test: Not yet supported by version 3

Author: Felipe Zimmerle

tests/regression/action/00-disruptive-actions.t

@@ -442,152 +442,4 @@
 	),
 },
 
-# Proxy
-{
-	type => "action",
-	comment => "proxy in phase:1 (get)",
-	conf => qq(
-		SecRuleEngine On
-		SecRequestBodyAccess On
-		SecResponseBodyAccess On
-		SecResponseBodyMimeType null
-		SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500005"
-	),
-	match_log => {
-		error => {
-			apache => [qr/ModSecurity: Access denied using proxy to \(phase 1\)/, 1],
-			nginx => [qr/ModSecurity: Access denied with code 500 \(phase 1\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
-		},
-	},
-	match_response => {
-		status => {
-			apache => qr/^200$/,
-			nginx => qr/^500$/,
-		},
-		content => {
-			apache => qr/^TEST$/,
-			nginx => qr/^*$/,
-		},
-	},
 
-	request => new HTTP::Request(
-		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
-	),
-},
-{
-	type => "action",
-	comment => "nocanon proxy in phase:1 (get)",
-	conf => qq(
-		SecRuleEngine On
-		SecRequestBodyAccess On
-		SecResponseBodyAccess On
-		SecResponseBodyMimeType null
-		SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'[nocanon]http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500005"
-	),
-	match_log => {
-		error => {
-			apache => [qr/ModSecurity: Access denied using proxy to \(phase 1\)/, 1],
-			nginx => [qr/ModSecurity: Access denied with code 500 \(phase 1\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
-		},
-	},
-	match_response => {
-		status => {
-			apache => qr/^200$/,
-			nginx => qr/^500$/,
-		},
-		content => {
-			apache => qr/^TEST$/,
-			nginx => qr/^*$/,
-		},
-	},
-
-	request => new HTTP::Request(
-		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
-	),
-},
-{
-	type => "action",
-	comment => "proxy in phase:2 (get)",
-	conf => qq(
-		SecRuleEngine On
-		SecRequestBodyAccess On
-		SecResponseBodyAccess On
-		SecResponseBodyMimeType null
-		SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500006"
-	),
-	match_log => {
-		error => {
-			apache => [qr/ModSecurity: Access denied using proxy to \(phase 2\)/, 1],
-			nginx => [qr/ModSecurity: Access denied with code 500 \(phase 2\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
-		},
-	},
-	match_response => {
-		status => {
-			apache => qr/^200$/,
-			nginx => qr/^500$/,
-		},
-		content => {
-			apache => qr/^TEST$/,
-			nginx => qr/^*$/,
-		},
-	},
-	request => new HTTP::Request(
-		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
-	),
-},
-{
-	type => "action",
-	comment => "proxy in phase:3 (get)",
-	conf => qq(
-		SecRuleEngine On
-		SecRequestBodyAccess On
-		SecResponseBodyAccess On
-		SecResponseBodyMimeType null
-		SecDebugLog "$ENV{DEBUG_LOG}"
-		SecDebugLogLevel 4
-		SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500007"
-	),
-	match_log => {
-		error => {
-			apache => [qr/ModSecurity: Access denied with code 500 \(phase 3\) \(Configuration Error: Proxy action requested but it does not work in output phases\)./, 1],
-			nginx => [qr/ModSecurity: Access denied with code 500 \(phase 3\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
-		}
-	},
-	match_response => {
-		status => {
-			apache => qr/^500$/,
-			nginx => qr/^500$/,
-		},
-	},
-	request => new HTTP::Request(
-		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
-	),
-},
-{
-	type => "action",
-	comment => "proxy in phase:4 (get)",
-	conf => qq(
-		SecRuleEngine On
-		SecRequestBodyAccess On
-		SecResponseBodyAccess On
-		SecResponseBodyMimeType null
-		SecDebugLog "$ENV{DEBUG_LOG}"
-		SecDebugLogLevel 4
-		SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',id:500008"
-	),
-	match_log => {
-		error => {
-			apache => [qr/ModSecurity: Access denied with code 500 \(phase 4\) \(Configuration Error: Proxy action requested but it does not work in output phases\)./, 1],
-			nginx => [qr/ModSecurity: Access denied with code 500 \(phase 4\) \(Configuration Error: Proxy action to .* requested but proxy is only available in Apache version\)./, 1],
-		}
-	},
-	match_response => {
-		status => {
-			apache => qr/^500$/,
-			nginx => qr/^500$/,
-		},
-	},
-	request => new HTTP::Request(
-		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
-	),
-},

tests/regression/action/10-append-prepend.t

@@ -452,94 +452,4 @@
 	),
 },
 
-# Proxy
-{
-	type => "action",
-	comment => "proxy in phase:1 (get)",
-	conf => qq(
-		SecRuleEngine DetectionOnly
-		SecRequestBodyAccess On
-		SecResponseBodyAccess On
-		SecResponseBodyMimeType null
-		SecRule REQUEST_URI "\@streq /test2.txt" "phase:1,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED',id:500013"
-	),
-	match_log => {
-		error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
-		-error => [ qr/Access denied/, 1 ],
-	},
-	match_response => {
-		status => qr/^200$/,
-		content => qr/^TEST 2$/,
-	},
-	request => new HTTP::Request(
-		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
-	),
-},
-{
-	type => "action",
-	comment => "proxy in phase:2 (get)",
-	conf => qq(
-		SecRuleEngine DetectionOnly
-		SecRequestBodyAccess On
-		SecResponseBodyAccess On
-		SecResponseBodyMimeType null
-		SecRule REQUEST_URI "\@streq /test2.txt" "phase:2,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED',id:500014"
-	),
-	match_log => {
-		error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
-		-error => [ qr/Access denied/, 1 ],
-	},
-	match_response => {
-		status => qr/^200$/,
-		content => qr/^TEST 2$/,
-	},
-	request => new HTTP::Request(
-		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
-	),
-},
-{
-	type => "action",
-	comment => "proxy in phase:3 (get)",
-	conf => qq(
-		SecRuleEngine DetectionOnly
-		SecRequestBodyAccess On
-		SecResponseBodyAccess On
-		SecResponseBodyMimeType null
-		SecDebugLog "$ENV{DEBUG_LOG}"
-		SecDebugLogLevel 4
-		SecRule REQUEST_URI "\@streq /test2.txt" "phase:3,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED',id:500015"
-	),
-	match_log => {
-		error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
-		-error => [ qr/Access denied/, 1 ],
-	},
-	match_response => {
-		status => qr/^200$/,
-	},
-	request => new HTTP::Request(
-		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
-	),
-},
-{
-	type => "action",
-	comment => "proxy in phase:4 (get)",
-	conf => qq(
-		SecRuleEngine DetectionOnly
-		SecRequestBodyAccess On
-		SecResponseBodyAccess On
-		SecResponseBodyMimeType null
-		SecDebugLog "$ENV{DEBUG_LOG}"
-		SecDebugLogLevel 4
-		SecRule REQUEST_URI "\@streq /test2.txt" "phase:4,proxy:'http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test.txt',msg:'PROXIED',id:500016"
-	),
-	match_log => {
-		error => [ qr/ModSecurity: Warning. String match "\/test2.txt" at REQUEST_URI.*PROXIED/, 1 ],
-		-error => [ qr/Access denied/, 1 ],
-	},
-	match_response => {
-		status => qr/^200$/,
-	},
-	request => new HTTP::Request(
-		GET => "http://$ENV{SERVER_NAME}:$ENV{SERVER_PORT}/test2.txt",
-	),
-},
+

tests/regression/action/10-detectiononly-actions.t

@@ -59,8 +59,7 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 1
-		SecRuleScript "test.lua" "phase:1"
-		SecRule REQUEST_URI "(.)" "phase:4,deny,deprecatevar:bogus,id:500242"
+		SecRule REQUEST_URI "(.)" "phase:4,deny,id:500242"
 	),
 	match_log => {
 		debug => [ qr/\]\[[1]\] /, 1 ],
@@ -84,8 +83,7 @@
 		SecRuleEngine DetectionOnly
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 2
-		SecRuleScript "test.lua" "phase:1"
-		SecRule REQUEST_URI "(.)" "phase:4,deny,deprecatevar:bogus,id:500243"
+		SecRule REQUEST_URI "(.)" "phase:4,deny,id:500243"
 	),
 	match_log => {
 		debug => [ qr/\]\[2\] /, 1 ],
@@ -109,8 +107,7 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 3
-		SecRuleScript "test.lua" "phase:1"
-		SecRule REQUEST_URI "(.)" "phase:4,deny,deprecatevar:bogus,id:500244"
+		SecRule REQUEST_URI "(.)" "phase:4,deny,id:500244"
 	),
 	match_log => {
 		debug => [ qr/\]\[3\] /, 1 ],
@@ -134,8 +131,7 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 4
-		SecRuleScript "test.lua" "phase:1"
-		SecRule REQUEST_URI "(.)" "phase:4,deny,deprecatevar:bogus,id:500245"
+		SecRule REQUEST_URI "(.)" "phase:4,deny,id:500245"
 	),
 	match_log => {
 		debug => [ qr/\]\[4\] /, 1 ],
@@ -159,8 +155,7 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 5
-		SecRuleScript "test.lua" "phase:1"
-		SecRule REQUEST_URI "(.)" "phase:4,deny,deprecatevar:bogus,id:500246"
+		SecRule REQUEST_URI "(.)" "phase:4,deny,id:500246"
 	),
 	match_log => {
 		debug => [ qr/\]\[5\] /, 1 ],
@@ -184,8 +179,7 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 6
-		SecRuleScript "test.lua" "phase:1"
-		SecRule REQUEST_URI "(.)" "phase:4,deny,deprecatevar:bogus,id:500247"
+		SecRule REQUEST_URI "(.)" "phase:4,deny,id:500247"
 	),
 	match_log => {
 		debug => [ qr/\]\[6\] /, 1 ],
@@ -209,8 +203,7 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 7
-		SecRuleScript "test.lua" "phase:1"
-		SecRule REQUEST_URI "(.)" "phase:4,deny,deprecatevar:bogus,id:500248"
+		SecRule REQUEST_URI "(.)" "phase:4,deny,id:500248"
 	),
 	match_log => {
 		debug => [ qr/\]\[7\] /, 1 ],
@@ -234,8 +227,7 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 8
-		SecRuleScript "test.lua" "phase:1"
-		SecRule REQUEST_URI "(.)" "phase:4,deny,deprecatevar:bogus,id:500249"
+		SecRule REQUEST_URI "(.)" "phase:4,deny,id:500249"
 	),
 	match_log => {
 		debug => [ qr/\]\[8\] /, 1 ],
@@ -259,8 +251,7 @@
 		SecRuleEngine On
 		SecDebugLog $ENV{DEBUG_LOG}
 		SecDebugLogLevel 9
-		SecRuleScript "test.lua" "phase:1"
-		SecRule REQUEST_URI "(.)" "phase:4,deny,deprecatevar:bogus,id:500250"
+		SecRule REQUEST_URI "(.)" "phase:4,deny,id:500250"
 	),
 	match_log => {
 		debug => [ qr/\]\[9\] /, 1 ],