Skip to content
This repository was archived by the owner on May 14, 2020. It is now read-only.

Commit 1e5aa03

Browse files
csanders-gitcsanders-git
authored
Merge pull request #804 from fgsch/fgsch/issue_801
Apply transformations to the correct rule
2 parents f58ea8d + 3eb61e2 commit 1e5aa03

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1054,7 +1054,7 @@ SecRule REQUEST_BASENAME "\.(.*)$" \
10541054
"chain,\
10551055
capture,\
10561056
phase:request,\
1057-
t:none,t:urlDecodeUni,t:lowercase,\
1057+
t:none,\
10581058
block,\
10591059
msg:'URL file extension is restricted by policy',\
10601060
severity:'CRITICAL',\
@@ -1074,7 +1074,7 @@ SecRule REQUEST_BASENAME "\.(.*)$" \
10741074
tag:'PCI/6.5.10',\
10751075
setvar:tx.extension=.%{tx.1}/"
10761076
SecRule TX:EXTENSION "@within %{tx.restricted_extensions}" \
1077-
"t:none,\
1077+
"t:none,t:urlDecodeUni,t:lowercase,\
10781078
setvar:'tx.msg=%{rule.msg}',\
10791079
setvar:tx.anomaly_score=+%{tx.critical_anomaly_score},\
10801080
setvar:tx.%{rule.id}-OWASP_CRS/POLICY/EXT_RESTRICTED-%{matched_var_name}=%{matched_var}"

0 commit comments

Comments
 (0)