Hi Stefan,
thanks for your response. Anyway, the regex you propose:
^[YoUrCharS]*$
will match the entire request...isn't it? I want to match only the
submitted payload -variables and their values- that is, I don't want to
look in the headers...
So the regex should look the for the presence of "POST " in the five first
characters in the first line of the request, and ignore everything else in
that line, and ignore the rests of headers, and then match only the posted
data...-which I think comes after two <CR><LF>-... Is now more clear...?
:-(
How can I do it?
Regards,
On Thu, 08 Sep 2011 17:57:55 +0200, Stefan de Konink <[email protected]>
wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Op 08-09-11 17:24, Hugo Vazquez Carames schreef:
has anyone tryed to implement a "Regular Expression" Rule Type that
matches the POST payload of a request?
I would like to give a try to such kind of rule, to inspect only
the POST payload and allow only a predefined subset of characters
on it.
Characters sounds pretty scary. But I could imagine that a form
encoded post could be validated by cherokee so it contains something
specific. If it should be part of the webserver is questionable...
The problem here seems to be that you want to match: ^[YoUrCharS]*$
Stefan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEAREKAAYFAk5o5gIACgkQYH1+F2Rqwn0rVgCfbhjtPlH1X0KeW42Iqc7dJZ76
JPcAn0oAO0XqlKZPObuaQ/OlEivwKS73
=HOtb
-----END PGP SIGNATURE-----
_______________________________________________
Cherokee mailing list
[email protected]
http://lists.octality.com/listinfo/cherokee
--
---------------------
Hugo Vázquez Caramés
"El trabajo que nunca se empieza es el que tarda más en finalizarse" (J.
R. R. Tolkien)
"La mayoría de las personas gastan más tiempo y energías en hablar de los
problemas que en afrontarlos" (Henry Ford)
"Lo imposible es el fantasma de los tímidos y el refugio de los cobardes"
(N. Bonaparte)
========================================================
PENTEST Consultores
Tel: 93 3962070 / Fax: 93 3962001
e-mail: [email protected]
========================================================
Gane credibilidad y confianza, visite http://www.pentest.es
Este e-mail es confidencial y destinado únicamente a la persona a la cual
va dirigido. Si Ud. no es el destinatario al cual va dirigido este e-mail
o lo recibe por error, queda advertido que cualquier uso,
difusión,impresión o copia de este mensaje está estrictamente prohibido.
Si lo ha recibido por error, por favor, notifíquelo al remitente del
mensaje
This email is confidential and intended solely for the use of the
individual to whom it is addressed. If you are not the intended
recipient,be advised that you have received this email in error and that
any use,dissemination, forwarding, printing or copying of this email is
strictly prohibited. If you have received this email in error please
notify it to sender.
_______________________________________________
Cherokee mailing list
[email protected]
http://lists.octality.com/listinfo/cherokee
