Giters

SpiderLabs / owasp-modsecurity-crs

OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)

Home Page:https://modsecurity.org/crs

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

PrestaShop: FP on REQUEST_COOKIE

theMiddleBlue opened this issue · comments

commented

Description

In my logs, I have seen a false positive on a request to a PrestaShop e-commerce:
GET /themes/control/cache/v_716_db8a1bc0baf2b785f3106c4d91c790e2_all.css HTTP/1.1

that triggered the Rule ID 941100 (XSS Attack Detected via libinjection) in REQUEST_COOKIE:
Matched Data: XSS data found within REQUEST_COOKIES:PrestaShop-xxxxxxx

I self-assign this issue as a note to push a PR for an exclusion rule set for PrestaShop.

Possible solution

SecRuleUpdateTargetById 941100 !REQUEST_COOKIES:'/^PrestaShop/'

thanks @fzipi @airween