[Owasp-modsecurity-core-rule-set] [JIRA] Closed: (CORERULES-71) CRS and json

Tue, 19 Jul 2011 13:56:23 -0700 

     [ 
https://www.modsecurity.org/tracker/browse/CORERULES-71?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Ryan Barnett closed CORERULES-71.
---------------------------------


> CRS and json
> ------------
>
>                 Key: CORERULES-71
>                 URL: https://www.modsecurity.org/tracker/browse/CORERULES-71
>             Project: Core Rules
>          Issue Type: Bug
>      Security Level: Normal
>          Components: False positive
>            Reporter: kuba
>            Assignee: Ryan Barnett
>
> Hi,
> I'm a modsecurity/crs newbie. I like both projects very much!
> I have one question though: How to cope with json in POST requests to 
> the server, e.g.
> {"requiredMessages":[{"contactID":"86","lastInGot":null,"lastOutGot":null},{"contactID":"85","lastInGot":null,"lastOutGot":null},{"contactID":"90","lastInGot":null,"lastOutGot":null}],"readMessages":[],"userEvents":[{"eventID":"2","eventName":"openTab","eventParam":86},{"eventID":"3","eventName":"openTab","eventParam":85},{"eventID":"4","eventName":"openTab","eventParam":90}]}
> I tried the request here:
> http://www.modsecurity.org/demo/
> http://demo.php-ids.org/
> Modsecurity always blocks the request - due to rules imported from 
> php-ids. But when trying on php-ids website with checked json checkbox 
> the request is considered ok.
> Is it possible to detect json requests in modsecurity/crs automatically? 
> Or should I mark them somehow, e.g. add request header, use only special 
> variable name jsondata?
> When the json request is detected is it possible to process it the same 
> way as php-ids would do it?
> Looking in the source code of php-ids, I think that when it detects json 
> data (using variable name) it first decodes it and then it's processed 
> by rules. Would it be possible to do the same in modsecurity?
> Thanks,
> Kuba

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

Reply via email to