Naxsi Rules Bug
Edward Prevost
prevost at adobe.com
Wed Apr 23 18:35:05 UTC 2014
NginX Homies,
It appears that the $URL:/ construct isn't working. in a set of test scripts
we are running we noticed this.
Original Rule, placed within the http block in the configuration file. This
rule rejected all requests, regardless of match or not.
MainRule "rx:\"" "msg:Filtering key_one variable"
"mz:$URL:/validate-bad-key-variable|$ARGS_VAR:key_one|$HEADERS_VAR:X-Key-One
" "s:$INVALID_KEY:8" id:1666;
Modified Rule after binary testing to find the culprit, placed within the
http block in the configuration file. This rule functioned as expected, but
was not limited in it's URL scope as desired.
MainRule "rx:\"" "msg:Filtering key_one variable"
"mz:URL|$ARGS_VAR:key_one|$HEADERS_VAR:X-Key-One" "s:$INVALID_KEY:8"
id:1666;
Has anyone else encountered this bug?
Thanks,
Ed
Description: Description: adobe_logo_web
Edward Prevost
Platform Security Architect
Adobe Systems
v. 668230
p. 408.536.6823
m. 509.254.7690
@EdwardPrevost
345 Park Ave
San Jose, CA 95011
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140423/e0bb8961/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 2385 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140423/e0bb8961/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5496 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140423/e0bb8961/attachment-0001.bin>
More information about the nginx
mailing list