1 ### Test for XML operator rules
7 comment => "validateSchema (validate ok)",
10 SecRequestBodyAccess On
11 SecDebugLog $ENV{DEBUG_LOG}
13 SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\
14 "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
15 SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345
16 SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" \\
17 "phase:2,deny,id:12345"
20 debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Successfully validated payload against Schema/s, 1 ],
21 -debug => [ qr/XML parser error|validation failed|Failed to load/, 1 ],
22 -error => [ qr/XML parser error|validation failed|Failed to load/, 1 ],
27 request => new HTTP::Request(
28 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
30 "Content-Type" => "text/xml",
32 normalize_raw_request_data(
34 <?xml version="1.0" encoding="utf-8"?>
35 <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
36 xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
37 xmlns:tns="http://www.bluebank.example.com/axis/getBalance.jws"
38 xmlns:types="http://www.bluebank.example.com/axis/getBalance.jws/encodedTypes"
39 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
40 xmlns:xsd="http://www.w3.org/2001/XMLSchema">
41 <soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
42 <q1:getInput xmlns:q1="http://DefaultNamespace">
43 <id xsi:type="xsd:string">12123</id>
51 # Failed attribute value
54 comment => "validateSchema (validate attribute value failed)",
57 SecRequestBodyAccess On
58 SecDebugLog $ENV{DEBUG_LOG}
60 SecAuditEngine RelevantOnly
61 SecAuditLog "$ENV{AUDIT_LOG}"
62 SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\
63 "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
64 SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345
65 SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" \\
66 "phase:2,deny,log,auditlog,id:12345"
69 debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*'badval' is not a valid value of the local atomic type.*Schema validation failed/s, 1 ],
70 -debug => [ qr/Successfully validated payload against Schema|\n\r?\n/, 1 ],
71 audit => [ qr/^Message: Element.*'badval' is not a valid value of the local atomic type\.\nMessage:/m, 1 ],
76 request => new HTTP::Request(
77 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
79 "Content-Type" => "text/xml",
81 normalize_raw_request_data(
83 <?xml version="1.0" encoding="utf-8"?>
84 <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
85 xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
86 xmlns:tns="http://www.bluebank.example.com/axis/getBalance.jws"
87 xmlns:types="http://www.bluebank.example.com/axis/getBalance.jws/encodedTypes"
88 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
89 xmlns:xsd="http://www.w3.org/2001/XMLSchema">
90 <soap:Body soap:mustUnderstand="badval" soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
91 <q1:getInput xmlns:q1="http://DefaultNamespace">
92 <id xsi:type="xsd:string">12123</id>
103 comment => "validateSchema (validate failed)",
106 SecRequestBodyAccess On
107 SecDebugLog $ENV{DEBUG_LOG}
109 SecAuditEngine RelevantOnly
110 SecAuditLog "$ENV{AUDIT_LOG}"
111 SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\
112 "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
113 SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345
114 SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" \\
115 "phase:2,deny,id:12345"
118 debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*element is not expected/s, 1 ],
119 -debug => [ qr/XML parser error|Failed to load/, 1 ],
120 -error => [ qr/XML parser error|Failed to load/, 1 ],
121 audit => [ qr/^Message: Element.*This element is not expected.*\nMessage:/m, 1 ],
126 request => new HTTP::Request(
127 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
129 "Content-Type" => "text/xml",
131 normalize_raw_request_data(
133 <?xml version="1.0" encoding="utf-8"?>
134 <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
135 xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
136 xmlns:tns="http://www.bluebank.example.com/axis/getBalance.jws"
137 xmlns:types="http://www.bluebank.example.com/axis/getBalance.jws/encodedTypes"
138 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
139 xmlns:xsd="http://www.w3.org/2001/XMLSchema">
140 <soap:xBody soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
141 <q1:getInput xmlns:q1="http://DefaultNamespace">
142 <id xsi:type="xsd:string">12123</id>
153 comment => "validateSchema (bad XML)",
156 SecRequestBodyAccess On
157 SecDebugLog $ENV{DEBUG_LOG}
159 SecAuditEngine RelevantOnly
160 SecAuditLog "$ENV{AUDIT_LOG}"
161 SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\
162 "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
163 SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345
164 SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" \\
165 "phase:2,deny,id:12345"
168 debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation failed because content is not well formed/s, 1 ],
169 -debug => [ qr/Failed to load|Successfully validated/, 1 ],
170 -error => [ qr/Failed to load|Successfully validated/, 1 ],
171 audit => [ qr/^Message: .*Failed parsing document.*\nMessage:/m, 1 ],
176 request => new HTTP::Request(
177 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
179 "Content-Type" => "text/xml",
181 normalize_raw_request_data(
183 <?xml version="1.0" encoding="utf-8"?>
184 <soap:Envelop xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
185 xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
186 xmlns:tns="http://www.bluebank.example.com/axis/getBalance.jws"
187 xmlns:types="http://www.bluebank.example.com/axis/getBalance.jws/encodedTypes"
188 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
189 xmlns:xsd="http://www.w3.org/2001/XMLSchema">
190 <soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
191 <q1:getInput xmlns:q1="http://DefaultNamespace">
192 <id xsi:type="xsd:string">12123</id>
203 comment => "validateSchema (bad schema)",
206 SecRequestBodyAccess On
207 SecDebugLog $ENV{DEBUG_LOG}
209 SecAuditEngine RelevantOnly
210 SecAuditLog "$ENV{AUDIT_LOG}"
211 SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\
212 "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
213 SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345
214 SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope-bad.xsd" \\
215 "phase:2,deny,id:12345"
218 debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Failed to parse the XML resource.*Failed to load Schema/s, 1 ],
219 audit => [ qr/^Message: .*Failed to parse the XML resource.*\nMessage: Rule processing failed/m, 1 ],
224 request => new HTTP::Request(
225 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
227 "Content-Type" => "text/xml",
229 normalize_raw_request_data(
231 <?xml version="1.0" encoding="utf-8"?>
232 <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
233 xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
234 xmlns:tns="http://www.bluebank.example.com/axis/getBalance.jws"
235 xmlns:types="http://www.bluebank.example.com/axis/getBalance.jws/encodedTypes"
236 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
237 xmlns:xsd="http://www.w3.org/2001/XMLSchema">
238 <soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
239 <q1:getInput xmlns:q1="http://DefaultNamespace">
240 <id xsi:type="xsd:string">12123</id>
253 comment => "validateDTD (validate ok)",
256 SecRequestBodyAccess On
257 SecDebugLog $ENV{DEBUG_LOG}
259 SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\
260 "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
261 SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345
262 SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" \\
263 "phase:2,deny,id:12345"
266 debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Successfully validated payload against DTD/s, 1 ],
267 -debug => [ qr/XML parser error|validation failed|Failed to load/, 1 ],
268 -error => [ qr/XML parser error|validation failed|Failed to load/, 1 ],
273 request => new HTTP::Request(
274 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
276 "Content-Type" => "text/xml",
278 normalize_raw_request_data(
280 <?xml version="1.0" encoding="utf-8"?>
281 <!DOCTYPE Envelope SYSTEM "SoapEnvelope.dtd">
285 <id type="string">12123</id>
296 comment => "validateDTD (validate failed)",
299 SecRequestBodyAccess On
300 SecDebugLog $ENV{DEBUG_LOG}
302 SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\
303 "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
304 SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345
305 SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" \\
306 "phase:2,deny,id:12345"
309 debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*content does not follow the DTD/s, 1 ],
310 -debug => [ qr/XML parser error|Failed to load/, 1 ],
311 -error => [ qr/XML parser error|Failed to load/, 1 ],
316 request => new HTTP::Request(
317 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
319 "Content-Type" => "text/xml",
321 normalize_raw_request_data(
323 <?xml version="1.0" encoding="utf-8"?>
324 <!DOCTYPE Envelope SYSTEM "SoapEnvelope.dtd">
328 <id type="string">12123</id>
339 comment => "validateDTD (bad XML)",
342 SecRequestBodyAccess On
343 SecDebugLog $ENV{DEBUG_LOG}
345 SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\
346 "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
347 SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345
348 SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" \\
349 "phase:2,deny,id:12345"
352 debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation failed because content is not well formed/s, 1 ],
353 -debug => [ qr/Failed to load|Successfully validated/, 1 ],
354 -error => [ qr/Failed to load|Successfully validated/, 1 ],
359 request => new HTTP::Request(
360 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
362 "Content-Type" => "text/xml",
364 normalize_raw_request_data(
366 <?xml version="1.0" encoding="utf-8"?>
367 <!DOCTYPE Envelope SYSTEM "SoapEnvelope.dtd">
371 <id type="string">12123</id>
382 comment => "validateDTD (bad DTD)",
385 SecRequestBodyAccess On
386 SecDebugLog $ENV{DEBUG_LOG}
388 SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" \\
389 "phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
390 SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345
391 SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope-bad.dtd" \\
392 "phase:2,deny,id:12345"
395 debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Failed to load DTD/s, 1 ],
400 request => new HTTP::Request(
401 POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
403 "Content-Type" => "text/xml",
405 normalize_raw_request_data(
407 <?xml version="1.0" encoding="utf-8"?>
408 <!DOCTYPE Envelope SYSTEM "SoapEnvelope.dtd">
412 <id type="string">12123</id>