source-git / mod_security

Clone
Source Code
GIT

Blame tests/regression/rule/10-xml.t

c8 c8s master
  1.   384592efa1429cbfb4d7f37e97830055f99c6751
  2.   tests
  3.   regression
  4.   rule
  5.   10-xml.t
Blob History Raw
Packit Service 384592 
### Test for XML operator rules
Packit Service 384592
Packit Service 384592 
### Validate Scheme
Packit Service 384592 
# OK
Packit Service 384592 
{
Packit Service 384592 
	type => "rule",
Packit Service 384592 
	comment => "validateSchema (validate ok)",
Packit Service 384592 
	conf => qq(
Packit Service 384592 
		SecRuleEngine On
Packit Service 384592 
		SecRequestBodyAccess On
Packit Service 384592 
        SecXmlExternalEntity On
Packit Service 384592 
		SecDebugLog $ENV{DEBUG_LOG}
Packit Service 384592 
		SecDebugLogLevel 9
Packit Service 384592 
		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500005, \\
Packit Service 384592 
		        phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
Packit Service 384592 
		SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500006
Packit Service 384592 
		SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" "id:500007, \\
Packit Service 384592 
		        phase:3:,deny"
Packit Service 384592 
	),
Packit Service 384592 
	match_log => {
Packit Service 384592 
		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Successfully validated payload against Schema/s, 1 ],
Packit Service 384592 
		-debug => [ qr/XML parser error|validation failed|Failed to load/, 1 ],
Packit Service 384592 
		-error => [ qr/XML parser error|validation failed|Failed to load/, 1 ],
Packit Service 384592 
	},
Packit Service 384592 
	match_response => {
Packit Service 384592 
		status => qr/^200$/,
Packit Service 384592 
	},
Packit Service 384592 
	request => new HTTP::Request(
Packit Service 384592 
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
Packit Service 384592 
		[
Packit Service 384592 
			"Content-Type" => "text/xml",
Packit Service 384592 
		],
Packit Service 384592 
		normalize_raw_request_data(
Packit Service 384592 
			q(
Packit Service 384592
Packit Service 384592
Packit Service 384592 
				xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
Packit Service 384592 
				xmlns:tns="http://www.bluebank.example.com/axis/getBalance.jws"
Packit Service 384592 
				xmlns:types="http://www.bluebank.example.com/axis/getBalance.jws/encodedTypes"
Packit Service 384592 
				xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Packit Service 384592 
				xmlns:xsd="http://www.w3.org/2001/XMLSchema">
Packit Service 384592 
						<soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
Packit Service 384592 
								<q1:getInput xmlns:q1="http://DefaultNamespace">
Packit Service 384592 
										<id xsi:type="xsd:string">12123</id>
Packit Service 384592 
								</q1:getInput>
Packit Service 384592 
						</soap:Body>
Packit Service 384592 
				</soap:Envelope>
Packit Service 384592 
			),
Packit Service 384592 
		),
Packit Service 384592 
	),
Packit Service 384592 
},
Packit Service 384592 
# Failed attribute value
Packit Service 384592 
{
Packit Service 384592 
	type => "rule",
Packit Service 384592 
	comment => "validateSchema (validate attribute value failed)",
Packit Service 384592 
	conf => qq(
Packit Service 384592 
		SecRuleEngine On
Packit Service 384592 
		SecRequestBodyAccess On
Packit Service 384592 
        SecXmlExternalEntity On
Packit Service 384592 
		SecDebugLog $ENV{DEBUG_LOG}
Packit Service 384592 
		SecDebugLogLevel 9
Packit Service 384592 
		SecAuditEngine RelevantOnly
Packit Service 384592 
		SecAuditLog "$ENV{AUDIT_LOG}"
Packit Service 384592 
		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500008, \\
Packit Service 384592 
		        phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
Packit Service 384592 
		SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500009
Packit Service 384592 
		SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" "id:500010 \\
Packit Service 384592 
		        phase:2,deny,log,auditlog,id:12345"
Packit Service 384592 
	),
Packit Service 384592 
	match_log => {
Packit Service 384592 
		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*'badval' is not a valid value of the local atomic type.*Schema validation failed/s, 1 ],
Packit Service 384592 
		-debug => [ qr/Successfully validated payload against Schema|\n\r?\n/, 1 ],
Packit Service 384592 
		audit => [ qr/^Message: Element.*'badval' is not a valid value of the local atomic type\.\nMessage:/m, 1 ],
Packit Service 384592 
	},
Packit Service 384592 
	match_response => {
Packit Service 384592 
		status => qr/^403$/,
Packit Service 384592 
	},
Packit Service 384592 
	request => new HTTP::Request(
Packit Service 384592 
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
Packit Service 384592 
		[
Packit Service 384592 
			"Content-Type" => "text/xml",
Packit Service 384592 
		],
Packit Service 384592 
		normalize_raw_request_data(
Packit Service 384592 
			q(
Packit Service 384592
Packit Service 384592
Packit Service 384592 
				xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
Packit Service 384592 
				xmlns:tns="http://www.bluebank.example.com/axis/getBalance.jws"
Packit Service 384592 
				xmlns:types="http://www.bluebank.example.com/axis/getBalance.jws/encodedTypes"
Packit Service 384592 
				xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Packit Service 384592 
				xmlns:xsd="http://www.w3.org/2001/XMLSchema">
Packit Service 384592 
						<soap:Body soap:mustUnderstand="badval" soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
Packit Service 384592 
								<q1:getInput xmlns:q1="http://DefaultNamespace">
Packit Service 384592 
										<id xsi:type="xsd:string">12123</id>
Packit Service 384592 
								</q1:getInput>
Packit Service 384592 
						</soap:Body>
Packit Service 384592 
				</soap:Envelope>
Packit Service 384592 
			),
Packit Service 384592 
		),
Packit Service 384592 
	),
Packit Service 384592 
},
Packit Service 384592 
# Failed validation
Packit Service 384592 
{
Packit Service 384592 
	type => "rule",
Packit Service 384592 
	comment => "validateSchema (validate failed)",
Packit Service 384592 
	conf => qq(
Packit Service 384592 
		SecRuleEngine On
Packit Service 384592 
		SecRequestBodyAccess On
Packit Service 384592 
        SecXmlExternalEntity On
Packit Service 384592 
		SecDebugLog $ENV{DEBUG_LOG}
Packit Service 384592 
		SecDebugLogLevel 9
Packit Service 384592 
		SecAuditEngine RelevantOnly
Packit Service 384592 
		SecAuditLog "$ENV{AUDIT_LOG}"
Packit Service 384592 
		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500011, \\
Packit Service 384592 
		        phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
Packit Service 384592 
		SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500012
Packit Service 384592 
		SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" "id:500013 \\
Packit Service 384592 
		        phase:2,deny,id:12345"
Packit Service 384592 
	),
Packit Service 384592 
	match_log => {
Packit Service 384592 
		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*element is not expected/s, 1 ],
Packit Service 384592 
		-debug => [ qr/XML parser error|Failed to load/, 1 ],
Packit Service 384592 
		-error => [ qr/XML parser error|Failed to load/, 1 ],
Packit Service 384592 
		audit => [ qr/^Message: Element.*This element is not expected.*\nMessage:/m, 1 ],
Packit Service 384592 
	},
Packit Service 384592 
	match_response => {
Packit Service 384592 
		status => qr/^403$/,
Packit Service 384592 
	},
Packit Service 384592 
	request => new HTTP::Request(
Packit Service 384592 
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
Packit Service 384592 
		[
Packit Service 384592 
			"Content-Type" => "text/xml",
Packit Service 384592 
		],
Packit Service 384592 
		normalize_raw_request_data(
Packit Service 384592 
			q(
Packit Service 384592
Packit Service 384592
Packit Service 384592 
				xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
Packit Service 384592 
				xmlns:tns="http://www.bluebank.example.com/axis/getBalance.jws"
Packit Service 384592 
				xmlns:types="http://www.bluebank.example.com/axis/getBalance.jws/encodedTypes"
Packit Service 384592 
				xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Packit Service 384592 
				xmlns:xsd="http://www.w3.org/2001/XMLSchema">
Packit Service 384592 
						<soap:xBody soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
Packit Service 384592 
								<q1:getInput xmlns:q1="http://DefaultNamespace">
Packit Service 384592 
										<id xsi:type="xsd:string">12123</id>
Packit Service 384592 
								</q1:getInput>
Packit Service 384592 
						</soap:xBody>
Packit Service 384592 
				</soap:Envelope>
Packit Service 384592 
			),
Packit Service 384592 
		),
Packit Service 384592 
	),
Packit Service 384592 
},
Packit Service 384592 
# Bad XML
Packit Service 384592 
{
Packit Service 384592 
	type => "rule",
Packit Service 384592 
	comment => "validateSchema (bad XML)",
Packit Service 384592 
	conf => qq(
Packit Service 384592 
		SecRuleEngine On
Packit Service 384592 
		SecRequestBodyAccess On
Packit Service 384592 
        SecXmlExternalEntity On
Packit Service 384592 
		SecDebugLog $ENV{DEBUG_LOG}
Packit Service 384592 
		SecDebugLogLevel 9
Packit Service 384592 
		SecAuditEngine RelevantOnly
Packit Service 384592 
		SecAuditLog "$ENV{AUDIT_LOG}"
Packit Service 384592 
		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500014, \\
Packit Service 384592 
		        phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
Packit Service 384592 
		SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500015
Packit Service 384592 
		SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope.xsd" "id:500016, \\
Packit Service 384592 
		        phase:2,deny,id:12345"
Packit Service 384592 
	),
Packit Service 384592 
	match_log => {
Packit Service 384592 
		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation failed because content is not well formed/s, 1 ],
Packit Service 384592 
		-debug => [ qr/Failed to load|Successfully validated/, 1 ],
Packit Service 384592 
		-error => [ qr/Failed to load|Successfully validated/, 1 ],
Packit Service 384592 
		audit => [ qr/^Message: .*Failed parsing document.*\nMessage:/m, 1 ],
Packit Service 384592 
	},
Packit Service 384592 
	match_response => {
Packit Service 384592 
		status => qr/^403$/,
Packit Service 384592 
	},
Packit Service 384592 
	request => new HTTP::Request(
Packit Service 384592 
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
Packit Service 384592 
		[
Packit Service 384592 
			"Content-Type" => "text/xml",
Packit Service 384592 
		],
Packit Service 384592 
		normalize_raw_request_data(
Packit Service 384592 
			q(
Packit Service 384592
Packit Service 384592
Packit Service 384592 
				xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
Packit Service 384592 
				xmlns:tns="http://www.bluebank.example.com/axis/getBalance.jws"
Packit Service 384592 
				xmlns:types="http://www.bluebank.example.com/axis/getBalance.jws/encodedTypes"
Packit Service 384592 
				xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Packit Service 384592 
				xmlns:xsd="http://www.w3.org/2001/XMLSchema">
Packit Service 384592 
						<soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
Packit Service 384592 
								<q1:getInput xmlns:q1="http://DefaultNamespace">
Packit Service 384592 
										<id xsi:type="xsd:string">12123</id>
Packit Service 384592 
								</q1:getInput>
Packit Service 384592 
						</soap:Body>
Packit Service 384592 
				</soap:Envelope>
Packit Service 384592 
			),
Packit Service 384592 
		),
Packit Service 384592 
	),
Packit Service 384592 
},
Packit Service 384592 
# Bad schema
Packit Service 384592 
{
Packit Service 384592 
	type => "rule",
Packit Service 384592 
	comment => "validateSchema (bad schema)",
Packit Service 384592 
	conf => qq(
Packit Service 384592 
		SecRuleEngine On
Packit Service 384592 
		SecRequestBodyAccess On
Packit Service 384592 
        SecXmlExternalEntity On
Packit Service 384592 
		SecDebugLog $ENV{DEBUG_LOG}
Packit Service 384592 
		SecDebugLogLevel 9
Packit Service 384592 
		SecAuditEngine RelevantOnly
Packit Service 384592 
		SecAuditLog "$ENV{AUDIT_LOG}"
Packit Service 384592 
		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500017 \\
Packit Service 384592 
		        phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
Packit Service 384592 
		SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500018
Packit Service 384592 
		SecRule XML "\@validateSchema $ENV{CONF_DIR}/SoapEnvelope-bad.xsd" "id:500019 \\
Packit Service 384592 
		        phase:2,deny,id:12345"
Packit Service 384592 
	),
Packit Service 384592 
	match_log => {
Packit Service 384592 
		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Failed to parse the XML resource.*Failed to load Schema/s, 1 ],
Packit Service 384592 
		audit => [ qr/^Message: .*Failed to parse the XML resource.*\nMessage: Rule processing failed/m, 1 ],
Packit Service 384592 
	},
Packit Service 384592 
	match_response => {
Packit Service 384592 
		status => qr/^200$/,
Packit Service 384592 
	},
Packit Service 384592 
	request => new HTTP::Request(
Packit Service 384592 
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
Packit Service 384592 
		[
Packit Service 384592 
			"Content-Type" => "text/xml",
Packit Service 384592 
		],
Packit Service 384592 
		normalize_raw_request_data(
Packit Service 384592 
			q(
Packit Service 384592
Packit Service 384592
Packit Service 384592 
				xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
Packit Service 384592 
				xmlns:tns="http://www.bluebank.example.com/axis/getBalance.jws"
Packit Service 384592 
				xmlns:types="http://www.bluebank.example.com/axis/getBalance.jws/encodedTypes"
Packit Service 384592 
				xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Packit Service 384592 
				xmlns:xsd="http://www.w3.org/2001/XMLSchema">
Packit Service 384592 
						<soap:Body soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
Packit Service 384592 
								<q1:getInput xmlns:q1="http://DefaultNamespace">
Packit Service 384592 
										<id xsi:type="xsd:string">12123</id>
Packit Service 384592 
								</q1:getInput>
Packit Service 384592 
						</soap:Body>
Packit Service 384592 
				</soap:Envelope>
Packit Service 384592 
			),
Packit Service 384592 
		),
Packit Service 384592 
	),
Packit Service 384592 
},
Packit Service 384592
Packit Service 384592 
# Validate DTD
Packit Service 384592 
# OK
Packit Service 384592 
{
Packit Service 384592 
	type => "rule",
Packit Service 384592 
	comment => "validateDTD (validate ok)",
Packit Service 384592 
	conf => qq(
Packit Service 384592 
		SecRuleEngine On
Packit Service 384592 
		SecRequestBodyAccess On
Packit Service 384592 
        SecXmlExternalEntity On
Packit Service 384592 
		SecDebugLog $ENV{DEBUG_LOG}
Packit Service 384592 
		SecDebugLogLevel 9
Packit Service 384592 
		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500020, \\
Packit Service 384592 
		        phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
Packit Service 384592 
		SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500021
Packit Service 384592 
		SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" "id:500022, \\
Packit Service 384592 
		        phase:2,deny,id:12345"
Packit Service 384592 
	),
Packit Service 384592 
	match_log => {
Packit Service 384592 
		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Successfully validated payload against DTD/s, 1 ],
Packit Service 384592 
		-debug => [ qr/XML parser error|validation failed|Failed to load/, 1 ],
Packit Service 384592 
		-error => [ qr/XML parser error|validation failed|Failed to load/, 1 ],
Packit Service 384592 
	},
Packit Service 384592 
	match_response => {
Packit Service 384592 
		status => qr/^200$/,
Packit Service 384592 
	},
Packit Service 384592 
	request => new HTTP::Request(
Packit Service 384592 
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
Packit Service 384592 
		[
Packit Service 384592 
			"Content-Type" => "text/xml",
Packit Service 384592 
		],
Packit Service 384592 
		normalize_raw_request_data(
Packit Service 384592 
			q(
Packit Service 384592
Packit Service 384592
Packit Service 384592 
				<Envelope>
Packit Service 384592 
						<Body>
Packit Service 384592 
								<getInput>
Packit Service 384592 
										<id type="string">12123</id>
Packit Service 384592 
								</getInput>
Packit Service 384592 
						</Body>
Packit Service 384592 
				</Envelope>
Packit Service 384592 
			),
Packit Service 384592 
		),
Packit Service 384592 
	),
Packit Service 384592 
},
Packit Service 384592 
# Failed validation
Packit Service 384592 
{
Packit Service 384592 
	type => "rule",
Packit Service 384592 
	comment => "validateDTD (validate failed)",
Packit Service 384592 
	conf => qq(
Packit Service 384592 
		SecRuleEngine On
Packit Service 384592 
		SecRequestBodyAccess On
Packit Service 384592 
        SecXmlExternalEntity On
Packit Service 384592 
		SecDebugLog $ENV{DEBUG_LOG}
Packit Service 384592 
		SecDebugLogLevel 9
Packit Service 384592 
		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500023, \\
Packit Service 384592 
		        phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
Packit Service 384592 
		SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500024
Packit Service 384592 
		SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" "id:500025, \\
Packit Service 384592 
		        phase:2,deny,id:12345"
Packit Service 384592 
	),
Packit Service 384592 
	match_log => {
Packit Service 384592 
		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*content does not follow the DTD/s, 1 ],
Packit Service 384592 
		-debug => [ qr/XML parser error|Failed to load/, 1 ],
Packit Service 384592 
		-error => [ qr/XML parser error|Failed to load/, 1 ],
Packit Service 384592 
	},
Packit Service 384592 
	match_response => {
Packit Service 384592 
		status => qr/^403$/,
Packit Service 384592 
	},
Packit Service 384592 
	request => new HTTP::Request(
Packit Service 384592 
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
Packit Service 384592 
		[
Packit Service 384592 
			"Content-Type" => "text/xml",
Packit Service 384592 
		],
Packit Service 384592 
		normalize_raw_request_data(
Packit Service 384592 
			q(
Packit Service 384592
Packit Service 384592
Packit Service 384592 
				<Envelope>
Packit Service 384592 
						<xBody>
Packit Service 384592 
								<getInput>
Packit Service 384592 
										<id type="string">12123</id>
Packit Service 384592 
								</getInput>
Packit Service 384592 
						</xBody>
Packit Service 384592 
				</Envelope>
Packit Service 384592 
			),
Packit Service 384592 
		),
Packit Service 384592 
	),
Packit Service 384592 
},
Packit Service 384592 
# Bad XML
Packit Service 384592 
{
Packit Service 384592 
	type => "rule",
Packit Service 384592 
	comment => "validateDTD (bad XML)",
Packit Service 384592 
	conf => qq(
Packit Service 384592 
		SecRuleEngine On
Packit Service 384592 
		SecRequestBodyAccess On
Packit Service 384592 
        SecXmlExternalEntity On
Packit Service 384592 
		SecDebugLog $ENV{DEBUG_LOG}
Packit Service 384592 
		SecDebugLogLevel 9
Packit Service 384592 
		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500026, \\
Packit Service 384592 
		        phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
Packit Service 384592 
		SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500027
Packit Service 384592 
		SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope.dtd" "id:500028, \\
Packit Service 384592 
		        phase:2,deny,id:12345"
Packit Service 384592 
	),
Packit Service 384592 
	match_log => {
Packit Service 384592 
		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 0\).*XML parser error.*validation failed because content is not well formed/s, 1 ],
Packit Service 384592 
		-debug => [ qr/Failed to load|Successfully validated/, 1 ],
Packit Service 384592 
		-error => [ qr/Failed to load|Successfully validated/, 1 ],
Packit Service 384592 
	},
Packit Service 384592 
	match_response => {
Packit Service 384592 
		status => qr/^403$/,
Packit Service 384592 
	},
Packit Service 384592 
	request => new HTTP::Request(
Packit Service 384592 
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
Packit Service 384592 
		[
Packit Service 384592 
			"Content-Type" => "text/xml",
Packit Service 384592 
		],
Packit Service 384592 
		normalize_raw_request_data(
Packit Service 384592 
			q(
Packit Service 384592
Packit Service 384592
Packit Service 384592 
				<Envelop>
Packit Service 384592 
						<Body>
Packit Service 384592 
								<getInput>
Packit Service 384592 
										<id type="string">12123</id>
Packit Service 384592 
								</getInput>
Packit Service 384592 
						</Body>
Packit Service 384592 
				</Envelope>
Packit Service 384592 
			),
Packit Service 384592 
		),
Packit Service 384592 
	),
Packit Service 384592 
},
Packit Service 384592 
# Bad DTD
Packit Service 384592 
{
Packit Service 384592 
	type => "rule",
Packit Service 384592 
	comment => "validateDTD (bad DTD)",
Packit Service 384592 
	conf => qq(
Packit Service 384592 
		SecRuleEngine On
Packit Service 384592 
		SecRequestBodyAccess On
Packit Service 384592 
        SecXmlExternalEntity On
Packit Service 384592 
		SecDebugLog $ENV{DEBUG_LOG}
Packit Service 384592 
		SecDebugLogLevel 9
Packit Service 384592 
		SecRule REQUEST_HEADERS:Content-Type "^text/xml\$" "id:500029, \\
Packit Service 384592 
		        phase:1,t:none,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML"
Packit Service 384592 
		SecRule REQBODY_PROCESSOR "!^XML\$" nolog,pass,skipAfter:12345,id:500030
Packit Service 384592 
		SecRule XML "\@validateDTD $ENV{CONF_DIR}/SoapEnvelope-bad.dtd" "id:500031 \\
Packit Service 384592 
		        phase:2,deny,id:12345"
Packit Service 384592 
	),
Packit Service 384592 
	match_log => {
Packit Service 384592 
		debug => [ qr/XML: Initialising parser.*XML: Parsing complete \(well_formed 1\).*Target value: "\[XML document tree\]".*Failed to load DTD/s, 1 ],
Packit Service 384592 
	},
Packit Service 384592 
	match_response => {
Packit Service 384592 
		status => qr/^200$/,
Packit Service 384592 
	},
Packit Service 384592 
	request => new HTTP::Request(
Packit Service 384592 
		POST => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt",
Packit Service 384592 
		[
Packit Service 384592 
			"Content-Type" => "text/xml",
Packit Service 384592 
		],
Packit Service 384592 
		normalize_raw_request_data(
Packit Service 384592 
			q(
Packit Service 384592
Packit Service 384592
Packit Service 384592 
				<Envelope>
Packit Service 384592 
						<Body>
Packit Service 384592 
								<getInput>
Packit Service 384592 
										<id type="string">12123</id>
Packit Service 384592 
								</getInput>
Packit Service 384592 
						</Body>
Packit Service 384592 
				</Envelope>
Packit Service 384592 
			),
Packit Service 384592 
		),
Packit Service 384592 
	),
Packit Service 384592 
},

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation