mirror of
https://github.com/fabriziosalmi/caddy-waf.git
synced 2025-12-23 22:27:46 -05:00
65 lines
2.0 KiB
JSON
65 lines
2.0 KiB
JSON
[
|
|
{
|
|
"id": "hrs-cl-te-mismatch",
|
|
"phase": 2,
|
|
"pattern": "(?i)(?:Transfer-Encoding:.+\\n.*Content-Length:.+)|(?:Content-Length:.+\\n.*Transfer-Encoding:.+)",
|
|
"targets": ["HEADERS"],
|
|
"severity": "HIGH",
|
|
"action": "log",
|
|
"score": 7,
|
|
"description": "Log requests with Content-Length and Transfer-Encoding headers simultaneously."
|
|
},
|
|
{
|
|
"id": "hrs-chunked-encoding-without-terminator",
|
|
"phase": 2,
|
|
"pattern": "(?i)Transfer-Encoding: chunked",
|
|
"targets": ["HEADERS"],
|
|
"severity": "HIGH",
|
|
"action": "log",
|
|
"score": 6,
|
|
"description": "Log requests with chunked Transfer-Encoding but without chunked payload."
|
|
},
|
|
{
|
|
"id":"hrs-content-length-zero",
|
|
"phase": 2,
|
|
"pattern": "(?i)Content-Length:\\s*0",
|
|
"targets": ["HEADERS"],
|
|
"severity":"LOW",
|
|
"action":"log",
|
|
"score": 3,
|
|
"description":"Log Content-Length zero."
|
|
},
|
|
{
|
|
"id": "hrs-multiple-content-length",
|
|
"phase": 2,
|
|
"pattern": "(?i)Content-Length:.+\\n.*Content-Length:.+",
|
|
"targets": ["HEADERS"],
|
|
"severity": "HIGH",
|
|
"action": "log",
|
|
"score": 6,
|
|
"description": "Log requests with multiple Content-Length headers."
|
|
},
|
|
{
|
|
"id": "hrs-invalid-te",
|
|
"phase": 2,
|
|
"pattern": "(?i)Transfer-Encoding:\\s*[^\\s]*[^\\s,\t]*?(?i)(?:chunked)|(?i)(?:identity)|(?i)(?:gzip)",
|
|
"targets":["HEADERS"],
|
|
"severity": "MEDIUM",
|
|
"action": "log",
|
|
"score": 5,
|
|
"description": "Log requests with Transfer-Encoding that contains values different from chunked, identity or gzip"
|
|
|
|
},
|
|
{
|
|
"id":"hrs-te-with-non-compliant-chars",
|
|
"phase":2,
|
|
"pattern":"(?i)Transfer-Encoding:\\s*[^\\s\\n]*[^\\s\\n,\t]*",
|
|
"targets": ["HEADERS"],
|
|
"severity":"MEDIUM",
|
|
"action":"log",
|
|
"score": 4,
|
|
"description":"Log Transfer-Encoding header that does not comply with standards"
|
|
|
|
}
|
|
]
|