1[ 2 { 3 "enabled": 1, 4 "version_min": 209000, 5 "version_max": -1, 6 "title": "JSON array should be handled even without a key (1)", 7 "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1576", 8 "client":{ 9 "ip":"200.249.12.31", 10 "port":123 11 }, 12 "request":{ 13 "headers":{ 14 "Host":"localhost", 15 "User-Agent":"curl/7.38.0", 16 "Accept":"*/*", 17 "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", 18 "Content-Type": "application/json" 19 }, 20 "uri":"/?key=value&key=other_value", 21 "method":"POST", 22 "body": [ 23 "{", 24 " \"foo\":\"bar\",", 25 " \"mod\":\"sec\",", 26 " \"ops\": [", 27 " [\"um\", \"um e meio\"], ", 28 " \"dois\",", 29 " \"tres\",", 30 " { \"eins\": [\"zwei\", \"drei\"] }", 31 " ],", 32 " \"whee\": \"lhebs\"", 33 "}" 34 ] 35 }, 36 "server":{ 37 "ip":"200.249.12.31", 38 "port":80 39 }, 40 "expected":{ 41 "debug_log": "zwei\" \\(Variable: ARGS:json.ops.array_3.eins.array_0" 42 }, 43 "rules":[ 44 "SecRuleEngine On", 45 "SecRequestBodyAccess On", 46 "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", 47 "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" 48 ] 49 }, 50 { 51 "enabled": 1, 52 "version_min": 209000, 53 "version_max": -1, 54 "title": "JSON array should be handled even without a key (2)", 55 "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1576", 56 "client":{ 57 "ip":"200.249.12.31", 58 "port":123 59 }, 60 "request":{ 61 "headers":{ 62 "Host":"localhost", 63 "User-Agent":"curl/7.38.0", 64 "Accept":"*/*", 65 "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", 66 "Content-Type": "application/json" 67 }, 68 "uri":"/?key=value&key=other_value", 69 "method":"POST", 70 "body": [ 71 "[", 72 " \"one\",", 73 " \"two\",", 74 " \"three\"", 75 "]" 76 ] 77 }, 78 "server":{ 79 "ip":"200.249.12.31", 80 "port":80 81 }, 82 "expected":{ 83 "debug_log": "three\" \\(Variable: ARGS:json.array_2\\)" 84 }, 85 "rules":[ 86 "SecRuleEngine On", 87 "SecRequestBodyAccess On", 88 "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", 89 "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" 90 ] 91 }, 92 { 93 "enabled": 1, 94 "version_min": 209000, 95 "version_max": -1, 96 "title": "JSON array should be handled even without a key (3)", 97 "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1576", 98 "client":{ 99 "ip":"200.249.12.31", 100 "port":123 101 }, 102 "request":{ 103 "headers":{ 104 "Host":"localhost", 105 "User-Agent":"curl/7.38.0", 106 "Accept":"*/*", 107 "Cookie": "PHPSESSID=rAAAAAAA2t5uvjq435r4q7ib3vtdjq120", 108 "Content-Type": "application/json" 109 }, 110 "uri":"/?key=value&key=other_value", 111 "method":"POST", 112 "body": [ 113 "{", 114 " \"foo\":\"bar\",", 115 " \"mod\":\"sec\",", 116 " \"ops\": {", 117 " \"um\": \"um e meio\", ", 118 " \"dois\": \"tres\",", 119 " \"quatro\": \"cinco\",", 120 " \"seis\": {", 121 " \"dez\": \"onze\",", 122 " \"doze\": \"treze\"", 123 " }", 124 " },", 125 " \"whee\": \"lhebs\"", 126 "}" 127 ] 128 }, 129 "server":{ 130 "ip":"200.249.12.31", 131 "port":80 132 }, 133 "expected":{ 134 "debug_log": "treze\" \\(Variable: ARGS:json.ops.seis.doze\\)" 135 }, 136 "rules":[ 137 "SecRuleEngine On", 138 "SecRequestBodyAccess On", 139 "SecRule REQUEST_HEADERS:Content-Type \"application/json\" \"id:'200001',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=JSON\"", 140 "SecRule ARGS \"asdf\" \"id:'200441',phase:3,log\"" 141 ] 142 } 143] 144