1[ 2{ 3 "enabled": 1, 4 "version_min": 209000, 5 "version_max": -1, 6 "title": "Regex match does not work when arg ends with unescaped equal char (1/2)", 7 "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1743", 8 "gihub_issue": 1743, 9 "client": { 10 "ip": "200.249.12.31", 11 "port": 2313 12 }, 13 "server": { 14 "ip": "200.249.12.31", 15 "port": 80 16 }, 17 "request": { 18 "uri":"/?x=foo%3d", 19 "headers": "", 20 "body": "", 21 "method": "GET", 22 "http_version": 1.1 23 }, 24 "response": { 25 "headers": "", 26 "body": "" 27 }, 28 "expected": { 29 "debug_log": "Rule returned 1", 30 "error_log": "Value: `foo='", 31 "http_code": 403 32 }, 33 "rules": [ 34 "SecRuleEngine On", 35 "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\"" 36 ] 37}, 38{ 39 "enabled": 1, 40 "version_min": 209000, 41 "version_max": -1, 42 "title": "Regex match does not work when arg ends with unescaped equal char (2/2)", 43 "url": "https:\/\/github.com\/SpiderLabs\/ModSecurity\/issues\/1743", 44 "gihub_issue": 1743, 45 "client": { 46 "ip": "200.249.12.31", 47 "port": 2313 48 }, 49 "server": { 50 "ip": "200.249.12.31", 51 "port": 80 52 }, 53 "request": { 54 "uri":"/?x=foo=", 55 "headers": "", 56 "body": "", 57 "method": "GET", 58 "http_version": 1.1 59 }, 60 "response": { 61 "headers": "", 62 "body": "" 63 }, 64 "expected": { 65 "debug_log": "Rule returned 1", 66 "error_log": "Value: `foo='", 67 "http_code": 403 68 }, 69 "rules": [ 70 "SecRuleEngine On", 71 "SecRule ARGS \"foo?=\" \"phase:2,id:1,capture,t:none,t:lowercase,deny,msg:'XSS Attack Detected',logdata:'Matched Data: %{TX.0} found within %{MATCHED_VAR_NAME}: %{MATCHED_VAR}'\"" 72 ] 73} 74] 75