 2. Column: 46. test-cases/data/config_example-ops.txt: Not able to open file."
},
"rules":[
"SecRuleEngine On",
"Include test-cases/data/config_example-ops.txt",
"SecRule ARGS \"@contains test\" \"id:19,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include - missing at include",
"expected":{
"parser_error": "Rules error. File: test-cases/data/config_example-ops-include.txt. Line: 1. Column: 52. test-cases/data/config_example-not-exist.txt: Not able to open file."
},
"rules":[
"SecRuleEngine On",
"Include test-cases/data/config_example-ops-include.txt",
"SecRule ARGS \"@contains test\" \"id:19,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include - duplicate id",
"expected":{
"parser_error": "Rule id: 40 is duplicated"
},
"rules":[
"SecRuleEngine On",
"Include test-cases/data/config_example.txt",
"Include test-cases/data/config_example.txt",
"SecRule ARGS \"@missing_operator test\" \"id:19,pass,t:trim\""
]
}
]

323
src/deps/src/modsecurity/test/test-cases/regression/config-include.json vendored Normal file
View file

@ -0,0 +1,323 @@
[
{
"enabled":1,
"version_min":300000,
"title":"Include (1/8)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS."
},
"rules":[
"SecRuleEngine On",
"Include test-cases/data/config_example2.txt",
"SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include (2/8)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Executing operator \"Contains\" with param \"config_example\" against ARGS."
},
"rules":[
"SecRuleEngine On",
"Include test-cases/data/config_example.txt",
"SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include (3/8)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS."
},
"rules":[
"SecRuleEngine On",
"Include test-cases/data/config_example2.txt",
"SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include (4/8)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Executing operator \"Contains\" with param \"test\" against ARGS."
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\"",
"Include test-cases/data/config_example2.txt"
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include (5/8)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS."
},
"rules":[
"SecRuleEngine On",
"SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"",
"Include test-cases/data/config_example.txt",
"SecRule ARGS \"@contains test\" \"id:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include (6/8)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Executing operator \"Contains\" with param \"test\" against ARGS."
},
"rules":[
"SecRuleEngine On",
"Include test-cases/data/config_example2.txt",
"SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include (7/8)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"parser_error":"Looking at: 'test-cases/data/conasdffig_example2.txt'"
},
"rules":[
"SecRuleEngine On",
"Include test-cases/data/conasdffig_example2.txt",
"SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"Include (8/8) -- quoted with wildcard",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Executing operator \"Contains\" with param \"config_example2\" against ARGS."
},
"rules":[
"SecRuleEngine On",
"Include \"test-cases/data/config_ex*ple2.txt\"",
"SecRule ARGS \"@contains test\" \"id:9,pass,t:trim\""
]
}
]

125
src/deps/src/modsecurity/test/test-cases/regression/config-remove_by_id.json vendored Normal file
View file

@ -0,0 +1,125 @@
[
{
"enabled":1,
"version_min":300000,
"title":"SecRuleRemoveById (1/3)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Skipped rule id '2'. Removed by an SecRuleRemove directive."
},
"rules":[
"SecRuleRemoveById 2",
"SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleRemoveById (2/3)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Skipped rule id '2'. Removed by an SecRuleRemove directive."
},
"rules":[
"SecRuleRemoveById 1-3",
"SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleRemoveById (3/3)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Skipped rule id '2'. Removed by an SecRuleRemove directive."
},
"rules":[
"SecRuleRemoveById 1 2-3",
"SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:3,pass,t:trim\""
]
}
]

84
src/deps/src/modsecurity/test/test-cases/regression/config-remove_by_msg.json vendored Normal file
View file

@ -0,0 +1,84 @@
[
{
"enabled":1,
"version_min":300000,
"title":"SecRuleRemoveByMsg (1/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Skipped rule id '2'. Removed by a SecRuleRemoveByMsg directive."
},
"rules":[
"SecRuleRemoveByMsg tag123",
"SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:2,pass,t:trim,msg:'tag123'\"",
"SecRule ARGS \"@contains test\" \"id:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleRemoveByMsg (2/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Skipped rule id '3'. Removed by a SecRuleRemoveByMsg directive."
},
"rules":[
"SecRuleRemoveByMsg whee",
"SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:3,pass,t:trim,msg:'whee'\""
]
}
]

84
src/deps/src/modsecurity/test/test-cases/regression/config-remove_by_tag.json vendored Normal file
View file

@ -0,0 +1,84 @@
[
{
"enabled":1,
"version_min":300000,
"title":"SecRuleRemoveByTag (1/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Skipped rule id '2'. Removed by a SecRuleRemoveByTag directive"
},
"rules":[
"SecRuleRemoveByTag tag123",
"SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:2,pass,t:trim,tag:tag123\"",
"SecRule ARGS \"@contains test\" \"id:3,pass,t:trim\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecRuleRemoveByTag (2/2)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Skipped rule id '3'. Removed by a SecRuleRemoveByTag directive."
},
"rules":[
"SecRuleRemoveByTag whee",
"SecRule ARGS \"@contains test\" \"id:1,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:2,pass,t:trim\"",
"SecRule ARGS \"@contains test\" \"id:3,pass,t:trim,tag:whee\""
]
}
]

128
src/deps/src/modsecurity/test/test-cases/regression/config-response_type.json vendored Normal file
View file

@ -0,0 +1,128 @@
[
{
"enabled":1,
"version_min":300000,
"title":"SecResponseBodyMimeType (1/3)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"T \\(0\\) t:trim: \"no need.\""
},
"rules":[
"SecRuleEngine On",
"SecResponseBodyAccess On",
"SecResponseBodyMimeType text\/plain text\/html text\/xml",
"SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecResponseBodyMimeType (2/3)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Response Content-Type is text/html. It is not marked to be inspected."
},
"rules":[
"SecRuleEngine On",
"SecResponseBodyAccess On",
"SecResponseBodyMimeType application\/something",
"SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\""
]
},
{
"enabled":1,
"version_min":300000,
"title":"SecResponseBodyMimeType (3/3)",
"client":{
"ip":"200.249.12.31",
"port":123
},
"server":{
"ip":"200.249.12.31",
"port":80
},
"request":{
"headers":{
"Host":"localhost",
"User-Agent":"curl/7.38.0",
"Accept":"*/*"
},
"uri":"/?key=value&key=other_value",
"method":"GET"
},
"response":{
"headers":{
"Date":"Mon, 13 Jul 2015 20:02:41 GMT",
"Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
"Content-Type":"text/html"
},
"body":[
"no need."
]
},
"expected":{
"debug_log":"Response Content-Type is text/html. It is not marked to be inspected."
},
"rules":[
"SecRuleEngine On",
"SecResponseBodyAccess On",
"SecResponseBodyMimeType text\/plain text\/tml text\/xml",
"SecResponseBodyMimeTypesClear",
"SecRule RESPONSE_BODY \"@contains RESPONSE_CONTENT_TYPE\" \"id:9,pass,t:trim,phase:4\""
]
}
]

Some files were not shown because too many files have changed in this diff Show more