1#vi:filetype=perl 2 3 4# A AJOUTER : 5# TEST CASE AVEC UNE REGLE SUR UN HEADER GENERIQUE 6# La même sur des arguments :) 7 8use lib 'lib'; 9use Test::Nginx::Socket; 10 11repeat_each(3); 12 13plan tests => repeat_each(1) * blocks(); 14no_root_location(); 15no_long_string(); 16$ENV{TEST_NGINX_SERVROOT} = server_root(); 17run_tests(); 18 19 20__DATA__ 21=== TEST 1: Basic GET request with no rules, drop 22--- main_config 23load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so; 24--- config 25location / { 26 SecRulesEnabled; 27 LearningMode; 28 DeniedUrl "/RequestDenied"; 29 CheckRule "$SQL >= 8" BLOCK; 30 CheckRule "$RFI >= 8" BLOCK; 31 CheckRule "$TRAVERSAL >= 4" BLOCK; 32 CheckRule "$XSS >= 8" BLOCK; 33 LibInjectionXss; 34 CheckRule "$LIBINJECTION_XSS >= 8" BLOCK; 35 LibInjectionSql; 36 CheckRule "$LIBINJECTION_SQL >= 8" BLOCK; 37 38 root $TEST_NGINX_SERVROOT/html/; 39 index index.html index.htm; 40} 41location /RequestDenied { 42 return 412; 43} 44--- request 45GET /?a=buibui 46--- error_code: 412 47=== TEST 1.1: Basic GET request with no rules, whitelist the special rule. 48--- main_config 49load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so; 50--- config 51location / { 52 SecRulesEnabled; 53 BasicRule wl:19; 54 LearningMode; 55 DeniedUrl "/RequestDenied"; 56 CheckRule "$SQL >= 8" BLOCK; 57 CheckRule "$RFI >= 8" BLOCK; 58 CheckRule "$TRAVERSAL >= 4" BLOCK; 59 CheckRule "$XSS >= 8" BLOCK; 60 LibInjectionXss; 61 CheckRule "$LIBINJECTION_XSS >= 8" BLOCK; 62 LibInjectionSql; 63 CheckRule "$LIBINJECTION_SQL >= 8" BLOCK; 64 65 root $TEST_NGINX_SERVROOT/html/; 66 index index.html index.htm; 67} 68location /RequestDenied { 69 return 412; 70} 71--- request 72GET /?a=buibui 73--- error_code: 200 74