Task48Start - Fix support for regex argument names

See TasksExplained? for more infos about tasks. This task is based on the template at TaskTemplateStart

Status : closed
Category : rule-generator
Date opened : 2007-03-22
Description : Fix support for regex argument names
Referenced in stories/tasks : WebStatistics ReleaseNotes? -0-1-4
Testsuite : ruleset-action-tests
Commited revision : 190

Remarks :

Some regular expressions in argument names have to be translated for ModSecurity, which wants special escaping.

There is a conversion table below

---

Changelog

2007-03-22 - conversion table for some examples

Standard regex argument	ModSecurity argument
user_[a-z]{1,12}	ARGS:'/^user_[a-z]{1,12}$/'
user_\w{1,12}	ARGS:'/^user_\\\w{1,12}$/'
user_[\w-]{1,12}	ARGS:'/^user_[\\\w-]{1,12}$/'
user\[\w{1,12}\]	ARGS:'/^user\\\[\\\w{1,12}\\\]$/'
user\[[\w-]{1,12}\]	ARGS:'/^user\\\[[\\\w-]{1,12}\\\]$/'

In the end it boils down to translate \ into \\\.

2007-03-22 - extended action-tests

The action tests have been extended to support variable parameter names.

• q_[a-z]{1,4}
• q_\w{1,4}
• q_[\w-]{1,4}
• q\[\w{1,4}\]
• q\[[\w-]{1,4}\]

All new query string parameters have domain \d.

The same goes for headers, cookies and post parameters.