Rivoreo Source Code Repositories
src.rivoreo.one / net / nginx-mbedtls / 4e530a5cb680789685a9046839a0cd8a8e5f12a0 / . / debian / modules / naxsi / t / 08negative_whitelists.t
blob: 346174225bba0d0356bb78e6ebacf9132ef17bb0 [file] [log] [blame] [raw]
#vi:filetype=perl
# A AJOUTER :
# TEST CASE AVEC UNE REGLE SUR UN HEADER GENERIQUE
# La même sur des arguments :)
use lib 'lib';
use Test::Nginx::Socket;
plan tests => repeat_each(2) * blocks();
no_root_location();
no_long_string();
$ENV{TEST_NGINX_SERVROOT} = server_root();
run_tests();
# === WL TEST 1.01
# --- http_config
# include /etc/nginx/naxsi_core.rules;
# MainRule negative "str:foobar" "msg:foobar test pattern" "mz:$ARGS_VAR:b" "s:$SQL:42" id:1999;
# --- config
# location / {
# #LearningMode;
# SecRulesEnabled;
# DeniedUrl "/RequestDenied";
# CheckRule "$SQL >= 8" BLOCK;
# CheckRule "$RFI >= 8" BLOCK;
# CheckRule "$TRAVERSAL >= 4" BLOCK;
# CheckRule "$XSS >= 8" BLOCK;
# root $TEST_NGINX_SERVROOT/html/;
# index index.html index.htm;
# BasicRule wl:1999;
# }
# location /RequestDenied {
# return 412;
# }
# --- request
# GET /?b=foobar
# --- error_code: 412
# === WL TEST 2.0
# --- http_config
# include /etc/nginx/naxsi_core.rules;
# MainRule negative "rx:foobar" "msg:foobar test pattern" "mz:$ARGS_VAR:b" "s:$SQL:42" id:1999;
# --- config
# location / {
# #LearningMode;
# SecRulesEnabled;
# DeniedUrl "/RequestDenied";
# CheckRule "$SQL >= 8" BLOCK;
# CheckRule "$RFI >= 8" BLOCK;
# CheckRule "$TRAVERSAL >= 4" BLOCK;
# CheckRule "$XSS >= 8" BLOCK;
# root $TEST_NGINX_SERVROOT/html/;
# index index.html index.htm;
# BasicRule wl:1999;
# }
# location /RequestDenied {
# return 412;
# }
# --- request
# GET /?b=foobar
# --- error_code: 200
# === WL TEST 2.01
# --- http_config
# include /etc/nginx/naxsi_core.rules;
# MainRule negative "rx:^foobar$" "msg:foobar test pattern" "mz:$ARGS_VAR:b" "s:$SQL:42" id:1999;
# --- config
# location / {
# #LearningMode;
# SecRulesEnabled;
# DeniedUrl "/RequestDenied";
# CheckRule "$SQL >= 8" BLOCK;
# CheckRule "$RFI >= 8" BLOCK;
# CheckRule "$TRAVERSAL >= 4" BLOCK;
# CheckRule "$XSS >= 8" BLOCK;
# root $TEST_NGINX_SERVROOT/html/;
# index index.html index.htm;
# BasicRule wl:1999;
# }
# location /RequestDenied {
# return 412;
# }
# --- request
# GET /?b=foobarr
# --- error_code: 412
# === WL TEST 2.02
# --- http_config
# include /etc/nginx/naxsi_core.rules;
# MainRule negative "rx:^foobar$" "msg:foobar test pattern" "mz:$ARGS_VAR:b" "s:$SQL:42" id:1999;
# --- config
# location / {
# #LearningMode;
# SecRulesEnabled;
# DeniedUrl "/RequestDenied";
# CheckRule "$SQL >= 8" BLOCK;
# CheckRule "$RFI >= 8" BLOCK;
# CheckRule "$TRAVERSAL >= 4" BLOCK;
# CheckRule "$XSS >= 8" BLOCK;
# root $TEST_NGINX_SERVROOT/html/;
# index index.html index.htm;
# BasicRule wl:1999;
# }
# location /RequestDenied {
# return 412;
# }
# --- request
# GET /?b=ffoobar
# --- error_code: 412
__DATA__
=== WL TEST 1.0
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "str:foobar" "msg:foobar test pattern" "mz:$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /?b=toto
--- error_code: 412
=== WL TEST 1.01
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "str:foobar" "msg:foobar test pattern" "mz:$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /?b=foobar
--- error_code: 200
=== WL TEST 1.03
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "str:foobar" "msg:foobar test pattern" "mz:$URL:/|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /a?b=foobar
--- error_code: 404
=== WL TEST 1.04
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "str:foobar" "msg:foobar test pattern" "mz:$URL:/a|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /a?b=foobrar
--- error_code: 412
=== WL TEST 2.0
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "rx:foobar" "msg:foobar test pattern" "mz:$URL:/a|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /a?b=foobrar
--- error_code: 412
=== WL TEST 2.01
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "rx:foobar" "msg:foobar test pattern" "mz:$URL:/a|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /a?b=foobar
--- error_code: 404
=== WL TEST 2.02
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "rx:^foobar" "msg:foobar test pattern" "mz:$URL:/a|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /?b=foobar
--- error_code: 200
=== WL TEST 2.03
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "rx:^foobar" "msg:foobar test pattern" "mz:$URL:/a|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /a?b=rfoobar
--- error_code: 412
=== WL TEST 2.04
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "rx:^foobar" "msg:foobar test pattern" "mz:$URL:/a|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /a?b=foobar
--- error_code: 404
=== WL TEST 2.05
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "rx:^foobar$" "msg:foobar test pattern" "mz:$URL:/a|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /a?b=foobar
--- error_code: 404
=== WL TEST 2.06
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "rx:^foobar$" "msg:foobar test pattern" "mz:$URL:/a|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /a?b=foobara
--- error_code: 412
=== WL TEST 2.07
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "rx:^[0-9]+$" "msg:foobar test pattern" "mz:$URL:/a|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /a?b=foobara
--- error_code: 412
=== WL TEST 2.08
--- http_config
include /etc/nginx/naxsi_core.rules;
MainRule negative "rx:^[0-9]+$" "msg:foobar test pattern" "mz:$URL:/a|$ARGS_VAR:b" "s:$SQL:42" id:1999;
--- config
location / {
#LearningMode;
SecRulesEnabled;
DeniedUrl "/RequestDenied";
CheckRule "$SQL >= 8" BLOCK;
CheckRule "$RFI >= 8" BLOCK;
CheckRule "$TRAVERSAL >= 4" BLOCK;
CheckRule "$XSS >= 8" BLOCK;
root $TEST_NGINX_SERVROOT/html/;
index index.html index.htm;
}
location /RequestDenied {
return 412;
}
--- request
GET /a?b=1234
--- error_code: 404