1 ### Misc directive tests
12 comment => "SecDefaultAction",
15 SecDefaultAction "phase:1,deny,status:500"
16 SecRule REQUEST_URI "test.txt"
19 error => [ qr/ModSecurity: Access denied with code 500 \(phase 1\)/, 1 ],
24 request => new HTTP::Request(
25 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
32 comment => "SecServerSignature On",
34 SecServerSignature "NewServerSignature"
37 error => [ qr/NewServerSignature/, 1 ],
41 raw => qr/^Server: +NewServerSignature$/m,
43 request => new HTTP::Request(
44 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
51 comment => "SecDataDir",
54 SecDataDir "$ENV{DATA_DIR}"
55 SecAction initcol:ip=%{REMOTE_ADDR},setvar:ip.dummy=1,pass
58 error => [ qr/ModSecurity: Warning. Unconditional match in SecAction\./, 1 ],
61 "$ENV{DATA_DIR}/ip.pag" => qr/\x00\x06dummy\x00\x00\x021\x00/,
66 request => new HTTP::Request(
67 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
71 # SecTmpDir/SecUploadDir/SecUploadKeepFiles
74 comment => "SecTmpDir/SecUploadDir/SecUploadKeepFiles",
77 SecRequestBodyAccess On
78 SecDebugLog $ENV{DEBUG_LOG}
80 SecTmpDir "$ENV{TEMP_DIR}"
82 SecUploadDir "$ENV{UPLOAD_DIR}"
85 # Get the filename and make sure the file exists
86 my $fn = match_log(debug => qr/Moved file from .* to ".*"\./, 5);
87 die "Failed to determine uploaded filename\n" unless (defined $fn);
89 $fn =~ s/Moved file from .* to "(.*)"\..*/$1/;
90 die "File does not exist: $fn\n" unless (-e $fn);
92 # Check the contents of the file
93 return 0 if (match_file($fn, qr/^TESTFILE$/m));
95 msg("Failed to match contents of uploaded file: $fn");
99 debug => [ qr/Created temporary file: $ENV{TEMP_DIR}/, 1 ],
100 -debug => [ qr/Failed to /, 1 ],
105 request => new HTTP::Request(
106 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
108 "Content-Type" => "multipart/form-data; boundary=---------------------------19813181771830765643996187206",
110 q(-----------------------------19813181771830765643996187206
111 Content-Disposition: form-data; name="upload-file"; filename="test"
112 Content-Type: application/octet-stream
115 -----------------------------19813181771830765643996187206
116 Content-Disposition: form-data; name="file"
119 -----------------------------19813181771830765643996187206--),
126 comment => "SecWebAppId",
129 SecRequestBodyAccess On
130 SecDebugLog $ENV{DEBUG_LOG}
132 SecAuditLog "$ENV{AUDIT_LOG}"
133 SecAuditEngine RelevantOnly
135 SecAction "pass,log,auditlog,id:1"
138 error => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
139 debug => [ qr/Warning\. Unconditional match in SecAction\./, 1 ],
140 audit => [ qr/^WebApp-Info: "app-1"/m, 1 ],
145 request => new HTTP::Request(
146 GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",