diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 50e2a95..b23e5b4 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -34,7 +34,7 @@ jobs: go-version: '1.23' - name: Build - run: | + run: | go run mage.go generate - name: Test diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index a146206..afb1e42 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -49,9 +49,7 @@ jobs: - name: "Generate parser files" run: | - pushd g4 ./generate.sh - popd - name: Install dependencies run: | @@ -60,4 +58,3 @@ jobs: - name: "Run unit tests" run: | uv run pytest -vs - diff --git a/.gitignore b/.gitignore index c74893f..cd21cf4 100644 --- a/.gitignore +++ b/.gitignore @@ -74,4 +74,4 @@ go.work.sum # Editor/IDE .idea/ -.vscode/ \ No newline at end of file +.vscode/ diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..3d8c20d --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,29 @@ +--- +ci: + autofix_commit_msg: | + chore(formatting): auto fixes from pre-commit hooks + + for more information, see https://pre-commit.ci + autofix_prs: true + skip: [] + submodules: false +# Update the rev variable with the release version that you want, from the yamllint repo +# You can pass your custom .yamllint with args attribute. +repos: +- repo: https://github.com/pre-commit/pre-commit-hooks + rev: v5.0.0 + hooks: + - id: check-yaml + args: [--allow-multiple-documents] + - id: end-of-file-fixer + - id: trailing-whitespace + exclude: '^regex-assembly/' + args: [--markdown-linebreak-ext=md] +- repo: local + hooks: + - id: run-generate + name: run-generate + entry: './generate.sh' + language: script + pass_filenames: false + files: '^g4/' diff --git a/README.md b/README.md index b9a61b3..27815e8 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ This repo contains the ANTLR files for a SecLang parser. ## Why a new parser? -There has been efforts towards having parsers in different languages. Using ANTLR would allow us to have a common parser and generate parsing engines for different languages easily. +There has been efforts towards having parsers in different languages. Using ANTLR would allow us to have a common parser and generate parsing engines for different languages easily. This way we would consolidate efforts, and we can have a more robust parser. ## Features we (might) want diff --git a/g4/SecLangLexer.g4 b/g4/SecLangLexer.g4 index 2cf0ad6..8ead145 100644 --- a/g4/SecLangLexer.g4 +++ b/g4/SecLangLexer.g4 @@ -23,7 +23,7 @@ tokens { } WS - : ([ \t\r\n]+ | '\\' '\n' | '\\') -> skip + : ([ \t\r\n]+ | '\\' '\n' | '\\') -> skip ; COMMENT @@ -117,8 +117,8 @@ RPAREN // MODSEC CONFIG ACTION_ACCURACY : 'accuracy' - ; - + ; + ACTION_ALLOW : 'allow:' ('REQUEST'|'PHASE') | ('phase:' ('REQUEST|PHASE') | 'allow') ; @@ -1256,11 +1256,11 @@ SPACE_COL : ' ' -> skip, pushMode(OPERATOR_START_MODE) ; -COMMA_COL +COMMA_COL : ',' -> type(COMMA), popMode ; -QUOTE_COL +QUOTE_COL : '"' -> type(QUOTE), popMode ; @@ -1274,11 +1274,11 @@ SPACE_VAR : ' ' -> skip, pushMode(OPERATOR_START_MODE) ; -COMMA_VAR +COMMA_VAR : ',' -> type(COMMA), popMode ; -QUOTE_VAR +QUOTE_VAR : '"' -> type(QUOTE), popMode ; @@ -1323,10 +1323,10 @@ NOT_OPERATOR ; SKIP_CHARS - : [\\\t\r\n ]+ -> skip + : [\\\t\r\n ]+ -> skip ; -QUOTE_OP +QUOTE_OP : '"' -> type(QUOTE), pushMode(OPERATOR_WITH_QUOTES) ; @@ -1347,4 +1347,3 @@ AT OPERATOR_QUOTED_STRING : (('\\"') | ~([" @!])) (('\\"')|~('"'))* -> pushMode(DEFAULT_MODE) ; - diff --git a/g4/SecLangParser.g4 b/g4/SecLangParser.g4 index a6a89b5..7b50a9e 100644 --- a/g4/SecLangParser.g4 +++ b/g4/SecLangParser.g4 @@ -487,4 +487,4 @@ assignment: EQUAL | EQUALS_PLUS | EQUALS_MINUS - ; \ No newline at end of file + ; diff --git a/g4/generate.go b/g4/generate.go index 24957cc..4f19c8d 100644 --- a/g4/generate.go +++ b/g4/generate.go @@ -3,4 +3,4 @@ package g4 -//go:generate ./generate.sh +//go:generate ../generate.sh diff --git a/g4/generate.sh b/g4/generate.sh deleted file mode 100755 index e745c4a..0000000 --- a/g4/generate.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh -# Copyright 2023 Felipe Zipitria -# SPDX-License-Identifier: Apache-2.0 - - -alias antlr4='java -Xmx500M -cp "../lib/antlr-4.13.2-complete.jar:$CLASSPATH" org.antlr.v4.Tool' -antlr4 -Dlanguage=Go -no-visitor -package parser -o ../parser *.g4 -antlr4 -Dlanguage=Python3 -no-visitor -package parser -o ../src/seclang_parser *.g4 diff --git a/generate.sh b/generate.sh new file mode 100755 index 0000000..5cc5686 --- /dev/null +++ b/generate.sh @@ -0,0 +1,23 @@ +#!/bin/sh +# Copyright 2023 Felipe Zipitria +# SPDX-License-Identifier: Apache-2.0 + +# This script is used to generate the parser files for the seclang DSL. +# It is used by the pre-commit hook to ensure that the parser files are up to date. + +# Check if java is installed +if ! command -v java >/dev/null 2>&1; then + echo "Java is not installed. Please install Java and try again." + exit 1 +fi + +# Find g4 files and change directory +g4_files=$(find . -name "SecLangLexer.g4") +g4_dir=$(dirname "$g4_files") + +# Change directory to g4 +cd "$g4_dir" + +alias antlr4='java -Xmx500M -cp "../lib/antlr-4.13.2-complete.jar:$CLASSPATH" org.antlr.v4.Tool' +antlr4 -Dlanguage=Go -no-visitor -package parser -o ../parser *.g4 +antlr4 -Dlanguage=Python3 -no-visitor -package parser -o ../src/seclang_parser *.g4 diff --git a/parser/.gitkeep b/parser/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/src/seclang_parser/actions.py b/src/seclang_parser/actions.py index 3920b01..6a10800 100644 --- a/src/seclang_parser/actions.py +++ b/src/seclang_parser/actions.py @@ -81,4 +81,4 @@ def get_actions_by_key(self, key): actions = [action for action in self.non_disruptive_actions if action.get_key() == key] actions.extend(action for action in self.flow_actions if action.get_key() == key) actions.extend(action for action in self.data_actions if action.get_key() == key) - return actions \ No newline at end of file + return actions diff --git a/src/seclang_parser/cli.py b/src/seclang_parser/cli.py index d728391..0106ce2 100644 --- a/src/seclang_parser/cli.py +++ b/src/seclang_parser/cli.py @@ -34,4 +34,3 @@ def run(): if __name__ == "__main__": run() - diff --git a/src/seclang_parser/configuration.py b/src/seclang_parser/configuration.py index 0fd88c1..5641388 100644 --- a/src/seclang_parser/configuration.py +++ b/src/seclang_parser/configuration.py @@ -8,4 +8,4 @@ def __init__(self): self.configurations = [] def add_configuration(self, configuration): - self.configurations.append(configuration) \ No newline at end of file + self.configurations.append(configuration) diff --git a/src/seclang_parser/directives.py b/src/seclang_parser/directives.py index 2fbac31..d22ffb7 100644 --- a/src/seclang_parser/directives.py +++ b/src/seclang_parser/directives.py @@ -155,4 +155,4 @@ def to_seclang_with_param(self, initial_string): result += "\n" if chained_rule and self.chained_rule: result += self.chained_rule.to_seclang_with_param(initial_string + " ") - return result \ No newline at end of file + return result diff --git a/src/seclang_parser/metadata.py b/src/seclang_parser/metadata.py index 95a6b52..1712d78 100644 --- a/src/seclang_parser/metadata.py +++ b/src/seclang_parser/metadata.py @@ -88,4 +88,4 @@ def add_tag(self, value): self.tags.append(value) def set_ver(self, value): - self.ver = value \ No newline at end of file + self.ver = value diff --git a/src/seclang_parser/operators.py b/src/seclang_parser/operators.py index 982fdf3..8b48f15 100644 --- a/src/seclang_parser/operators.py +++ b/src/seclang_parser/operators.py @@ -10,4 +10,4 @@ def set_operator_value(self, value): self.value = value def to_string(self): - return f"@{self.name} {self.value}" \ No newline at end of file + return f"@{self.name} {self.value}" diff --git a/src/seclang_parser/parser.py b/src/seclang_parser/parser.py index 511076e..146f69f 100644 --- a/src/seclang_parser/parser.py +++ b/src/seclang_parser/parser.py @@ -41,5 +41,3 @@ def enterComment(self, ctx: SecLangParser.CommentContext): def enterId(self, ctx:SecLangParser.IdContext): self.ids.append(ctx.getText()) - - diff --git a/src/seclang_parser/transformations.py b/src/seclang_parser/transformations.py index 958c79a..5762b0b 100644 --- a/src/seclang_parser/transformations.py +++ b/src/seclang_parser/transformations.py @@ -7,4 +7,4 @@ def add_transformation(self, transformation): def to_string(self): results = [f"t:{transformation}" for transformation in self.transformations] - return ",".join(results) \ No newline at end of file + return ",".join(results) diff --git a/src/seclang_parser/variables.py b/src/seclang_parser/variables.py index fec089c..98b0dbe 100644 --- a/src/seclang_parser/variables.py +++ b/src/seclang_parser/variables.py @@ -6,4 +6,4 @@ def to_string(self): return "|".join(self.variables) def add_variable(self, variable): - self.variables.append(variable) \ No newline at end of file + self.variables.append(variable) diff --git a/testdata/REQUEST-905-COMMON-EXCEPTIONS.conf b/testdata/REQUEST-905-COMMON-EXCEPTIONS.conf index 2a17e8b..ead345e 100644 --- a/testdata/REQUEST-905-COMMON-EXCEPTIONS.conf +++ b/testdata/REQUEST-905-COMMON-EXCEPTIONS.conf @@ -30,4 +30,4 @@ SecRule REQUEST_LINE "@streq GET /" \ SecRule REMOTE_ADDR "@ipMatch 127.0.0.1,::1" \ "t:none,\ ctl:ruleRemoveByTag=OWASP_CRS,\ - ctl:auditEngine=Off" \ No newline at end of file + ctl:auditEngine=Off" diff --git a/testdata/plugins/drupal-rule-exclusions-before.conf b/testdata/plugins/drupal-rule-exclusions-before.conf index e46de63..3858231 100644 --- a/testdata/plugins/drupal-rule-exclusions-before.conf +++ b/testdata/plugins/drupal-rule-exclusions-before.conf @@ -9,7 +9,7 @@ # OWASP CRS Plugin # Plugin name: drupal-rule-exclusions -# Plugin description: +# Plugin description: # Rule ID block base: 9,506,000 - 9,506,999 # Plugin version: 1.0.0 diff --git a/testdata/plugins/drupal-rule-exclusions-config.conf b/testdata/plugins/drupal-rule-exclusions-config.conf index 1a38e9b..a40b12a 100644 --- a/testdata/plugins/drupal-rule-exclusions-config.conf +++ b/testdata/plugins/drupal-rule-exclusions-config.conf @@ -9,7 +9,7 @@ # OWASP CRS Plugin # Plugin name: drupal-rule-exclusions -# Plugin description: +# Plugin description: # Rule ID block base: 9,506,000 - 9,506,999 # Plugin version: 1.0.0 diff --git a/testdata/plugins/google-oauth2-before.conf b/testdata/plugins/google-oauth2-before.conf index 4a0e16e..d3576a2 100644 --- a/testdata/plugins/google-oauth2-before.conf +++ b/testdata/plugins/google-oauth2-before.conf @@ -9,7 +9,7 @@ # OWASP CRS Plugin # Plugin name: google-oauth2 -# Plugin description: +# Plugin description: # Rule ID block base: 9,505,000 - 9,505,999 # Plugin version: 1.0.0 diff --git a/testdata/plugins/google-oauth2-config.conf b/testdata/plugins/google-oauth2-config.conf index 88520ef..2d12503 100644 --- a/testdata/plugins/google-oauth2-config.conf +++ b/testdata/plugins/google-oauth2-config.conf @@ -9,7 +9,7 @@ # OWASP CRS Plugin # Plugin name: google-oauth2 -# Plugin description: +# Plugin description: # Rule ID block base: 9,505,000 - 9,505,999 # Plugin version: 1.0.0 diff --git a/testdata/plugins/wordpress-rule-exclusions-config.conf b/testdata/plugins/wordpress-rule-exclusions-config.conf index e5467a0..fa37793 100644 --- a/testdata/plugins/wordpress-rule-exclusions-config.conf +++ b/testdata/plugins/wordpress-rule-exclusions-config.conf @@ -9,7 +9,7 @@ # OWASP CRS Plugin # Plugin name: wordpress-rule-exclusions -# Plugin description: +# Plugin description: # Rule ID block base: 9,507,000 - 9,507,999 # Plugin version: 1.0.1 diff --git a/testdata/test6.conf b/testdata/test6.conf index 202569d..92ebc06 100644 --- a/testdata/test6.conf +++ b/testdata/test6.conf @@ -10,4 +10,4 @@ SecRule TX:enforce_bodyproc_urlencoded "@eq 1" \ ver:'OWASP_CRS/4.0.0-rc1',\ chain" SecRule REQBODY_PROCESSOR "!@rx (?:URLENCODED|MULTIPART|XML|JSON)" \ - "ctl:requestBodyProcessor=URLENCODED" \ No newline at end of file + "ctl:requestBodyProcessor=URLENCODED" diff --git a/testdata/test7.conf b/testdata/test7.conf index 4af29e7..28826d4 100644 --- a/testdata/test7.conf +++ b/testdata/test7.conf @@ -41,10 +41,10 @@ SecRule TX:enforce_bodyproc_urlencoded "@unconditionalMatch" "id:200, phase:2, d SecRule FILES "@rx \.conf$" "id:17" -# Detect Nikto +# Detect Nikto SecRule REQUEST_HEADERS:User-Agent "@rx nikto" "phase:1,id:173,t:lowercase" -# Detect Nikto with a case-insensitive pattern +# Detect Nikto with a case-insensitive pattern SecRule REQUEST_HEADERS:User-Agent "@rx (?i)nikto" "phase:1,id:174,t:none" @@ -54,4 +54,4 @@ SecAction \ pass,\ t:none,\ nolog,\ - setvar:tx.crs_setup_version=400" \ No newline at end of file + setvar:tx.crs_setup_version=400" diff --git a/testdata/test_04_directives.conf b/testdata/test_04_directives.conf index 9134bbc..3fd3757 100644 --- a/testdata/test_04_directives.conf +++ b/testdata/test_04_directives.conf @@ -7,4 +7,4 @@ SecUnicodeMapFile unicode.mapping 20127 SecAuditLog /path/to/audit.log -SecAuditLog "/path/to/audit.log" \ No newline at end of file +SecAuditLog "/path/to/audit.log" diff --git a/testdata/test_06_secaction2.conf b/testdata/test_06_secaction2.conf index 4be8287..dc999b7 100644 --- a/testdata/test_06_secaction2.conf +++ b/testdata/test_06_secaction2.conf @@ -19,4 +19,3 @@ SecAction "id:900005,\ setvar:tx.arg_length=400,\ setvar:tx.max_file_size=64100,\ setvar:tx.combined_file_sizes=65535" - diff --git a/testdata/test_07_secaction3.conf b/testdata/test_07_secaction3.conf index 15b39ff..e17ebde 100644 --- a/testdata/test_07_secaction3.conf +++ b/testdata/test_07_secaction3.conf @@ -19,4 +19,3 @@ SecAction "id:900005,\ setvar:'tx.arg_length=400',\ setvar:tx.max_file_size=64100,\ setvar:tx.combined_file_sizes=65535" - diff --git a/testdata/test_14_secaction_ctl_06.conf b/testdata/test_14_secaction_ctl_06.conf index 5aa88e5..5d238b1 100644 --- a/testdata/test_14_secaction_ctl_06.conf +++ b/testdata/test_14_secaction_ctl_06.conf @@ -5,4 +5,3 @@ SecAction "id:900005,\ pass,\ ctl:ruleEngine=DetectionOnly,\ ctl:ruleRemoveById=910000" - diff --git a/testdata/test_15_secaction_01.conf b/testdata/test_15_secaction_01.conf index 00edde6..3496a07 100644 --- a/testdata/test_15_secaction_01.conf +++ b/testdata/test_15_secaction_01.conf @@ -11,4 +11,3 @@ SecAction "id:900005,\ setvar:'tx.arg_length=400',\ setvar:tx.max_file_size=64100,\ setvar:tx.combined_file_sizes=65535" - diff --git a/testdata/test_18_secrule_03.conf b/testdata/test_18_secrule_03.conf index 9ba960a..f267df9 100644 --- a/testdata/test_18_secrule_03.conf +++ b/testdata/test_18_secrule_03.conf @@ -1,2 +1,2 @@ # Expect a failure on non-existent operator -SecRule REQUEST_HEADERS:X-CRS-Test "@ry foo" +SecRule REQUEST_HEADERS:X-CRS-Test "@ry foo" diff --git a/testdata/test_25_secrule_10.conf b/testdata/test_25_secrule_10.conf index 5237e41..3b4a512 100644 --- a/testdata/test_25_secrule_10.conf +++ b/testdata/test_25_secrule_10.conf @@ -17,5 +17,3 @@ SecRule FILES|FILES_NAMES "!@rx (?i)^(?:&(?:(?:[acegiln-or-suz]acut|[aeiou]grav| ver:'OWASP_CRS/4.0.0-rc2',\ severity:'CRITICAL',\ setvar:'tx.inbound_anomaly_score_pl1=+%{tx.critical_anomaly_score}'" - - diff --git a/testdata/test_26_secrule_11.conf b/testdata/test_26_secrule_11.conf index 818328b..054b5db 100644 --- a/testdata/test_26_secrule_11.conf +++ b/testdata/test_26_secrule_11.conf @@ -20,4 +20,3 @@ SecRule REQUEST_URI "@rx \x25" \ chain" SecRule REQUEST_URI "@validateUrlEncoding" \ "setvar:'tx.inbound_anomaly_score_pl1=+%{tx.warning_anomaly_score}'" - diff --git a/testdata/test_27_secrule_12.conf b/testdata/test_27_secrule_12.conf index c58621f..1512ccd 100644 --- a/testdata/test_27_secrule_12.conf +++ b/testdata/test_27_secrule_12.conf @@ -1,4 +1,3 @@ SecRule REQUEST_URI "@validateUrlEncoding" \ "setvar:'tx.inbound_anomaly_score_pl1=+%{tx.warning_anomaly_score}'" - diff --git a/testdata/test_28_secrule_13.conf b/testdata/test_28_secrule_13.conf index c842abf..07d25ab 100644 --- a/testdata/test_28_secrule_13.conf +++ b/testdata/test_28_secrule_13.conf @@ -21,4 +21,3 @@ SecRule FILES|REQUEST_HEADERS:X-Filename|REQUEST_HEADERS:X_Filename|REQUEST_HEAD severity:'CRITICAL',\ setvar:'tx.rce_score=+%{tx.critical_anomaly_score}',\ setvar:'tx.inbound_anomaly_score_pl1=+%{tx.critical_anomaly_score}'" - diff --git a/testdata/test_29_secrule_14.conf b/testdata/test_29_secrule_14.conf index 407e100..f90b96e 100644 --- a/testdata/test_29_secrule_14.conf +++ b/testdata/test_29_secrule_14.conf @@ -10,4 +10,3 @@ SecRule REQUEST_FILENAME "!@validateByteRange 20, 45-47, 48-57, 65-90, 95, 97-12 # - diff --git a/testdata/test_32_secrule_16.conf b/testdata/test_32_secrule_16.conf index 02fdd5c..7c7b80c 100644 --- a/testdata/test_32_secrule_16.conf +++ b/testdata/test_32_secrule_16.conf @@ -18,4 +18,3 @@ SecRule TX:DO_REPUT_BLOCK "@eq 1" \ "setvar:'tx.anomaly_score_pl1=+%{tx.critical_anomaly_score}'" # - diff --git a/testdata/test_33_secrule_16.conf b/testdata/test_33_secrule_16.conf index 2b7e6fc..bb1ca0a 100644 --- a/testdata/test_33_secrule_16.conf +++ b/testdata/test_33_secrule_16.conf @@ -21,4 +21,3 @@ SecRule REQUEST_URI|REQUEST_HEADERS|ARGS|ARGS_NAMES "@rx (?:^|[^\\\\])\\\\[cdegh # - diff --git a/testdata/test_35_all_directives.conf b/testdata/test_35_all_directives.conf index 6af8592..41adf7a 100644 --- a/testdata/test_35_all_directives.conf +++ b/testdata/test_35_all_directives.conf @@ -39,4 +39,3 @@ SecRule TX:enforce_bodyproc_urlencoded "@eq 1" \ noauditlog,\ msg:'Enabling forced body inspection for ASCII content',\ ver:'OWASP_CRS/4.0.0-rc1'" - diff --git a/testdata/test_36_chain.conf b/testdata/test_36_chain.conf index d7f0980..ab8a9be 100644 --- a/testdata/test_36_chain.conf +++ b/testdata/test_36_chain.conf @@ -56,4 +56,3 @@ SecRule REMOTE_ADDR "@ipMatch 127.0.0.1,::1" \ "t:none,\ ctl:ruleRemoveByTag=OWASP_CRS,\ ctl:auditEngine=Off" - diff --git a/testdata/test_37_ugly_rules.conf b/testdata/test_37_ugly_rules.conf index 1f79cce..2e30020 100644 --- a/testdata/test_37_ugly_rules.conf +++ b/testdata/test_37_ugly_rules.conf @@ -3,4 +3,4 @@ SecRule REQUEST_URI "@contains hola%" "id:1, phase:1, pass" SecRule REQUEST_URI "hola" "id:1, phase:1, pass" -SecRule REQUEST_URI hola "id:1, phase:1, pass" \ No newline at end of file +SecRule REQUEST_URI hola "id:1, phase:1, pass" diff --git a/testdata/test_38_update_rules.conf b/testdata/test_38_update_rules.conf index ba840da..339684e 100644 --- a/testdata/test_38_update_rules.conf +++ b/testdata/test_38_update_rules.conf @@ -11,4 +11,4 @@ SecRuleUpdateTargetById 958895 !REQUEST_FILENAME,REQUEST_URI SecRuleUpdateTargetByTag "WASCTC/WASC-31" !ARGS:email -SecRuleUpdateTargetByMsg "System Command Injection" !REQUEST_FILENAME|REQUEST_URI \ No newline at end of file +SecRuleUpdateTargetByMsg "System Command Injection" !REQUEST_FILENAME|REQUEST_URI diff --git a/testdata/test_39_remove_rules.conf b/testdata/test_39_remove_rules.conf index 4e19923..003d354 100644 --- a/testdata/test_39_remove_rules.conf +++ b/testdata/test_39_remove_rules.conf @@ -2,4 +2,4 @@ SecRuleRemoveByID 1 2 9000-9010 SecRuleRemoveByMsg FAIL -SecRuleRemoveByTag attack-dos \ No newline at end of file +SecRuleRemoveByTag attack-dos diff --git a/testdata/test_41_negated_operator_0.conf b/testdata/test_41_negated_operator_0.conf index d123936..ad5005f 100644 --- a/testdata/test_41_negated_operator_0.conf +++ b/testdata/test_41_negated_operator_0.conf @@ -3,4 +3,4 @@ SecRule ARGS|ARGS_NAMES "@rx foo" \ "id:1,\ phase:2,\ nolog, - pass" \ No newline at end of file + pass" diff --git a/testdata/test_41_negated_operator_1.conf b/testdata/test_41_negated_operator_1.conf index 3172861..34ef7b2 100644 --- a/testdata/test_41_negated_operator_1.conf +++ b/testdata/test_41_negated_operator_1.conf @@ -3,4 +3,4 @@ SecRule ARGS|ARGS_NAMES "!@rx foo" \ "id:1,\ phase:2,\ nolog, - pass" \ No newline at end of file + pass" diff --git a/testdata/test_41_negated_operator_n.conf b/testdata/test_41_negated_operator_n.conf index 70640e4..8f21bb8 100644 --- a/testdata/test_41_negated_operator_n.conf +++ b/testdata/test_41_negated_operator_n.conf @@ -22,4 +22,4 @@ SecRule TX:sampling_rnd100 "!@lt %{tx.sampling_percentage}" \ log,\ noauditlog,\ msg:'Sampling: Disable the rule engine based on sampling_percentage %{TX.sampling_percentage} and random number %{TX.sampling_rnd100}',\ - ver:'OWASP_CRS/4.0.0-rc1'" \ No newline at end of file + ver:'OWASP_CRS/4.0.0-rc1'"