Sh3ll
OdayForums


Server : Apache
System : Linux server1.cgrithy.com 3.10.0-1160.95.1.el7.x86_64 #1 SMP Mon Jul 24 13:59:37 UTC 2023 x86_64
User : nobody ( 99)
PHP Version : 8.1.23
Disable Function : NONE
Directory :  /etc/apache2/conf.d/modsec_vendor_configs/OWASP3/util/regexp-assemble/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //etc/apache2/conf.d/modsec_vendor_configs/OWASP3/util/regexp-assemble/920600.data
##! Please refer to the documentation at
##! https://coreruleset.org/docs/development/regexp_assemble/.

##! The expression generated from this file matches a full HTTP
##! `Accept` header by following the specification as far as
##! necessary, while restricting the `charset` parameter
##! to a list of explicitly allowed values.
##! Where possible, the expression matches tokens "loosely", 
##! to reduce complexity and the risk of false positives.

##! Specifications:
##! https://httpwg.org/specs/rfc7231.html#request.conneg
##! https://httpwg.org/specs/rfc7230.html

##!^ ^
##!$ $

##! Helpers
##!> template non-token-with-dquote-chars (),/:;<=>?![\x5c\]{}

##!> template non-token-chars \"{{non-token-with-dquote-chars}}

##!> template token-chars [^{{non-token-chars}}]

##!> template token-with-dquote-chars [^{{non-token-with-dquote-chars}}]

##!> template type-subtype (?:\*|{{token-chars}}+)

##!> template media-type {{type-subtype}}/{{type-subtype}}

##! list of allowed charsets
  ##!> assemble
(?:"?
  ##!=>
    ##!> include allowed-charsets
  ##!=>
\b"?))
  ##!=< allowed-charsets
  ##!<


##! Main assembly
  ##!> assemble
(?:{{media-type}})
  ##!=>
(?:\s*+;\s*+
  ##!=>
(?:(?:charset\s*+=\s*+
  ##!=>
  ##!=> allowed-charsets

  ##! If the first part wasn't a "charset", then
  ##! anything is allowed here that is not "charset".
  ##! Note that this doesn't follow the RFC strictly.
|(?:
  ##!=>
[^c{{non-token-chars}}]{{token-chars}}*
c[^h{{non-token-chars}}]{{token-chars}}*
ch[^a{{non-token-chars}}]{{token-chars}}*
cha[^r{{non-token-chars}}]{{token-chars}}*
char[^s{{non-token-chars}}]{{token-chars}}*
chars[^e{{non-token-chars}}]{{token-chars}}*
charse[^t{{non-token-chars}}]{{token-chars}}*
  ##!=>
)\s*+=\s*+{{token-with-dquote-chars}}+)
  ##! Clients like to violate the RFC, be lenient with
  ##! terminating semi-colons.
;?
  ##!=>
)*
  ##!=>

  ##! Multiple "media-range" expressions can be
  ##! specified, comma separated.
(?:\s*+,\s*+
  ##!=>
(?:{{media-type}})
  ##!=>
(?:\s*+;\s*+
  ##!=>
(?:(?:charset\s*+=\s*+
  ##!=>
  ##!=> allowed-charsets
|(?:
  ##!=>
[^c{{non-token-chars}}]{{token-chars}}*
c[^h{{non-token-chars}}]{{token-chars}}*
ch[^a{{non-token-chars}}]{{token-chars}}*
cha[^r{{non-token-chars}}]{{token-chars}}*
char[^s{{non-token-chars}}]{{token-chars}}*
chars[^e{{non-token-chars}}]{{token-chars}}*
charse[^t{{non-token-chars}}]{{token-chars}}*
  ##!=>
)\s*+=\s*+{{token-with-dquote-chars}}+)
  ##! Clients like to violate the RFC, be lenient with
  ##! terminating semi-colons.
;?
  ##!=>
)*)*
  ##!=>
  ##!<

ZeroDay Forums Mini