owasp-modsecurity
diff --git a/‎config_tests/CONF_006_TARGET_ARGS_NAMES_A-GET.yaml‎
Lines changed: 43 additions & 0 deletions b/‎config_tests/CONF_006_TARGET_ARGS_NAMES_A-GET.yaml‎
Lines changed: 43 additions & 0 deletions
diff --git a/‎config_tests/CONF_006_TARGET_ARGS_NAMES_B-POST.yaml‎
Lines changed: 41 additions & 0 deletions b/‎config_tests/CONF_006_TARGET_ARGS_NAMES_B-POST.yaml‎
Lines changed: 41 additions & 0 deletions
diff --git a/‎generated/rules/MRTS_006_ARGS_NAMES_A-GET.conf‎
Lines changed: 144 additions & 0 deletions b/‎generated/rules/MRTS_006_ARGS_NAMES_A-GET.conf‎
Lines changed: 144 additions & 0 deletions
diff --git a/‎generated/rules/MRTS_006_ARGS_NAMES_B-POST.conf‎
Lines changed: 108 additions & 0 deletions b/‎generated/rules/MRTS_006_ARGS_NAMES_B-POST.conf‎
Lines changed: 108 additions & 0 deletions
diff --git a/‎generated/rules/MRTS_110_XML.conf‎
Lines changed: 3 additions & 3 deletions b/‎generated/rules/MRTS_110_XML.conf‎
Lines changed: 3 additions & 3 deletions
@@ -0,0 +1,43 @@
+target: ARGS_NAMES
+rulefile: MRTS_006_ARGS_NAMES_A-GET.conf
+testfile: MRTS_006_ARGS_NAMES_A-GET.yaml
+templates:
+  - SecRule for TARGETS
+colkey:
+  - - ''
+  - - attack1
+  - - attack1
+    - attack2
+  - - /^attack_.*$/
+operator:
+  - '@contains'
+oparg:
+  - attack
+phase:
+  - 1
+  - 2
+  - 3
+  - 4
+testdata:
+  phase_methods:
+    1: get
+    2: get
+    3: get
+    4: get
+  targets:
+    - target: ''
+      test:
+        data:
+          attack: test
+    - target: attack1
+      test:
+        data:
+          attack1: test
+    - target: attack2
+      test:
+        data:
+          attack2: test
+    - target: /^attack_.*$/
+      test:
+        data:
+          attack_foo: test
@@ -0,0 +1,41 @@
+target: ARGS_NAMES
+rulefile: MRTS_006_ARGS_NAMES_B-POST.conf
+testfile: MRTS_006_ARGS_NAMES_B-POST.yaml
+templates:
+  - SecRule for TARGETS
+colkey:
+  - - ''
+  - - attack1
+  - - attack1
+    - attack2
+  - - /^attack_.*$/
+operator:
+  - '@contains'
+oparg:
+  - attack
+phase:
+  - 2
+  - 3
+  - 4
+testdata:
+  phase_methods:
+    2: post
+    3: post
+    4: post
+  targets:
+    - target: ''
+      test:
+        data:
+          attack: test
+    - target: attack1
+      test:
+        data:
+          attack1: test
+    - target: attack2
+      test:
+        data:
+          attack2: test
+    - target: /^attack_.*$/
+      test:
+        data:
+          attack_foo: test
@@ -0,0 +1,144 @@
+SecRule ARGS_NAMES "@contains attack" \
+    "id:100064,\
+    phase:1,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:1',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES "@contains attack" \
+    "id:100065,\
+    phase:2,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:2',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES "@contains attack" \
+    "id:100066,\
+    phase:3,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:3',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES "@contains attack" \
+    "id:100067,\
+    phase:4,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:4',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1 "@contains attack" \
+    "id:100068,\
+    phase:1,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:1',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1 "@contains attack" \
+    "id:100069,\
+    phase:2,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:2',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1 "@contains attack" \
+    "id:100070,\
+    phase:3,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:3',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1 "@contains attack" \
+    "id:100071,\
+    phase:4,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:4',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1|ARGS_NAMES:attack2 "@contains attack" \
+    "id:100072,\
+    phase:1,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:1',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1|ARGS_NAMES:attack2 "@contains attack" \
+    "id:100073,\
+    phase:2,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:2',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1|ARGS_NAMES:attack2 "@contains attack" \
+    "id:100074,\
+    phase:3,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:3',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1|ARGS_NAMES:attack2 "@contains attack" \
+    "id:100075,\
+    phase:4,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:4',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:/^attack_.*$/ "@contains attack" \
+    "id:100076,\
+    phase:1,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:1',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:/^attack_.*$/ "@contains attack" \
+    "id:100077,\
+    phase:2,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:2',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:/^attack_.*$/ "@contains attack" \
+    "id:100078,\
+    phase:3,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:3',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:/^attack_.*$/ "@contains attack" \
+    "id:100079,\
+    phase:4,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:4',\
+    ver:'MRTS/0.1'"
+
@@ -0,0 +1,108 @@
+SecRule ARGS_NAMES "@contains attack" \
+    "id:100080,\
+    phase:2,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:2',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES "@contains attack" \
+    "id:100081,\
+    phase:3,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:3',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES "@contains attack" \
+    "id:100082,\
+    phase:4,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:4',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1 "@contains attack" \
+    "id:100083,\
+    phase:2,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:2',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1 "@contains attack" \
+    "id:100084,\
+    phase:3,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:3',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1 "@contains attack" \
+    "id:100085,\
+    phase:4,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:4',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1|ARGS_NAMES:attack2 "@contains attack" \
+    "id:100086,\
+    phase:2,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:2',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1|ARGS_NAMES:attack2 "@contains attack" \
+    "id:100087,\
+    phase:3,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:3',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:attack1|ARGS_NAMES:attack2 "@contains attack" \
+    "id:100088,\
+    phase:4,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:4',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:/^attack_.*$/ "@contains attack" \
+    "id:100089,\
+    phase:2,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:2',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:/^attack_.*$/ "@contains attack" \
+    "id:100090,\
+    phase:3,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:3',\
+    ver:'MRTS/0.1'"
+
+SecRule ARGS_NAMES:/^attack_.*$/ "@contains attack" \
+    "id:100091,\
+    phase:4,\
+    deny,\
+    t:none,\
+    log,\
+    msg:'%{MATCHED_VAR_NAME} was caught in phase:4',\
+    ver:'MRTS/0.1'"
+
@@ -1,5 +1,5 @@
 SecRule XML:/* "@beginsWith foo" \
-    "id:100064,\
+    "id:100092,\
     phase:2,\
     deny,\
     t:none,\
@@ -8,7 +8,7 @@ SecRule XML:/* "@beginsWith foo" \
     ver:'MRTS/0.1'"
 
 SecRule XML:/* "@beginsWith foo" \
-    "id:100065,\
+    "id:100093,\
     phase:3,\
     deny,\
     t:none,\
@@ -17,7 +17,7 @@ SecRule XML:/* "@beginsWith foo" \
     ver:'MRTS/0.1'"
 
 SecRule XML:/* "@beginsWith foo" \
-    "id:100066,\
+    "id:100094,\
     phase:4,\
     deny,\
     t:none,\