Skip to content

V3/do not add newline to test body lines #3486

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
hnakamur wants to merge 21 commits into
base: v3/master
Choose a base branch
from
Open

V3/do not add newline to test body lines #3486

hnakamur wants to merge 21 commits into from
+25,319 −20,964

Conversation

@hnakamur
Copy link
Contributor

@hnakamur hnakamur commented Jan 25, 2026

what

  • Stop adding newline to each line of request or response body in regression tests.
  • Add format subcommand to regression_tests command.
  • Support updating Content-Length header by running (cd test; UPDATE_CONTENT_LENGTH=1 ./regression_tests format)
  • Update regression test JSON files:
    • Add newlines to request bodies where needed.
    • Add Content-Length headers.
    • Adjust test casses to pass after above modifications.

why

  • Enable to test edge cases (such as request body lines with newline except the last line). This is important for multipart request bodies.

references

@hnakamur
Do not add newline to test body Lines
a5a3db9 
This is needed to test edge cases like a body missing the final newline,
for example:

[
  "a\r\n",
  "b\r"
]

And it is clearer than to add implicit newline to each line except the
final line.
@hnakamur
Add needed newlines in test request body lines or adjust tests
d7cad95
@hnakamur
Replace CRLF to LF in test case JSON files
e03f8a1
@hnakamur
Add format subcommand to regression_test
b1c59b7
@hnakamur hnakamur mentioned this pull request Jan 25, 2026
Closed
@hnakamur
Modify RegressionTest and use it for output formatted JSON
488370c
@hnakamur
Update content-length in regeression_tests format subcommand
37e1f13 
when UPDATE_CONTENT_LENGTH env var is set
@hnakamur
Format regression test JSON files
191dba9 
by running the following command:
```
(cd test; ./regression_tests format)
```
@hnakamur
Update Content-Length in regression test JSON files
9b49187 
by running the following command:
```
(cd test; UPDATE_CONTENT_LENGTH=1 ./regression_tests format)
```
@hnakamur hnakamur force-pushed the v3/do_not_add_newline_to_test_body_lines branch from 8fefe12 to 9b49187 Compare January 25, 2026 23:59
@hnakamur
Copy link
Contributor Author

hnakamur commented Jan 26, 2026

I found JSON was corrupted since some of http_version was empty. I fixed it and force pushed.
However some of tests do not pass right now. I am trying to fix them.

@hnakamur
Copy link
Contributor Author

hnakamur commented Jan 26, 2026

I fixed tests at aefd4a4 and now all tests pass again.

@airween
Copy link
Member

airween commented Jan 27, 2026

Hi @hnakamur,

thank you for this improved PR.

Unfortunately there are two warnings from cppcheck:

2026-01-26T00:29:37.2162370Z warning: test/regression/regression.cc,444,style,shadowVariable,Local variable 'test' shadows outer variable
2026-01-26T00:29:37.2943530Z warning: test/regression/regression_test.cc,366,style,functionConst,The member function 'modsecurity_test::RegressionTests::toJSON' can be made a const function. Making this function 'const' should not cause compiler errors. Even though the function can be made const function technically it may not make sense conceptually. Think about your design and the task of the function first - is it a function that must not change object internal state?

Also, SonarCloud reported a few new issues (some of them are same as cppcheck found):

https://sonarcloud.io/project/issues?id=owasp-modsecurity_ModSecurity&pullRequest=3486&issueStatuses=OPEN,CONFIRMED&sinceLeakPeriod=true

As I mentioned previously, I don't expect to fix all Sonar issues. If the cppcheck will be passed, I'll review all Sonar issues and try to mark the "old" issues as accepted.

Thank you again.

@airween airween added the 3.x Related to ModSecurity version 3.x label Jan 27, 2026
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jan 28, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

3.x Related to ModSecurity version 3.x

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hnakamur @airween