|
Packit |
284210 |
### Transformation Caching
|
|
Packit |
284210 |
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
type => "misc",
|
|
Packit |
284210 |
comment => "tfncache (simple fully cached)",
|
|
Packit |
284210 |
conf => qq(
|
|
Packit |
284210 |
SecRuleEngine On
|
|
Packit |
284210 |
SecDebugLog $ENV{DEBUG_LOG}
|
|
Packit |
284210 |
SecDebugLogLevel 9
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# We need to make this work no matter what the defaults may change to
|
|
Packit |
284210 |
SecCacheTransformations On "minlen:1,maxlen:0"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should cache it
|
|
Packit |
284210 |
SecRule ARGS_GET "WillNotMatch" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog,id:500037"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should use the cached value
|
|
Packit |
284210 |
SecRule ARGS_GET:test "foobar" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,deny,id:500038"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
match_log => {
|
|
Packit |
284210 |
debug => [ qr/removeWhiteSpace,lowercase: "foobar" .*cached/, 1 ],
|
|
Packit |
284210 |
-debug => [ qr/partially cached/, 1 ],
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
match_response => {
|
|
Packit |
284210 |
status => qr/^403$/,
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
request => new HTTP::Request(
|
|
Packit |
284210 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html?test=Foo+Bar",
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
type => "misc",
|
|
Packit |
284210 |
comment => "tfncache (simple partially cached)",
|
|
Packit |
284210 |
conf => qq(
|
|
Packit |
284210 |
SecRuleEngine On
|
|
Packit |
284210 |
SecDebugLog $ENV{DEBUG_LOG}
|
|
Packit |
284210 |
SecDebugLogLevel 9
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# We need to make this work no matter what the defaults may change to
|
|
Packit |
284210 |
SecCacheTransformations On "minlen:1,maxlen:0,incremental:off,maxitems:0"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should cache it
|
|
Packit |
284210 |
SecRule ARGS_GET "WillNotMatch" "phase:1,t:none,t:removeWhiteSpace,pass,nolog,id:500039"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should use the partially cached value
|
|
Packit |
284210 |
SecRule ARGS_GET:test "foobar" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,deny,id:500040"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
match_log => {
|
|
Packit |
284210 |
debug => [ qr/removeWhiteSpace: "FooBar" .*partially cached/, 1 ],
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
match_response => {
|
|
Packit |
284210 |
status => qr/^403$/,
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
request => new HTTP::Request(
|
|
Packit |
284210 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html?test=Foo+Bar",
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
type => "misc",
|
|
Packit |
284210 |
comment => "tfncache (separate phases)",
|
|
Packit |
284210 |
conf => qq(
|
|
Packit |
284210 |
SecRuleEngine On
|
|
Packit |
284210 |
SecDebugLog $ENV{DEBUG_LOG}
|
|
Packit |
284210 |
SecDebugLogLevel 9
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# We need to make this work no matter what the defaults may change to
|
|
Packit |
284210 |
SecCacheTransformations On "minlen:1,maxlen:0"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should cache it
|
|
Packit |
284210 |
SecRule ARGS_GET "WillNotMatch" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog,id:500041"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should use the cached value
|
|
Packit |
284210 |
SecRule ARGS_GET:test "foobar" "phase:2,t:none,t:removeWhiteSpace,t:lowercase,deny,id:500042"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
match_log => {
|
|
Packit |
284210 |
-debug => [ qr/removeWhiteSpace,lowercase: "foobar" .*cached/, 1 ],
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
match_response => {
|
|
Packit |
284210 |
status => qr/^403$/,
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
request => new HTTP::Request(
|
|
Packit |
284210 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html?test=Foo+Bar",
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
type => "misc",
|
|
Packit |
284210 |
comment => "tfncache (non-modifying tfns cached)",
|
|
Packit |
284210 |
conf => qq(
|
|
Packit |
284210 |
SecRuleEngine On
|
|
Packit |
284210 |
SecDebugLog $ENV{DEBUG_LOG}
|
|
Packit |
284210 |
SecDebugLogLevel 9
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# We need to make this work no matter what the defaults may change to
|
|
Packit |
284210 |
SecCacheTransformations On "minlen:1,maxlen:0"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should cache it
|
|
Packit |
284210 |
SecRule ARGS_GET "WillNotMatch" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog,id:500043"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should use the cached value
|
|
Packit |
284210 |
SecRule ARGS_GET:test "foobar" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,deny,id:500044"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
match_log => {
|
|
Packit |
284210 |
debug => [ qr/removeWhiteSpace,lowercase: "foobar" .*cached/, 1 ],
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
match_response => {
|
|
Packit |
284210 |
status => qr/^403$/,
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
request => new HTTP::Request(
|
|
Packit |
284210 |
GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html?test=foo+bar",
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
type => "misc",
|
|
Packit |
284210 |
comment => "tfncache (unique keys)",
|
|
Packit |
284210 |
conf => qq(
|
|
Packit |
284210 |
SecRuleEngine On
|
|
Packit |
284210 |
SecDebugLog $ENV{DEBUG_LOG}
|
|
Packit |
284210 |
SecDebugLogLevel 9
|
|
Packit |
284210 |
SecRequestBodyAccess On
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# We need to make this work no matter what the defaults may change to
|
|
Packit |
284210 |
SecCacheTransformations On "minlen:1,maxlen:0"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should cache it
|
|
Packit |
284210 |
SecRule ARGS "WillNotMatch" "phase:2,t:none,t:removeWhiteSpace,t:lowercase,pass,id:500045"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should see cached versions of *both* ARGS_GET
|
|
Packit |
284210 |
SecRule ARGS:test "queryval" "phase:2,t:none,t:removeWhiteSpace,t:lowercase,deny,chain,id:500046"
|
|
Packit |
284210 |
SecRule ARGS:test "firstval" "t:none,t:removeWhiteSpace,t:lowercase,chain"
|
|
Packit |
284210 |
SecRule ARGS:test "secondval" "t:none,t:removeWhiteSpace,t:lowercase"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
match_log => {
|
|
Packit |
284210 |
debug => [ qr/removeWhiteSpace,lowercase: "queryval" .*removeWhiteSpace,lowercase: "firstval" .*cached.*removeWhiteSpace,lowercase: "secondval" .*cached/s, 1 ],
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
match_response => {
|
|
Packit |
284210 |
status => qr/^403$/,
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
request => new HTTP::Request(
|
|
Packit |
284210 |
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html?test=Query+Val",
|
|
Packit |
284210 |
[
|
|
Packit |
284210 |
"Content-Type" => "application/x-www-form-urlencoded",
|
|
Packit |
284210 |
],
|
|
Packit |
284210 |
# Args
|
|
Packit |
284210 |
"test=First+Val&test=Second+Val",
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
{
|
|
Packit |
284210 |
type => "misc",
|
|
Packit |
284210 |
comment => "tfncache (large cache)",
|
|
Packit |
284210 |
conf => qq(
|
|
Packit |
284210 |
SecRuleEngine On
|
|
Packit |
284210 |
SecDebugLog $ENV{DEBUG_LOG}
|
|
Packit |
284210 |
SecDebugLogLevel 9
|
|
Packit |
284210 |
SecRequestBodyAccess On
|
|
Packit |
284210 |
|
|
Packit |
284210 |
SecRequestBodyNoFilesLimit 1048576
|
|
Packit |
284210 |
SecRequestBodyInMemoryLimit 131072
|
|
Packit |
284210 |
SecResponseBodyLimit 1048576
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# We need to make this work no matter what the defaults may change to
|
|
Packit |
284210 |
SecCacheTransformations On "minlen:1,maxlen:0,maxitems:0"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should cache it in all phases
|
|
Packit |
284210 |
SecRule ARGS "WillNotMatch" "phase:1,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog,id:500048"
|
|
Packit |
284210 |
SecRule ARGS "WillNotMatch" "phase:2,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog,id:500049"
|
|
Packit |
284210 |
SecRule ARGS "WillNotMatch" "phase:3,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog,id:500050"
|
|
Packit |
284210 |
SecRule ARGS "WillNotMatch" "phase:4,t:none,t:removeWhiteSpace,t:lowercase,pass,nolog,id:500051"
|
|
Packit |
284210 |
|
|
Packit |
284210 |
# This should use the cached value
|
|
Packit |
284210 |
SecRule ARGS "foobar" "phase:4,t:none,t:removeWhiteSpace,t:lowercase,deny,id:500052"
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
match_log => {
|
|
Packit |
284210 |
debug => [ qr/Adding request argument \(BODY\): name "test", value "Foo Bar"/, 60, "Waiting for httpd to process request: "],
|
|
Packit |
284210 |
-error => [ qr/segmentation fault/i, 60 ],
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
match_response => {
|
|
Packit |
284210 |
status => qr/^403$/,
|
|
Packit |
284210 |
},
|
|
Packit |
284210 |
request => new HTTP::Request(
|
|
Packit |
284210 |
POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/index.html",
|
|
Packit |
284210 |
[
|
|
Packit |
284210 |
"Content-Type" => "application/x-www-form-urlencoded",
|
|
Packit |
284210 |
],
|
|
Packit |
284210 |
# 1000 Args
|
|
Packit |
284210 |
join("&", map { sprintf "arg%08d=0123456789abcdef+0123456789ABCDEF+0123456789abcdef", $_ } (1 .. 1000))."&test=Foo+Bar",
|
|
Packit |
284210 |
),
|
|
Packit |
284210 |
},
|