fix: false positive with response rule when opening mail inbox (#12)

EsadCetiner · Nov 4, 2024 · 49e8906 · 49e8906
1 parent 87cf02f
commit 49e8906
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 0 deletions.
diff --git a/plugins/sogo-rule-exclusions-before.conf b/plugins/sogo-rule-exclusions-before.conf
@@ -123,6 +123,19 @@ SecRule REQUEST_FILENAME "@streq /SOGo/so/passwordRecoveryEnabled" \
     ctl:ruleRemoveTargetById=920272;REQUEST_BODY,\
     ctl:ruleRemoveTargetById=920273;REQUEST_BODY,\
     ver:'sogo-rule-exclusions-plugin/1.0.1'"
+
+# Viewing mail inbox
+# SOGo is written in Objective-C and not PHP, disabling PHP
+# response rules is perfectly safe.
+SecRule REQUEST_FILENAME "@rx ^/SOGo/so/[^/]+/Mail/view$" \
+    "id:9520106,\
+    phase:1,\
+    pass,\
+    t:none,\
+    nolog,\
+    ctl:ruleRemoveById=953100,\
+    ver:'sogo-rule-exclusions-plugin/1.0.1'"
+
 #
 # [ SOGo Settings ]
 #

diff --git a/tests/regression/sogo-rule-exclusions-plugin/9520106.yaml b/tests/regression/sogo-rule-exclusions-plugin/9520106.yaml
@@ -0,0 +1,24 @@
+---
+meta:
+  author: "Esad Cetiner"
+  description: "SOGo Rule Exclusions Plugin"
+  enabled: true
+  name: 9520106.yaml
+tests:
+  - test_title: 9520106-1
+    desc: Viewing mail inbox
+    stages:
+      - stage:
+          input:
+            dest_addr: 127.0.0.1
+            headers:
+              Host: localhost
+              User-Agent: SOGo rule exclusions plugin
+              Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
+            port: 80
+            method: GET
+            uri: /SOGo/so/[email protected]/Mail/view
+            data: Error reading the certificate. Please install a new certificate.
+            version: HTTP/1.1
+          output:
+            no_log_contains: id "953100"