diff --git a/CHANGES b/CHANGES index 13ea2d3239..ba3c8b4317 100644 --- a/CHANGES +++ b/CHANGES @@ -1,7 +1,8 @@ v3.0.4 - YYYY-MMM-DD (to be released) ------------------------------------- - + - Make the boundary check less strict as per RFC2046 + [Issue #1943 - @victorhora, @allanbomsft] v3.0.3 - 2018-Nov-05 diff --git a/src/request_body_processor/multipart.cc b/src/request_body_processor/multipart.cc index fdadc42a49..f302720aeb 100644 --- a/src/request_body_processor/multipart.cc +++ b/src/request_body_processor/multipart.cc @@ -158,41 +158,27 @@ int Multipart::boundary_characters_valid(const char *boundary) { } while ((c = *p) != '\0') { - /* Control characters and space not allowed. */ - if (c < 32) { + // Check against allowed list defined in RFC2046 page 22 + if (!( + ('0' <= c && c <= '9') + || ('A' <= c && c <= 'Z') + || ('a' <= c && c <= 'z') + || (c == ' ' && *(p + 1) != '\0') // space allowed, but not as last character + || c == '\'' + || c == '(' + || c == ')' + || c == '+' + || c == '_' + || c == ',' + || c == '-' + || c == '.' + || c == '/' + || c == ':' + || c == '=' + || c == '?' + )) { return 0; } - - /* Non-ASCII characters not allowed. */ - if (c > 126) { - return 0; - } - - switch (c) { - /* Special characters not allowed. */ - case '(' : - case ')' : - case '<' : - case '>' : - case '@' : - case ',' : - case ';' : - case ':' : - case '\\' : - case '"' : - case '/' : - case '[' : - case ']' : - case '?' : - case '=' : - return 0; - break; - - default : - /* Do nothing. */ - break; - } - p++; } diff --git a/test/test-cases/regression/request-body-parser-multipart.json b/test/test-cases/regression/request-body-parser-multipart.json index faf716a743..b9622807eb 100644 --- a/test/test-cases/regression/request-body-parser-multipart.json +++ b/test/test-cases/regression/request-body-parser-multipart.json @@ -1618,7 +1618,7 @@ { "enabled":1, "version_min":300000, - "title":"multipart parser (boundary special char - trailing comma+token)", + "title":"multipart parser (boundary special char - trailing exclamation+token)", "client":{ "ip":"200.249.12.31", "port":123 @@ -1633,7 +1633,7 @@ "User-Agent":"curl/7.38.0", "Accept":"*/*", "Content-Length":"330", - "Content-Type":"multipart/form-data;boundary=0000,1111", + "Content-Type":"multipart/form-data;boundary=0000!1111", "Expect":"100-continue" }, "uri":"/", @@ -1850,7 +1850,7 @@ }, "expected":{ "http_code": 403, - "debug_log": "boundary was quoted.*No boundaries found in payload" + "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted." }, "rules":[ "SecRuleEngine On", @@ -1911,7 +1911,7 @@ }, "expected":{ "http_code": 403, - "debug_log": "boundary was quoted.*No boundaries found in payload" + "debug_log": "Invalid boundary in C-T \\(characters\\).*boundary was quoted." }, "rules":[ "SecRuleEngine On", @@ -2448,796 +2448,796 @@ "SecRule FILES_SIZES:/^image/ \"@eq 0\" \"phase:2,deny,id:500167\"", "SecRule &FILES_TMPNAMES \"!@eq 2\" \"phase:2,deny,id:500168\"" ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., no UNMATCH rule)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., strict mode)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., wrong lead bound., strict mode)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------8842564605616207552020332274\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., wrong sep. bound., strict mode)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332274\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., wrong final bound.)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332274--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., one part, wrong lead)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------8842564605616207552020332274\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., one part, wrong final)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332274--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., all valid, strict mode)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------3163850615828140691827348175", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------3163850615828140691827348175\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "3eeb646795ba8db63b05ba77df2a0b2c\r", - "-----------------------------3163850615828140691827348175\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"multipart_text.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "Content-Type: multipart/alternative; boundary=\"00000000000041382f056d9314e6\"\r", - "\r", - "--00000000000041382f056d9314e6\r", - "Content-Type: text/plain; charset=\"UTF-8\"\r", - "Content-Transfer-Encoding: quoted-printable\r", - "\r", - "Hi,\r", - "\r", - "...\r", - "\r", - "--00000000000041382f056d9314e6\r", - "Content-Type: text/html; charset=\"UTF-8\"\r", - "Content-Transfer-Encoding: quoted-printable\r", - "\r", - "
\r", - "...\r", - "
\r", - "\r", - "--00000000000041382f056d9314e6--\r", - "\r", - "\r", - "-----------------------------3163850615828140691827348175--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 403 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., permissive mode)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., wrong lead bound., permissive mode)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------8842564605616207552020332274\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., wrong sep. bound., permissive mode)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-------------------------------8842564605616207552020332273\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "9e433de44c9e9b4ce19603269aa34edb\r", - "-------------------------------8842564605616207552020332274\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "----ea520cef1a2937d8e928e357992c8fdd\r", - "Content-Transfer-Encoding: 7bit\r", - "Content-Type: text/plain; charset=US-ASCII;\r", - " format=flowed\r", - "\r", - "Test message, the txt file had been attached.\r", - "\r", - "--\r", - "Ervin\r", - "\r", - "\r", - "-------------------------------8842564605616207552020332273--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\"" - ] - }, - { - "enabled":1, - "version_min":300000, - "title":"multipart parser (contains foreign bound., all valid, permissive mode)", - "client":{ - "ip":"200.249.12.31", - "port":123 - }, - "server":{ - "ip":"200.249.12.31", - "port":80 - }, - "request":{ - "headers":{ - "Host":"localhost", - "User-Agent":"curl/7.38.0", - "Accept":"*/*", - "Content-Length":"330", - "Content-Type":"multipart/form-data; boundary=---------------------------3163850615828140691827348175", - "Expect":"100-continue" - }, - "uri":"/", - "method":"POST", - "body":[ - "-----------------------------3163850615828140691827348175\r", - "Content-Disposition: form-data; name=\"_token\"\r", - "\r", - "3eeb646795ba8db63b05ba77df2a0b2c\r", - "-----------------------------3163850615828140691827348175\r", - "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"multipart_text.txt\"\r", - "Content-Type: text/plain\r", - "\r", - "Content-Type: multipart/alternative; boundary=\"00000000000041382f056d9314e6\"\r", - "\r", - "--00000000000041382f056d9314e6\r", - "Content-Type: text/plain; charset=\"UTF-8\"\r", - "Content-Transfer-Encoding: quoted-printable\r", - "\r", - "Hi,\r", - "\r", - "...\r", - "\r", - "--00000000000041382f056d9314e6\r", - "Content-Type: text/html; charset=\"UTF-8\"\r", - "Content-Transfer-Encoding: quoted-printable\r", - "\r", - "
\r", - "...\r", - "
\r", - "\r", - "--00000000000041382f056d9314e6--\r", - "\r", - "\r", - "-----------------------------3163850615828140691827348175--\r" - ] - }, - "response":{ - "headers":{ - "Date":"Mon, 13 Jul 2015 20:02:41 GMT", - "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", - "Content-Type":"text/html" - }, - "body":[ - "no need." - ] - }, - "expected":{ - "debug_log": "", - "http_code": 200 - }, - "rules":[ - "SecRuleEngine On", - "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\"" - ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., no UNMATCH rule)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_token\"\r", + "\r", + "9e433de44c9e9b4ce19603269aa34edb\r", + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "----ea520cef1a2937d8e928e357992c8fdd\r", + "Content-Transfer-Encoding: 7bit\r", + "Content-Type: text/plain; charset=US-ASCII;\r", + " format=flowed\r", + "\r", + "Test message, the txt file had been attached.\r", + "\r", + "--\r", + "Ervin\r", + "\r", + "\r", + "-------------------------------8842564605616207552020332273--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 200 + }, + "rules":[ + "SecRuleEngine On" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., strict mode)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_token\"\r", + "\r", + "9e433de44c9e9b4ce19603269aa34edb\r", + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "----ea520cef1a2937d8e928e357992c8fdd\r", + "Content-Transfer-Encoding: 7bit\r", + "Content-Type: text/plain; charset=US-ASCII;\r", + " format=flowed\r", + "\r", + "Test message, the txt file had been attached.\r", + "\r", + "--\r", + "Ervin\r", + "\r", + "\r", + "-------------------------------8842564605616207552020332273--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., wrong lead bound., strict mode)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------8842564605616207552020332274\r", + "Content-Disposition: form-data; name=\"_token\"\r", + "\r", + "9e433de44c9e9b4ce19603269aa34edb\r", + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "----ea520cef1a2937d8e928e357992c8fdd\r", + "Content-Transfer-Encoding: 7bit\r", + "Content-Type: text/plain; charset=US-ASCII;\r", + " format=flowed\r", + "\r", + "Test message, the txt file had been attached.\r", + "\r", + "--\r", + "Ervin\r", + "\r", + "\r", + "-------------------------------8842564605616207552020332273--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., wrong sep. bound., strict mode)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_token\"\r", + "\r", + "9e433de44c9e9b4ce19603269aa34edb\r", + "-------------------------------8842564605616207552020332274\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "----ea520cef1a2937d8e928e357992c8fdd\r", + "Content-Transfer-Encoding: 7bit\r", + "Content-Type: text/plain; charset=US-ASCII;\r", + " format=flowed\r", + "\r", + "Test message, the txt file had been attached.\r", + "\r", + "--\r", + "Ervin\r", + "\r", + "\r", + "-------------------------------8842564605616207552020332273--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., wrong final bound.)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_token\"\r", + "\r", + "9e433de44c9e9b4ce19603269aa34edb\r", + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "----ea520cef1a2937d8e928e357992c8fdd\r", + "Content-Transfer-Encoding: 7bit\r", + "Content-Type: text/plain; charset=US-ASCII;\r", + " format=flowed\r", + "\r", + "Test message, the txt file had been attached.\r", + "\r", + "--\r", + "Ervin\r", + "\r", + "\r", + "-------------------------------8842564605616207552020332274--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., one part, wrong lead)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------8842564605616207552020332274\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "----ea520cef1a2937d8e928e357992c8fdd\r", + "Content-Transfer-Encoding: 7bit\r", + "Content-Type: text/plain; charset=US-ASCII;\r", + " format=flowed\r", + "\r", + "Test message, the txt file had been attached.\r", + "\r", + "--\r", + "Ervin\r", + "\r", + "\r", + "-------------------------------8842564605616207552020332273--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., one part, wrong final)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "----ea520cef1a2937d8e928e357992c8fdd\r", + "Content-Transfer-Encoding: 7bit\r", + "Content-Type: text/plain; charset=US-ASCII;\r", + " format=flowed\r", + "\r", + "Test message, the txt file had been attached.\r", + "\r", + "--\r", + "Ervin\r", + "\r", + "\r", + "-------------------------------8842564605616207552020332274--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., all valid, strict mode)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------3163850615828140691827348175", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------3163850615828140691827348175\r", + "Content-Disposition: form-data; name=\"_token\"\r", + "\r", + "3eeb646795ba8db63b05ba77df2a0b2c\r", + "-----------------------------3163850615828140691827348175\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"multipart_text.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "Content-Type: multipart/alternative; boundary=\"00000000000041382f056d9314e6\"\r", + "\r", + "--00000000000041382f056d9314e6\r", + "Content-Type: text/plain; charset=\"UTF-8\"\r", + "Content-Transfer-Encoding: quoted-printable\r", + "\r", + "Hi,\r", + "\r", + "...\r", + "\r", + "--00000000000041382f056d9314e6\r", + "Content-Type: text/html; charset=\"UTF-8\"\r", + "Content-Transfer-Encoding: quoted-printable\r", + "\r", + "
\r", + "...\r", + "
\r", + "\r", + "--00000000000041382f056d9314e6--\r", + "\r", + "\r", + "-----------------------------3163850615828140691827348175--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 403 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"!@eq 0\" \"phase:2,deny,id:500095\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., permissive mode)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_token\"\r", + "\r", + "9e433de44c9e9b4ce19603269aa34edb\r", + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "----ea520cef1a2937d8e928e357992c8fdd\r", + "Content-Transfer-Encoding: 7bit\r", + "Content-Type: text/plain; charset=US-ASCII;\r", + " format=flowed\r", + "\r", + "Test message, the txt file had been attached.\r", + "\r", + "--\r", + "Ervin\r", + "\r", + "\r", + "-------------------------------8842564605616207552020332273--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 200 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., wrong lead bound., permissive mode)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------8842564605616207552020332274\r", + "Content-Disposition: form-data; name=\"_token\"\r", + "\r", + "9e433de44c9e9b4ce19603269aa34edb\r", + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "----ea520cef1a2937d8e928e357992c8fdd\r", + "Content-Transfer-Encoding: 7bit\r", + "Content-Type: text/plain; charset=US-ASCII;\r", + " format=flowed\r", + "\r", + "Test message, the txt file had been attached.\r", + "\r", + "--\r", + "Ervin\r", + "\r", + "\r", + "-------------------------------8842564605616207552020332273--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 200 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., wrong sep. bound., permissive mode)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=-----------------------------8842564605616207552020332273", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-------------------------------8842564605616207552020332273\r", + "Content-Disposition: form-data; name=\"_token\"\r", + "\r", + "9e433de44c9e9b4ce19603269aa34edb\r", + "-------------------------------8842564605616207552020332274\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"msg.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "----ea520cef1a2937d8e928e357992c8fdd\r", + "Content-Transfer-Encoding: 7bit\r", + "Content-Type: text/plain; charset=US-ASCII;\r", + " format=flowed\r", + "\r", + "Test message, the txt file had been attached.\r", + "\r", + "--\r", + "Ervin\r", + "\r", + "\r", + "-------------------------------8842564605616207552020332273--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 200 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\"" + ] + }, + { + "enabled":1, + "version_min":300000, + "title":"multipart parser (contains foreign bound., all valid, permissive mode)", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=---------------------------3163850615828140691827348175", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "-----------------------------3163850615828140691827348175\r", + "Content-Disposition: form-data; name=\"_token\"\r", + "\r", + "3eeb646795ba8db63b05ba77df2a0b2c\r", + "-----------------------------3163850615828140691827348175\r", + "Content-Disposition: form-data; name=\"_attachments[]\"; filename=\"multipart_text.txt\"\r", + "Content-Type: text/plain\r", + "\r", + "Content-Type: multipart/alternative; boundary=\"00000000000041382f056d9314e6\"\r", + "\r", + "--00000000000041382f056d9314e6\r", + "Content-Type: text/plain; charset=\"UTF-8\"\r", + "Content-Transfer-Encoding: quoted-printable\r", + "\r", + "Hi,\r", + "\r", + "...\r", + "\r", + "--00000000000041382f056d9314e6\r", + "Content-Type: text/html; charset=\"UTF-8\"\r", + "Content-Transfer-Encoding: quoted-printable\r", + "\r", + "
\r", + "...\r", + "
\r", + "\r", + "--00000000000041382f056d9314e6--\r", + "\r", + "\r", + "-----------------------------3163850615828140691827348175--\r" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log": "", + "http_code": 200 + }, + "rules":[ + "SecRuleEngine On", + "SecRule MULTIPART_UNMATCHED_BOUNDARY \"@eq 1\" \"phase:2,deny,id:500095\"" + ] } ] diff --git a/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json b/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json index be15ac129e..9e53bb6431 100644 --- a/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json +++ b/test/test-cases/regression/variable-MULTIPART_STRICT_ERROR.json @@ -293,6 +293,55 @@ "SecRuleEngine On", "SecRule MULTIPART_STRICT_ERROR \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" ] + }, + { + "enabled":1, + "version_min":300000, + "title":"Testing Variables :: MULTIPART_STRICT_ERROR - RFC2046", + "client":{ + "ip":"200.249.12.31", + "port":123 + }, + "server":{ + "ip":"200.249.12.31", + "port":80 + }, + "request":{ + "headers":{ + "Host":"localhost", + "User-Agent":"curl/7.38.0", + "Accept":"*/*", + "Content-Length":"330", + "Content-Type":"multipart/form-data; boundary=0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?", + "Expect":"100-continue" + }, + "uri":"/", + "method":"POST", + "body":[ + "--0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?", + "Content-Disposition: form-data; name=\"name\"", + "", + "1", + "--0123456789AaBbCcDdEeFfGgHhIiJjKkLlMmNnOoPpQqRrSsTtUuVvWwXxYyZz '()+_,-./:=?--" + ] + }, + "response":{ + "headers":{ + "Date":"Mon, 13 Jul 2015 20:02:41 GMT", + "Last-Modified":"Sun, 26 Oct 2014 22:33:37 GMT", + "Content-Type":"text/html" + }, + "body":[ + "no need." + ] + }, + "expected":{ + "debug_log":"Target value: \"0\" \\(Variable: REQBODY_ERROR\\)" + }, + "rules":[ + "SecRuleEngine On", + "SecRule REQBODY_ERROR \"@contains 0\" \"id:1,phase:3,pass,t:trim\"" + ] } ]