1 ### Transformation Caching
5 comment => "tfncache (simple fully cached)",
8 SecDebugLog $ENV{DEBUG_LOG}
11 # We need to make this work no matter what the defaults may change to
12 SecCacheTransformations On "minlen:1,maxlen:0"
14 # This should cache it
15 SecRule ARGS_GET "WillNotMatch" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog"
17 # This should use the cached value
18 SecRule ARGS_GET:test "foobar" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,deny"
21 debug => [ qr/removeWhiteSpace,lowercase: "foobar" .*cached/, 1 ],
22 -debug => [ qr/partially cached/, 1 ],
27 request => new HTTP::Request(
28 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html?test=Foo+Bar",
33 comment => "tfncache (simple partially cached)",
36 SecDebugLog $ENV{DEBUG_LOG}
39 # We need to make this work no matter what the defaults may change to
40 SecCacheTransformations On "minlen:1,maxlen:0,incremental:off,maxitems:0"
42 # This should cache it
43 SecRule ARGS_GET "WillNotMatch" "phase:1,t:none,t:removeWhiteSpace,pass,nolog"
45 # This should use the partially cached value
46 SecRule ARGS_GET:test "foobar" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,deny"
49 debug => [ qr/removeWhiteSpace: "FooBar" .*partially cached/, 1 ],
54 request => new HTTP::Request(
55 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html?test=Foo+Bar",
60 comment => "tfncache (separate phases)",
63 SecDebugLog $ENV{DEBUG_LOG}
66 # We need to make this work no matter what the defaults may change to
67 SecCacheTransformations On "minlen:1,maxlen:0"
69 # This should cache it
70 SecRule ARGS_GET "WillNotMatch" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog"
72 # This should use the cached value
73 SecRule ARGS_GET:test "foobar" "phase:2,t:none,t:removeWhiteSpace,t:lowercase,deny"
76 -debug => [ qr/removeWhiteSpace,lowercase: "foobar" .*cached/, 1 ],
81 request => new HTTP::Request(
82 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html?test=Foo+Bar",
87 comment => "tfncache (non-modifying tfns cached)",
90 SecDebugLog $ENV{DEBUG_LOG}
93 # We need to make this work no matter what the defaults may change to
94 SecCacheTransformations On "minlen:1,maxlen:0"
96 # This should cache it
97 SecRule ARGS_GET "WillNotMatch" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog"
99 # This should use the cached value
100 SecRule ARGS_GET:test "foobar" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,deny"
103 debug => [ qr/removeWhiteSpace,lowercase: "foobar" .*cached/, 1 ],
108 request => new HTTP::Request(
109 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html?test=foo+bar",
114 comment => "tfncache (unique keys)",
117 SecDebugLog $ENV{DEBUG_LOG}
119 SecRequestBodyAccess On
121 # We need to make this work no matter what the defaults may change to
122 SecCacheTransformations On "minlen:1,maxlen:0"
124 # This should cache it
125 SecRule ARGS "WillNotMatch" "phase:2,t:none,t:removeWhiteSpace,t:lowercase,pass"
127 # This should see cached versions of *both* ARGS_GET
128 SecRule ARGS:test "queryval" "phase:2,t:none,t:removeWhiteSpace,t:lowercase,deny,chain"
129 SecRule ARGS:test "firstval" "t:none,t:removeWhiteSpace,t:lowercase,chain"
130 SecRule ARGS:test "secondval" "t:none,t:removeWhiteSpace,t:lowercase"
133 debug => [ qr/removeWhiteSpace,lowercase: "queryval" .*removeWhiteSpace,lowercase: "firstval" .*cached.*removeWhiteSpace,lowercase: "secondval" .*cached/s, 1 ],
138 request => new HTTP::Request(
139 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html?test=Query+Val",
141 "Content-Type" => "application/x-www-form-urlencoded",
144 "test=First+Val&test=Second+Val",
149 comment => "tfncache (large cache)",
152 SecDebugLog $ENV{DEBUG_LOG}
154 SecRequestBodyAccess On
156 <IfDefine MODSEC_2.5>
157 SecRequestBodyNoFilesLimit 1048576
159 SecRequestBodyInMemoryLimit 131072
160 SecResponseBodyLimit 1048576
162 # We need to make this work no matter what the defaults may change to
163 SecCacheTransformations On "minlen:1,maxlen:0,maxitems:0"
165 # This should cache it in all phases
166 SecRule ARGS "WillNotMatch" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog"
167 SecRule ARGS "WillNotMatch" "phase:2,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog"
168 SecRule ARGS "WillNotMatch" "phase:3,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog"
169 SecRule ARGS "WillNotMatch" "phase:4,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog"
171 # This should use the cached value
172 SecRule ARGS "foobar" "phase:4,t:none,t:removeWhiteSpace,t:lowercase,deny"
175 debug => [ qr/Adding request argument \(BODY\): name "test", value "Foo Bar"/, 60, "Waiting for httpd to process request: "],
176 -error => [ qr/segmentation fault/i, 60 ],
181 request => new HTTP::Request(
182 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",
184 "Content-Type" => "application/x-www-form-urlencoded",
187 join("&", map { sprintf "arg%08d=0123456789abcdef+0123456789ABCDEF+0123456789abcdef", $_ } (1 .. 1000))."&test=Foo+Bar",