[mod-security-users] A nested json rule question
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] A nested json rule question
|
From: Brian C. <bri...@ml...> - 2021-01-06 11:25:36
|
Hi all,
I'm using mod_security 3.x.
I have a post request which the body contains nested json like below,
*{*
* "field1": 111,*
* "field2": [*
* {*
* "ff1": 1111*
* },*
* {*
* "ff2": {*
* "fff1": 11111*
* }*
* }*
* ]*
*}*
I want to check the field exist so that I can make sure the post request is
legal.
So I wrote the rule below:
*SecRule ARGS_NAMES:json.field2.ff2.fff1 "fff1" "id:'200444',phase:3,log"*
Is this correct? Or should I change pattens to *"**json.field2.ff2.fff1"*?
As mentioned above, if I modified the rule to
*SecRule ARGS_NAMES "json.field2.ff2.fff1**"(or "fff1")
"id:'200444',phase:3,log"*
I should get the same result, right?
Best Regards,
Brian
|
