mirror of
https://github.com/alibaba/higress.git
synced 2026-03-01 23:20:52 +08:00
37 lines
1.5 KiB
Plaintext
37 lines
1.5 KiB
Plaintext
# Overrides default SecResponseBodyMimeType in order to add application/json (httpbin response Content-Type)
|
|
SecResponseBodyMimeType text/plain text/html text/xml application/json
|
|
# crs-setup.conf.example defaults SecAction only for phase 1 and 2.
|
|
# Adding logs for phase 3, 4 and 5 otherwise go-ftw is not able to detected the triggered rules
|
|
SecDefaultAction "phase:3,log,auditlog,pass"
|
|
SecDefaultAction "phase:4,log,auditlog,pass"
|
|
SecDefaultAction "phase:5,log,auditlog,pass"
|
|
SecDebugLogLevel 3
|
|
|
|
# Rule 900005 from https://github.com/coreruleset/coreruleset/blob/v4.0/dev/tests/regression/README.md#requirements
|
|
# By default rule 900340 is commented, therefore max_file_size is added to 900005 in order to test 920400-* rules
|
|
SecAction "id:900005,\
|
|
phase:1,\
|
|
nolog,\
|
|
pass,\
|
|
ctl:ruleEngine=DetectionOnly,\
|
|
ctl:ruleRemoveById=910000,\
|
|
setvar:tx.blocking_paranoia_level=4,\
|
|
setvar:tx.crs_validate_utf8_encoding=1,\
|
|
setvar:tx.arg_name_length=100,\
|
|
setvar:tx.arg_length=400,\
|
|
setvar:tx.total_arg_length=64000,\
|
|
setvar:tx.max_num_args=255,\
|
|
setvar:tx.max_file_size=64100,\
|
|
setvar:tx.combined_file_sizes=65535"
|
|
|
|
# Write the value from the X-CRS-Test header as a marker to the log
|
|
# Requests with X-CRS-Test header will not be matched by any rule. See https://github.com/coreruleset/go-ftw/pull/133
|
|
SecRule REQUEST_HEADERS:X-CRS-Test "@rx ^.*$" \
|
|
"id:999999,\
|
|
phase:1,\
|
|
pass,\
|
|
t:none,\
|
|
log,\
|
|
msg:'X-CRS-Test %{MATCHED_VAR}',\
|
|
ctl:ruleRemoveById=1-999999"
|