Signed-off-by: Felipe Zipitria <[email protected]>

…dff in tests/docker-compose.yml (#4280)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

…1e50 in tests/docker-compose.yml (#4279)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* fix(932281): reduce false positive matches with json payload

* fix(932281): reduce false positive matches with json payload

* fix(921210): should be block not pass

* chore(formatting): auto fixes from pre-commit hooks

for more information, see https://pre-commit.ci

* Update comments for clarity in REQUEST-921-PROTOCOL-ATTACK.conf

* chore(formatting): auto fixes from pre-commit hooks

for more information, see https://pre-commit.ci

* Change action from pass to block for parameter pollution

Updated rule to block HTTP Parameter Pollution attacks.

* chore(formatting): auto fixes from pre-commit hooks

for more information, see https://pre-commit.ci

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>

* Update 942550.ra

* chore(formatting): auto fixes from pre-commit hooks

for more information, see https://pre-commit.ci

* Add unit tests

* Fix spacing in decoded payload description

* Fix test_id formatting in 942550.yaml

* Fix formatting of decoded payload in YAML test

* fix: improve regular expression for 942550

- extend list of operators and documentation
- add additional test to cover all operators
- remove the naked operator matching alternation
- add alternation to match a JSON path expression from SQLite

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Max Leske <[email protected]>

The special path `.../PULL_REQUEST_TEMPLATE/...` is meant to be used for
PR templates that can be opened via query parameter. The default
template must reside in another location, e.g., under `.github`.

…o 2 (#4303)

* fix(930120): adding conf file for PrestaShop 1.6 / 1.7 / 8+ & Magento 2

* Update restricted-files.data

* Update restricted-upload.data

* Update restricted-files.data

* fix(942160): adding new payloads

* -

Removed 't:removeCommentsChar' from SQLI detection rule.

* Modify SQL injection tests to time-based payloads

Updated multiple test descriptions to reflect time-based SQL injection payloads and added new tests for various time-based payload scenarios.

* Fix regex pattern in SQLI rule

* Refactor SQL injection tests and add new case

Updated SQL injection test cases to reflect changes in payloads and descriptions. Added new test case for time-based SQL injection detection.

* chore(formatting): auto fixes from pre-commit hooks

for more information, see https://pre-commit.ci

* Fix SQL injection test descriptions and URIs

* Refactor SQL injection tests in 942160.yaml

Updated SQL injection test cases with new payloads and removed redundant tests.

* Add SQL Injection time-based payload test case

Added a test case for SQL Injection attack detection using a time-based payload.

* Update SQL injection test payloads in 942160.yaml

* Update SQL injection test case URI encoding

* Combine transformation options in SQLI rule

* Fix SQL injection payload formatting in tests

---------

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: azurit <[email protected]>

* Add Expect header to restricted_headers_basic

* Add Expect header to restricted_headers_basic

Signed-off-by: Felipe Zipitria <[email protected]>