1 ### Tests for directives altering how a request is handled
6 comment => "SecArgumentSeparator (get-pos)",
9 SecArgumentSeparator ";"
10 SecRule ARGS:a "@streq 1" "phase:1,deny,chain"
11 SecRule ARGS:b "@streq 2"
14 error => [ qr/Access denied with code 403 \(phase 1\)\. String match "2" at ARGS:b\./, 1 ],
19 request => new HTTP::Request(
20 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?a=1;b=2",
25 comment => "SecArgumentSeparator (get-neg)",
28 SecRule ARGS:a "@streq 1" "phase:1,deny,chain"
29 SecRule ARGS:b "@streq 2"
32 -error => [ qr/Access denied/, 1 ],
37 request => new HTTP::Request(
38 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt?a=1;b=2",
43 comment => "SecArgumentSeparator (post-pos)",
46 SecRequestBodyAccess On
47 SecArgumentSeparator ";"
48 SecRule ARGS:a "@streq 1" "phase:2,deny,chain"
49 SecRule ARGS:b "@streq 2"
52 error => [ qr/Access denied with code 403 \(phase 2\)\. String match "2" at ARGS:b\./, 1 ],
57 request => new HTTP::Request(
58 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
60 "Content-Type" => "application/x-www-form-urlencoded",
67 comment => "SecArgumentSeparator (post-neg)",
70 SecRequestBodyAccess On
71 SecRule ARGS:a "@streq 1" "phase:2,deny"
72 SecRule ARGS:b "@streq 2" "phase:2,deny"
75 -error => [ qr/Access denied/, 1 ],
80 request => new HTTP::Request(
81 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
83 "Content-Type" => "application/x-www-form-urlencoded",
89 # SecRequestBodyAccess
92 comment => "SecRequestBodyAccess (pos)",
95 SecRequestBodyAccess On
96 SecRule ARGS:a "\@streq 1" "phase:2,deny,chain"
97 SecRule ARGS:b "\@streq 2"
100 error => [ qr/Access denied with code 403 \(phase 2\)\. String match "2" at ARGS:b\./, 1 ],
105 request => new HTTP::Request(
106 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
108 "Content-Type" => "application/x-www-form-urlencoded",
115 comment => "SecRequestBodyAccess (neg)",
118 SecRequestBodyAccess Off
119 SecRule ARGS:a "\@streq 1" "phase:2,deny"
120 SecRule ARGS:b "\@streq 2" "phase:2,deny"
123 -error => [ qr/Access denied/, 1 ],
128 request => new HTTP::Request(
129 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
131 "Content-Type" => "application/x-www-form-urlencoded",
137 # SecRequestBodyLimit
140 comment => "SecRequestBodyLimit (equal)",
143 SecRequestBodyAccess On
144 SecRequestBodyLimit 7
147 -error => [ qr/Request body is larger than the configured limit/, 1 ],
152 request => new HTTP::Request(
153 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
155 "Content-Type" => "application/x-www-form-urlencoded",
162 comment => "SecRequestBodyLimit (greater)",
165 SecRequestBodyAccess On
166 SecRequestBodyLimit 5
169 error => [ qr/Request body .*is larger than the configured limit \(5\)\./, 1 ],
174 request => new HTTP::Request(
175 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
177 "Content-Type" => "application/x-www-form-urlencoded",
184 comment => "SecRequestBodyLimit (equal - chunked)",
187 SecRequestBodyAccess On
188 SecRequestBodyLimit 276
191 -error => [ qr/Request body is larger than the configured limit/, 1 ],
196 request => normalize_raw_request_data(
198 POST /test.txt HTTP/1.1
199 Host: $ENV{SERVER_NAME}:$ENV{SERVER_PORT}
200 User-Agent: $ENV{USER_AGENT}
201 Content-Type: multipart/form-data; boundary=---------------------------69343412719991675451336310646
202 Transfer-Encoding: chunked
207 normalize_raw_request_data(
209 -----------------------------69343412719991675451336310646
210 Content-Disposition: form-data; name="a"
213 -----------------------------69343412719991675451336310646
214 Content-Disposition: form-data; name="b"
217 -----------------------------69343412719991675451336310646--
225 comment => "SecRequestBodyLimit (greater - chunked)",
228 SecRequestBodyAccess On
229 SecRequestBodyLimit 256
232 error => [ qr/Request body .*is larger than the configured limit \(256\)\./, 1 ],
237 request => normalize_raw_request_data(
239 POST /test.txt HTTP/1.1
240 Host: $ENV{SERVER_NAME}:$ENV{SERVER_PORT}
241 User-Agent: $ENV{USER_AGENT}
242 Content-Type: multipart/form-data; boundary=---------------------------69343412719991675451336310646
243 Transfer-Encoding: chunked
248 normalize_raw_request_data(
250 -----------------------------69343412719991675451336310646
251 Content-Disposition: form-data; name="a"
254 -----------------------------69343412719991675451336310646
255 Content-Disposition: form-data; name="b"
258 -----------------------------69343412719991675451336310646--
266 comment => "SecRequestBodyLimit (ctl:ruleEngine=off)",
269 SecRequestBodyAccess On
270 SecRequestBodyLimit 5
272 SecAction "phase:1,pass,nolog,ctl:ruleEngine=off"
273 SecRule REQUEST_BODY "." "phase:2,deny"
276 -error => [ qr/Request body .*is larger than the configured limit/, 1 ],
281 request => new HTTP::Request(
282 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
284 "Content-Type" => "application/x-www-form-urlencoded",
291 comment => "SecRequestBodyLimit (ctl:requestBodyAccess=off)",
294 SecRequestBodyAccess On
295 SecRequestBodyLimit 5
297 SecAction "phase:1,pass,nolog,ctl:requestBodyAccess=off"
298 SecRule REQUEST_BODY "." "phase:2,deny"
301 -error => [ qr/Request body .*is larger than the configured limit/, 1 ],
306 request => new HTTP::Request(
307 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
309 "Content-Type" => "application/x-www-form-urlencoded",
316 comment => "SecRequestBodyLimit (ctl:ruleEngine=off - chunked)",
319 SecRequestBodyAccess On
320 SecRequestBodyLimit 256
322 SecAction "phase:1,pass,nolog,ctl:ruleEngine=off"
323 SecRule REQUEST_BODY "." "phase:2,deny"
326 -error => [ qr/Request body .*is larger than the configured limit/, 1 ],
331 request => normalize_raw_request_data(
333 POST /test.txt HTTP/1.1
334 Host: $ENV{SERVER_NAME}:$ENV{SERVER_PORT}
335 User-Agent: $ENV{USER_AGENT}
336 Content-Type: multipart/form-data; boundary=---------------------------69343412719991675451336310646
337 Transfer-Encoding: chunked
342 normalize_raw_request_data(
344 -----------------------------69343412719991675451336310646
345 Content-Disposition: form-data; name="a"
348 -----------------------------69343412719991675451336310646
349 Content-Disposition: form-data; name="b"
352 -----------------------------69343412719991675451336310646--
360 comment => "SecRequestBodyLimit (ctl:requestBodyAccess=off - chunked)",
363 SecRequestBodyAccess On
364 SecRequestBodyLimit 256
366 SecAction "phase:1,pass,nolog,ctl:requestBodyAccess=off"
367 SecRule REQUEST_BODY "." "phase:2,deny"
370 -error => [ qr/Request body .*is larger than the configured limit \(256\)\./, 1 ],
375 request => normalize_raw_request_data(
377 POST /test.txt HTTP/1.1
378 Host: $ENV{SERVER_NAME}:$ENV{SERVER_PORT}
379 User-Agent: $ENV{USER_AGENT}
380 Content-Type: multipart/form-data; boundary=---------------------------69343412719991675451336310646
381 Transfer-Encoding: chunked
386 normalize_raw_request_data(
388 -----------------------------69343412719991675451336310646
389 Content-Disposition: form-data; name="a"
392 -----------------------------69343412719991675451336310646
393 Content-Disposition: form-data; name="b"
396 -----------------------------69343412719991675451336310646--
403 # SecRequestBodyInMemoryLimit
406 comment => "SecRequestBodyInMemoryLimit (equal)",
409 SecDebugLog $ENV{DEBUG_LOG}
411 SecRequestBodyAccess On
412 SecRequestBodyLimit 1000
413 SecRequestBodyInMemoryLimit 276
416 -debug => [ qr/Input filter: Request too large to store in memory, switching to disk\./, 1 ],
421 request => normalize_raw_request_data(
423 POST /test.txt HTTP/1.1
424 Host: $ENV{SERVER_NAME}:$ENV{SERVER_PORT}
425 User-Agent: $ENV{USER_AGENT}
426 Content-Type: multipart/form-data; boundary=---------------------------69343412719991675451336310646
427 Transfer-Encoding: chunked
432 normalize_raw_request_data(
434 -----------------------------69343412719991675451336310646
435 Content-Disposition: form-data; name="a"
438 -----------------------------69343412719991675451336310646
439 Content-Disposition: form-data; name="b"
442 -----------------------------69343412719991675451336310646--
450 comment => "SecRequestBodyInMemoryLimit (greater)",
453 SecDebugLog $ENV{DEBUG_LOG}
455 SecRequestBodyAccess On
456 SecRequestBodyLimit 1000
457 SecRequestBodyInMemoryLimit 16
460 debug => [ qr/Input filter: Request too large to store in memory, switching to disk\./, 1 ],
465 request => normalize_raw_request_data(
467 POST /test.txt HTTP/1.1
468 Host: $ENV{SERVER_NAME}:$ENV{SERVER_PORT}
469 User-Agent: $ENV{USER_AGENT}
470 Content-Type: multipart/form-data; boundary=---------------------------69343412719991675451336310646
471 Transfer-Encoding: chunked
476 normalize_raw_request_data(
478 -----------------------------69343412719991675451336310646
479 Content-Disposition: form-data; name="a"
482 -----------------------------69343412719991675451336310646
483 Content-Disposition: form-data; name="b"
486 -----------------------------69343412719991675451336310646--
496 comment => "SecCookieFormat (pos)",
499 SecDebugLog $ENV{DEBUG_LOG}
502 SecRule REQUEST_COOKIES_NAMES "\@streq SESSIONID" "phase:1,deny,chain"
503 SecRule REQUEST_COOKIES:\$SESSIONID_PATH "\@streq /" "chain"
504 SecRule REQUEST_COOKIES:SESSIONID "\@streq cookieval"
507 error => [ qr/Access denied with code 403 \(phase 1\)\. String match "cookieval" at REQUEST_COOKIES:SESSIONID\./, 1 ],
508 debug => [ qr(Adding request cookie: name "\$SESSIONID_PATH", value "/"), 1 ],
513 request => new HTTP::Request(
514 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
516 "Cookie" => q($Version="1"; SESSIONID="cookieval"; $PATH="/"),
523 comment => "SecCookieFormat (neg)",
526 SecDebugLog $ENV{DEBUG_LOG}
529 SecRule REQUEST_COOKIES_NAMES "\@streq SESSIONID" "phase:1,deny,chain"
530 SecRule REQUEST_COOKIES:\$SESSIONID_PATH "\@streq /" "chain"
531 SecRule REQUEST_COOKIES:SESSIONID "\@streq cookieval"
534 -error => [ qr/Access denied/, 1 ],
535 -debug => [ qr(Adding request cookie: name "\$SESSIONID_PATH", value "/"), 1 ],
540 request => new HTTP::Request(
541 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
543 "Cookie" => q($Version="1"; SESSIONID="cookieval"; $PATH="/"),