diff --git a/CHANGES b/CHANGES
index 13ea2d3239..ba3c8b4317 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,7 +1,8 @@
v3.0.4 - YYYY-MMM-DD (to be released)
-------------------------------------
-
+ - Make the boundary check less strict as per RFC2046
+ [Issue #1943 - @victorhora, @allanbomsft]
v3.0.3 - 2018-Nov-05
diff --git a/src/request_body_processor/multipart.cc b/src/request_body_processor/multipart.cc
index fdadc42a49..f302720aeb 100644
--- a/src/request_body_processor/multipart.cc
+++ b/src/request_body_processor/multipart.cc
@@ -158,41 +158,27 @@ int Multipart::boundary_characters_valid(const char *boundary) {
}
while ((c = *p) != '\0') {
- /* Control characters and space not allowed. */
- if (c < 32) {
+ // Check against allowed list defined in RFC2046 page 22
+ if (!(
+ ('0' <= c && c <= '9')
+ || ('A' <= c && c <= 'Z')
+ || ('a' <= c && c <= 'z')
+ || (c == ' ' && *(p + 1) != '\0') // space allowed, but not as last character
+ || c == '\''
+ || c == '('
+ || c == ')'
+ || c == '+'
+ || c == '_'
+ || c == ','
+ || c == '-'
+ || c == '.'
+ || c == '/'
+ || c == ':'
+ || c == '='
+ || c == '?'
+ )) {
return 0;
}
-
- /* Non-ASCII characters not allowed. */
- if (c > 126) {
- return 0;
- }
-
- switch (c) {
- /* Special characters not allowed. */
- case '(' :
- case ')' :
- case '<' :
- case '>' :
- case '@' :
- case ',' :
- case ';' :
- case ':' :
- case '\\' :
- case '"' :
- case '/' :
- case '[' :
- case ']' :
- case '?' :
- case '=' :
- return 0;
- break;
-
- default :
- /* Do nothing. */
- break;
- }
-
p++;
}
diff --git a/test/test-cases/regression/request-body-parser-multipart.json b/test/test-cases/regression/request-body-parser-multipart.json
index faf716a743..b9622807eb 100644
--- a/test/test-cases/regression/request-body-parser-multipart.json
+++ b/test/test-cases/regression/request-body-parser-multipart.json
@@ -1618,7 +1618,7 @@
{
"enabled":1,
"version_min":300000,
- "title":"multipart parser (boundary special char - trailing comma+token)",
+ "title":"multipart parser (boundary special char - trailing exclamation+token)",
"client":{
"ip":"200.249.12.31",
"port":123
@@ -1633,7 +1633,7 @@
"User-Agent":"curl/7.38.0",
"Accept":"*/*",
"Content-Length":"330",
- "Content-Type":"multipart/form-data;boundary=0000,1111",
+ "Content-Type":"multipart/form-data;boundary=0000!1111",
"Expect":"100-continue"
},
"uri":"/",
@@ -1850,7 +1850,7 @@
},
"expected":{
"http_code": 403,
- "debug_log": "boundary was quoted.*No boundaries found in payload"
+ "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted."
},
"rules":[
"SecRuleEngine On",
@@ -1911,7 +1911,7 @@
},
"expected":{
"http_code": 403,
- "debug_log": "boundary was quoted.*No boundaries found in payload"
+ "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted."
},
"rules":[
"SecRuleEngine On",
@@ -2448,796 +2448,796 @@
"SecRule FILES_SIZES:/^image/ \"@eq 0\" \"phase:2,deny,id:500167\"",
"SecRule &FILES_TMPNAMES \"!@eq 2\" \"phase:2,deny,id:500168\""
]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., no UNMATCH rule)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_token\"\r",
- "\r",
- "9e433de44c9e9b4ce19603269aa34edb\r",
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "----ea520cef1a2937d8e928e357992c8fdd\r",
- "Content-Transfer-Encoding: 7bit\r",
- "Content-Type: text/plain; charset=US-ASCII;\r",
- " format=flowed\r",
- "\r",
- "Test message, the txt file had been attached.\r",
- "\r",
- "--\r",
- "Ervin\r",
- "\r",
- "\r",
- "-------------------------------8842564605616207552020332273--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 200
- },
- "rules":[
- "SecRuleEngine On"
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., strict mode)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_token\"\r",
- "\r",
- "9e433de44c9e9b4ce19603269aa34edb\r",
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "----ea520cef1a2937d8e928e357992c8fdd\r",
- "Content-Transfer-Encoding: 7bit\r",
- "Content-Type: text/plain; charset=US-ASCII;\r",
- " format=flowed\r",
- "\r",
- "Test message, the txt file had been attached.\r",
- "\r",
- "--\r",
- "Ervin\r",
- "\r",
- "\r",
- "-------------------------------8842564605616207552020332273--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 403
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., wrong lead bound., strict mode)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-------------------------------8842564605616207552020332274\r",
- "Content-Disposition: form-data; name=\"_token\"\r",
- "\r",
- "9e433de44c9e9b4ce19603269aa34edb\r",
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "----ea520cef1a2937d8e928e357992c8fdd\r",
- "Content-Transfer-Encoding: 7bit\r",
- "Content-Type: text/plain; charset=US-ASCII;\r",
- " format=flowed\r",
- "\r",
- "Test message, the txt file had been attached.\r",
- "\r",
- "--\r",
- "Ervin\r",
- "\r",
- "\r",
- "-------------------------------8842564605616207552020332273--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 403
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., wrong sep. bound., strict mode)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_token\"\r",
- "\r",
- "9e433de44c9e9b4ce19603269aa34edb\r",
- "-------------------------------8842564605616207552020332274\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "----ea520cef1a2937d8e928e357992c8fdd\r",
- "Content-Transfer-Encoding: 7bit\r",
- "Content-Type: text/plain; charset=US-ASCII;\r",
- " format=flowed\r",
- "\r",
- "Test message, the txt file had been attached.\r",
- "\r",
- "--\r",
- "Ervin\r",
- "\r",
- "\r",
- "-------------------------------8842564605616207552020332273--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 403
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., wrong final bound.)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_token\"\r",
- "\r",
- "9e433de44c9e9b4ce19603269aa34edb\r",
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "----ea520cef1a2937d8e928e357992c8fdd\r",
- "Content-Transfer-Encoding: 7bit\r",
- "Content-Type: text/plain; charset=US-ASCII;\r",
- " format=flowed\r",
- "\r",
- "Test message, the txt file had been attached.\r",
- "\r",
- "--\r",
- "Ervin\r",
- "\r",
- "\r",
- "-------------------------------8842564605616207552020332274--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 403
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., one part, wrong lead)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-------------------------------8842564605616207552020332274\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "----ea520cef1a2937d8e928e357992c8fdd\r",
- "Content-Transfer-Encoding: 7bit\r",
- "Content-Type: text/plain; charset=US-ASCII;\r",
- " format=flowed\r",
- "\r",
- "Test message, the txt file had been attached.\r",
- "\r",
- "--\r",
- "Ervin\r",
- "\r",
- "\r",
- "-------------------------------8842564605616207552020332273--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 403
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., one part, wrong final)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "----ea520cef1a2937d8e928e357992c8fdd\r",
- "Content-Transfer-Encoding: 7bit\r",
- "Content-Type: text/plain; charset=US-ASCII;\r",
- " format=flowed\r",
- "\r",
- "Test message, the txt file had been attached.\r",
- "\r",
- "--\r",
- "Ervin\r",
- "\r",
- "\r",
- "-------------------------------8842564605616207552020332274--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 403
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., all valid, strict mode)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=---------------------------3163850615828140691827348175",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-----------------------------3163850615828140691827348175\r",
- "Content-Disposition: form-data; name=\"_token\"\r",
- "\r",
- "3eeb646795ba8db63b05ba77df2a0b2c\r",
- "-----------------------------3163850615828140691827348175\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"multipart_text.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "Content-Type: multipart/alternative; boundary=\"00000000000041382f056d9314e6\"\r",
- "\r",
- "--00000000000041382f056d9314e6\r",
- "Content-Type: text/plain; charset=\"UTF-8\"\r",
- "Content-Transfer-Encoding: quoted-printable\r",
- "\r",
- "Hi,\r",
- "\r",
- "...\r",
- "\r",
- "--00000000000041382f056d9314e6\r",
- "Content-Type: text/html; charset=\"UTF-8\"\r",
- "Content-Transfer-Encoding: quoted-printable\r",
- "\r",
- "\r",
- "...\r",
- "
\r",
- "\r",
- "--00000000000041382f056d9314e6--\r",
- "\r",
- "\r",
- "-----------------------------3163850615828140691827348175--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 403
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., permissive mode)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_token\"\r",
- "\r",
- "9e433de44c9e9b4ce19603269aa34edb\r",
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "----ea520cef1a2937d8e928e357992c8fdd\r",
- "Content-Transfer-Encoding: 7bit\r",
- "Content-Type: text/plain; charset=US-ASCII;\r",
- " format=flowed\r",
- "\r",
- "Test message, the txt file had been attached.\r",
- "\r",
- "--\r",
- "Ervin\r",
- "\r",
- "\r",
- "-------------------------------8842564605616207552020332273--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 200
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\""
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., wrong lead bound., permissive mode)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-------------------------------8842564605616207552020332274\r",
- "Content-Disposition: form-data; name=\"_token\"\r",
- "\r",
- "9e433de44c9e9b4ce19603269aa34edb\r",
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "----ea520cef1a2937d8e928e357992c8fdd\r",
- "Content-Transfer-Encoding: 7bit\r",
- "Content-Type: text/plain; charset=US-ASCII;\r",
- " format=flowed\r",
- "\r",
- "Test message, the txt file had been attached.\r",
- "\r",
- "--\r",
- "Ervin\r",
- "\r",
- "\r",
- "-------------------------------8842564605616207552020332273--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 200
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\""
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., wrong sep. bound., permissive mode)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-------------------------------8842564605616207552020332273\r",
- "Content-Disposition: form-data; name=\"_token\"\r",
- "\r",
- "9e433de44c9e9b4ce19603269aa34edb\r",
- "-------------------------------8842564605616207552020332274\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "----ea520cef1a2937d8e928e357992c8fdd\r",
- "Content-Transfer-Encoding: 7bit\r",
- "Content-Type: text/plain; charset=US-ASCII;\r",
- " format=flowed\r",
- "\r",
- "Test message, the txt file had been attached.\r",
- "\r",
- "--\r",
- "Ervin\r",
- "\r",
- "\r",
- "-------------------------------8842564605616207552020332273--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 200
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\""
- ]
- },
- {
- "enabled":1,
- "version_min":300000,
- "title":"multipart parser (contains foreign bound., all valid, permissive mode)",
- "client":{
- "ip":"200.249.12.31",
- "port":123
- },
- "server":{
- "ip":"200.249.12.31",
- "port":80
- },
- "request":{
- "headers":{
- "Host":"localhost",
- "User-Agent":"curl/7.38.0",
- "Accept":"*/*",
- "Content-Length":"330",
- "Content-Type":"multipart/form-data; boundary=---------------------------3163850615828140691827348175",
- "Expect":"100-continue"
- },
- "uri":"/",
- "method":"POST",
- "body":[
- "-----------------------------3163850615828140691827348175\r",
- "Content-Disposition: form-data; name=\"_token\"\r",
- "\r",
- "3eeb646795ba8db63b05ba77df2a0b2c\r",
- "-----------------------------3163850615828140691827348175\r",
- "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"multipart_text.txt\"\r",
- "Content-Type: text/plain\r",
- "\r",
- "Content-Type: multipart/alternative; boundary=\"00000000000041382f056d9314e6\"\r",
- "\r",
- "--00000000000041382f056d9314e6\r",
- "Content-Type: text/plain; charset=\"UTF-8\"\r",
- "Content-Transfer-Encoding: quoted-printable\r",
- "\r",
- "Hi,\r",
- "\r",
- "...\r",
- "\r",
- "--00000000000041382f056d9314e6\r",
- "Content-Type: text/html; charset=\"UTF-8\"\r",
- "Content-Transfer-Encoding: quoted-printable\r",
- "\r",
- "\r",
- "...\r",
- "
\r",
- "\r",
- "--00000000000041382f056d9314e6--\r",
- "\r",
- "\r",
- "-----------------------------3163850615828140691827348175--\r"
- ]
- },
- "response":{
- "headers":{
- "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
- "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
- "Content-Type":"text/html"
- },
- "body":[
- "no need."
- ]
- },
- "expected":{
- "debug_log": "",
- "http_code": 200
- },
- "rules":[
- "SecRuleEngine On",
- "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\""
- ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., no UNMATCH rule)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_token\"\r",
+ "\r",
+ "9e433de44c9e9b4ce19603269aa34edb\r",
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "----ea520cef1a2937d8e928e357992c8fdd\r",
+ "Content-Transfer-Encoding: 7bit\r",
+ "Content-Type: text/plain; charset=US-ASCII;\r",
+ " format=flowed\r",
+ "\r",
+ "Test message, the txt file had been attached.\r",
+ "\r",
+ "--\r",
+ "Ervin\r",
+ "\r",
+ "\r",
+ "-------------------------------8842564605616207552020332273--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 200
+ },
+ "rules":[
+ "SecRuleEngine On"
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., strict mode)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_token\"\r",
+ "\r",
+ "9e433de44c9e9b4ce19603269aa34edb\r",
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "----ea520cef1a2937d8e928e357992c8fdd\r",
+ "Content-Transfer-Encoding: 7bit\r",
+ "Content-Type: text/plain; charset=US-ASCII;\r",
+ " format=flowed\r",
+ "\r",
+ "Test message, the txt file had been attached.\r",
+ "\r",
+ "--\r",
+ "Ervin\r",
+ "\r",
+ "\r",
+ "-------------------------------8842564605616207552020332273--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 403
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., wrong lead bound., strict mode)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-------------------------------8842564605616207552020332274\r",
+ "Content-Disposition: form-data; name=\"_token\"\r",
+ "\r",
+ "9e433de44c9e9b4ce19603269aa34edb\r",
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "----ea520cef1a2937d8e928e357992c8fdd\r",
+ "Content-Transfer-Encoding: 7bit\r",
+ "Content-Type: text/plain; charset=US-ASCII;\r",
+ " format=flowed\r",
+ "\r",
+ "Test message, the txt file had been attached.\r",
+ "\r",
+ "--\r",
+ "Ervin\r",
+ "\r",
+ "\r",
+ "-------------------------------8842564605616207552020332273--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 403
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., wrong sep. bound., strict mode)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_token\"\r",
+ "\r",
+ "9e433de44c9e9b4ce19603269aa34edb\r",
+ "-------------------------------8842564605616207552020332274\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "----ea520cef1a2937d8e928e357992c8fdd\r",
+ "Content-Transfer-Encoding: 7bit\r",
+ "Content-Type: text/plain; charset=US-ASCII;\r",
+ " format=flowed\r",
+ "\r",
+ "Test message, the txt file had been attached.\r",
+ "\r",
+ "--\r",
+ "Ervin\r",
+ "\r",
+ "\r",
+ "-------------------------------8842564605616207552020332273--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 403
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., wrong final bound.)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_token\"\r",
+ "\r",
+ "9e433de44c9e9b4ce19603269aa34edb\r",
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "----ea520cef1a2937d8e928e357992c8fdd\r",
+ "Content-Transfer-Encoding: 7bit\r",
+ "Content-Type: text/plain; charset=US-ASCII;\r",
+ " format=flowed\r",
+ "\r",
+ "Test message, the txt file had been attached.\r",
+ "\r",
+ "--\r",
+ "Ervin\r",
+ "\r",
+ "\r",
+ "-------------------------------8842564605616207552020332274--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 403
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., one part, wrong lead)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-------------------------------8842564605616207552020332274\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "----ea520cef1a2937d8e928e357992c8fdd\r",
+ "Content-Transfer-Encoding: 7bit\r",
+ "Content-Type: text/plain; charset=US-ASCII;\r",
+ " format=flowed\r",
+ "\r",
+ "Test message, the txt file had been attached.\r",
+ "\r",
+ "--\r",
+ "Ervin\r",
+ "\r",
+ "\r",
+ "-------------------------------8842564605616207552020332273--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 403
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., one part, wrong final)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "----ea520cef1a2937d8e928e357992c8fdd\r",
+ "Content-Transfer-Encoding: 7bit\r",
+ "Content-Type: text/plain; charset=US-ASCII;\r",
+ " format=flowed\r",
+ "\r",
+ "Test message, the txt file had been attached.\r",
+ "\r",
+ "--\r",
+ "Ervin\r",
+ "\r",
+ "\r",
+ "-------------------------------8842564605616207552020332274--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 403
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., all valid, strict mode)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=---------------------------3163850615828140691827348175",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-----------------------------3163850615828140691827348175\r",
+ "Content-Disposition: form-data; name=\"_token\"\r",
+ "\r",
+ "3eeb646795ba8db63b05ba77df2a0b2c\r",
+ "-----------------------------3163850615828140691827348175\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"multipart_text.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "Content-Type: multipart/alternative; boundary=\"00000000000041382f056d9314e6\"\r",
+ "\r",
+ "--00000000000041382f056d9314e6\r",
+ "Content-Type: text/plain; charset=\"UTF-8\"\r",
+ "Content-Transfer-Encoding: quoted-printable\r",
+ "\r",
+ "Hi,\r",
+ "\r",
+ "...\r",
+ "\r",
+ "--00000000000041382f056d9314e6\r",
+ "Content-Type: text/html; charset=\"UTF-8\"\r",
+ "Content-Transfer-Encoding: quoted-printable\r",
+ "\r",
+ "\r",
+ "...\r",
+ "
\r",
+ "\r",
+ "--00000000000041382f056d9314e6--\r",
+ "\r",
+ "\r",
+ "-----------------------------3163850615828140691827348175--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 403
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\""
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., permissive mode)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_token\"\r",
+ "\r",
+ "9e433de44c9e9b4ce19603269aa34edb\r",
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "----ea520cef1a2937d8e928e357992c8fdd\r",
+ "Content-Transfer-Encoding: 7bit\r",
+ "Content-Type: text/plain; charset=US-ASCII;\r",
+ " format=flowed\r",
+ "\r",
+ "Test message, the txt file had been attached.\r",
+ "\r",
+ "--\r",
+ "Ervin\r",
+ "\r",
+ "\r",
+ "-------------------------------8842564605616207552020332273--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 200
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\""
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., wrong lead bound., permissive mode)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-------------------------------8842564605616207552020332274\r",
+ "Content-Disposition: form-data; name=\"_token\"\r",
+ "\r",
+ "9e433de44c9e9b4ce19603269aa34edb\r",
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "----ea520cef1a2937d8e928e357992c8fdd\r",
+ "Content-Transfer-Encoding: 7bit\r",
+ "Content-Type: text/plain; charset=US-ASCII;\r",
+ " format=flowed\r",
+ "\r",
+ "Test message, the txt file had been attached.\r",
+ "\r",
+ "--\r",
+ "Ervin\r",
+ "\r",
+ "\r",
+ "-------------------------------8842564605616207552020332273--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 200
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\""
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., wrong sep. bound., permissive mode)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-------------------------------8842564605616207552020332273\r",
+ "Content-Disposition: form-data; name=\"_token\"\r",
+ "\r",
+ "9e433de44c9e9b4ce19603269aa34edb\r",
+ "-------------------------------8842564605616207552020332274\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "----ea520cef1a2937d8e928e357992c8fdd\r",
+ "Content-Transfer-Encoding: 7bit\r",
+ "Content-Type: text/plain; charset=US-ASCII;\r",
+ " format=flowed\r",
+ "\r",
+ "Test message, the txt file had been attached.\r",
+ "\r",
+ "--\r",
+ "Ervin\r",
+ "\r",
+ "\r",
+ "-------------------------------8842564605616207552020332273--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 200
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\""
+ ]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"multipart parser (contains foreign bound., all valid, permissive mode)",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=---------------------------3163850615828140691827348175",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "-----------------------------3163850615828140691827348175\r",
+ "Content-Disposition: form-data; name=\"_token\"\r",
+ "\r",
+ "3eeb646795ba8db63b05ba77df2a0b2c\r",
+ "-----------------------------3163850615828140691827348175\r",
+ "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"multipart_text.txt\"\r",
+ "Content-Type: text/plain\r",
+ "\r",
+ "Content-Type: multipart/alternative; boundary=\"00000000000041382f056d9314e6\"\r",
+ "\r",
+ "--00000000000041382f056d9314e6\r",
+ "Content-Type: text/plain; charset=\"UTF-8\"\r",
+ "Content-Transfer-Encoding: quoted-printable\r",
+ "\r",
+ "Hi,\r",
+ "\r",
+ "...\r",
+ "\r",
+ "--00000000000041382f056d9314e6\r",
+ "Content-Type: text/html; charset=\"UTF-8\"\r",
+ "Content-Transfer-Encoding: quoted-printable\r",
+ "\r",
+ "\r",
+ "...\r",
+ "
\r",
+ "\r",
+ "--00000000000041382f056d9314e6--\r",
+ "\r",
+ "\r",
+ "-----------------------------3163850615828140691827348175--\r"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log": "",
+ "http_code": 200
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\""
+ ]
}
]
diff --git a/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json b/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json
index be15ac129e..9e53bb6431 100644
--- a/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json
+++ b/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json
@@ -293,6 +293,55 @@
"SecRuleEngine On",
"SecRule MULTIPART_STRICT_ERROR \"@contains 0\" \"id:1,phase:3,pass,t:trim\""
]
+ },
+ {
+ "enabled":1,
+ "version_min":300000,
+ "title":"Testing Variables :: MULTIPART_STRICT_ERROR - RFC2046",
+ "client":{
+ "ip":"200.249.12.31",
+ "port":123
+ },
+ "server":{
+ "ip":"200.249.12.31",
+ "port":80
+ },
+ "request":{
+ "headers":{
+ "Host":"localhost",
+ "User-Agent":"curl/7.38.0",
+ "Accept":"*/*",
+ "Content-Length":"330",
+ "Content-Type":"multipart/form-data; boundary=0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?",
+ "Expect":"100-continue"
+ },
+ "uri":"/",
+ "method":"POST",
+ "body":[
+ "--0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?",
+ "Content-Disposition: form-data; name=\"name\"",
+ "",
+ "1",
+ "--0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?--"
+ ]
+ },
+ "response":{
+ "headers":{
+ "Date":"Mon, 13 Jul 2015 20:02:41 GMT",
+ "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT",
+ "Content-Type":"text/html"
+ },
+ "body":[
+ "no need."
+ ]
+ },
+ "expected":{
+ "debug_log":"Target value: \"0\" \\(Variable: REQBODY_ERROR\\)"
+ },
+ "rules":[
+ "SecRuleEngine On",
+ "SecRule REQBODY_ERROR \"@contains 0\" \"id:1,phase:3,pass,t:trim\""
+ ]
}
]