crowdsecurity · buixor · Jan 3, 2024 · Jan 2, 2024 · Jan 3, 2024 · Jan 3, 2024
diff --git a/pkg/acquisition/modules/appsec/appsec.go b/pkg/acquisition/modules/appsec/appsec.go
@@ -335,7 +335,7 @@
 	}
 
 	// parse the request only once
-	parsedRequest, err := appsec.NewParsedRequestFromRequest(r)
+	parsedRequest, err := appsec.NewParsedRequestFromRequest(r, w.logger)
 	if err != nil {
 		w.logger.Errorf("%s", err)
 		rw.WriteHeader(http.StatusInternalServerError)

diff --git a/pkg/appsec/appsec_rule/modsecurity.go b/pkg/appsec/appsec_rule/modsecurity.go
@@ -44,6 +44,7 @@ var matchMap map[string]string = map[string]string{
 	"lt":              "@lt",
 	"gte":             "@ge",
 	"lte":             "@le",
+	"eq":              "@eq",
 }
 
 var bodyTypeMatch map[string]string = map[string]string{

diff --git a/pkg/appsec/request.go b/pkg/appsec/request.go
@@ -11,6 +11,7 @@
 	"regexp"
 
 	"github.com/google/uuid"
+	"github.com/sirupsen/logrus"
 	log "github.com/sirupsen/logrus"
 )
 
@@ -267,7 +268,7 @@
 }
 
 // Generate a ParsedRequest from a http.Request. ParsedRequest can be consumed by the App security Engine
-func NewParsedRequestFromRequest(r *http.Request) (ParsedRequest, error) {
+func NewParsedRequestFromRequest(r *http.Request, logger *logrus.Entry) (ParsedRequest, error) {
 	var err error
 	contentLength := r.ContentLength
 	if contentLength < 0 {
@@ -282,26 +283,23 @@
 		}
 	}
 
-	// the real source of the request is set in 'x-client-ip'
 	clientIP := r.Header.Get(IPHeaderName)
 	if clientIP == "" {
 		return ParsedRequest{}, fmt.Errorf("missing '%s' header", IPHeaderName)
 	}
-	// the real target Host of the request is set in 'x-client-host'
-	clientHost := r.Header.Get(HostHeaderName)
-	if clientHost == "" {
-		return ParsedRequest{}, fmt.Errorf("missing '%s' header", HostHeaderName)
-	}
-	// the real URI of the request is set in 'x-client-uri'
+
 	clientURI := r.Header.Get(URIHeaderName)
 	if clientURI == "" {
 		return ParsedRequest{}, fmt.Errorf("missing '%s' header", URIHeaderName)
 	}
-	// the real VERB of the request is set in 'x-client-uri'
 	clientMethod := r.Header.Get(VerbHeaderName)
 	if clientMethod == "" {
 		return ParsedRequest{}, fmt.Errorf("missing '%s' header", VerbHeaderName)
 	}
+	clientHost := r.Header.Get(HostHeaderName)
+	if clientHost == "" { //this might be empty
+		logger.Debugf("missing '%s' header", HostHeaderName)
+	}
 
 	// delete those headers before coraza process the request
 	delete(r.Header, IPHeaderName)