Skip to content

Commit 89442ed

Browse files
airweenairween
committed
Change directives in tests; add multibyte test case
1 parent e8dc60e commit 89442ed

File tree

1 file changed

+54
-17
lines changed

1 file changed

+54
-17
lines changed

test/test-cases/regression/variable-XML.json

Lines changed: 54 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -81,7 +81,7 @@
8181
"rules":[
8282
"SecRuleEngine On",
8383
"SecRequestBodyAccess On",
84-
"SecParseXMLIntoArgs On",
84+
"SecParseXmlIntoArgs On",
8585
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
8686
"SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
8787
]
@@ -125,7 +125,7 @@
125125
"rules":[
126126
"SecRuleEngine On",
127127
"SecRequestBodyAccess On",
128-
"SecParseXMLIntoArgs On",
128+
"SecParseXmlIntoArgs On",
129129
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
130130
"SecRule XML:/* \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
131131
]
@@ -169,7 +169,7 @@
169169
"rules":[
170170
"SecRuleEngine On",
171171
"SecRequestBodyAccess On",
172-
"SecParseXMLIntoArgs OnlyArgs",
172+
"SecParseXmlIntoArgs OnlyArgs",
173173
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
174174
"SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
175175
]
@@ -213,7 +213,7 @@
213213
"rules":[
214214
"SecRuleEngine On",
215215
"SecRequestBodyAccess On",
216-
"SecParseXMLIntoArgs OnlyArgs",
216+
"SecParseXmlIntoArgs OnlyArgs",
217217
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
218218
"SecRule XML:/* \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
219219
]
@@ -257,7 +257,7 @@
257257
"rules":[
258258
"SecRuleEngine On",
259259
"SecRequestBodyAccess On",
260-
"SecParseXMLIntoArgs Off",
260+
"SecParseXmlIntoArgs Off",
261261
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
262262
"SecRule ARGS \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
263263
]
@@ -301,7 +301,7 @@
301301
"rules":[
302302
"SecRuleEngine On",
303303
"SecRequestBodyAccess On",
304-
"SecParseXMLIntoArgs Off",
304+
"SecParseXmlIntoArgs Off",
305305
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
306306
"SecRule XML:/* \"@rx aaa\" \"id:500012,phase:2,t:none,t:lowercase,log,deny,status:403\""
307307
]
@@ -345,7 +345,7 @@
345345
"rules":[
346346
"SecRuleEngine On",
347347
"SecRequestBodyAccess On",
348-
"SecParseXMLIntoArgs On",
348+
"SecParseXmlIntoArgs On",
349349
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
350350
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=Off\"",
351351
"SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
@@ -390,7 +390,7 @@
390390
"rules":[
391391
"SecRuleEngine On",
392392
"SecRequestBodyAccess On",
393-
"SecParseXMLIntoArgs On",
393+
"SecParseXmlIntoArgs On",
394394
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
395395
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=Off\"",
396396
"SecRule XML:/* \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
@@ -435,7 +435,7 @@
435435
"rules":[
436436
"SecRuleEngine On",
437437
"SecRequestBodyAccess On",
438-
"SecParseXMLIntoArgs On",
438+
"SecParseXmlIntoArgs On",
439439
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
440440
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=OnlyArgs\"",
441441
"SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
@@ -481,14 +481,12 @@
481481
"rules":[
482482
"SecRuleEngine On",
483483
"SecRequestBodyAccess On",
484-
"SecParseXMLIntoArgs On",
484+
"SecParseXmlIntoArgs On",
485485
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
486486
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=OnlyArgs\"",
487487
"SecRule XML:/* \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
488488
]
489-
}
490-
491-
,
489+
},
492490
{
493491
"enabled":1,
494492
"version_min":300000,
@@ -528,7 +526,7 @@
528526
"rules":[
529527
"SecRuleEngine On",
530528
"SecRequestBodyAccess On",
531-
"SecParseXMLIntoArgs Off",
529+
"SecParseXmlIntoArgs Off",
532530
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
533531
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=On\"",
534532
"SecRule ARGS:xml.bookstore.some-tag \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
@@ -540,7 +538,7 @@
540538
"resource":"libxml2",
541539
"title":"Testing XML parsing to ARGS with Off, turn On with ctl, check XML",
542540
"expected":{
543-
"http_code": 200
541+
"http_code": 403
544542
},
545543
"client":{
546544
"ip":"200.249.12.31",
@@ -572,12 +570,51 @@
572570
},
573571
"rules":[
574572
"SecRuleEngine On",
575-
"SecRequestBodyAccess Off",
576-
"SecParseXMLIntoArgs On",
573+
"SecRequestBodyAccess On",
574+
"SecParseXmlIntoArgs Off",
577575
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
578576
"SecRule ARGS_GET:q \"@rx xml\" \"id:500012,phase:1,t:none,t:lowercase,ctl:parseXmlIntoArgs=On\"",
579577
"SecRule XML:/* \"@rx aaa\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
580578
]
579+
},
580+
{
581+
"enabled":1,
582+
"version_min":300000,
583+
"resource":"libxml2",
584+
"title":"Testing XML parsing to ARGS with On, node contains utf8 character",
585+
"expected":{
586+
"http_code": 403
587+
},
588+
"client":{
589+
"ip":"200.249.12.31",
590+
"port":123
591+
},
592+
"request":{
593+
"headers":{
594+
"Host":"localhost",
595+
"User-Agent":"curl/7.38.0",
596+
"Accept":"*/*",
597+
"Content-Type": "text/xml"
598+
},
599+
"uri":"/?q=xml",
600+
"method":"POST",
601+
"body": [
602+
"<pizza>",
603+
"<has>pineapple</has><has>🍍</has>",
604+
"</pizza>"
605+
]
606+
},
607+
"server":{
608+
"ip":"200.249.12.31",
609+
"port":80
610+
},
611+
"rules":[
612+
"SecRuleEngine On",
613+
"SecRequestBodyAccess On",
614+
"SecParseXmlIntoArgs On",
615+
"SecRule REQUEST_HEADERS:Content-Type \"^text/xml$\" \"id:500011,phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML\"",
616+
"SecRule ARGS \"@rx 🍍\" \"id:500013,phase:2,t:none,t:lowercase,log,deny,status:403\""
617+
]
581618
}
582619
]
583620

0 commit comments

Comments
 (0)