From 615c15b85a3fcfb0fe9937129fedfb4628ee2520 Mon Sep 17 00:00:00 2001 From: Sebastien Blot Date: Fri, 8 Dec 2023 14:27:29 +0100 Subject: [PATCH] add uppercase transformation --- internal/transformations/transformations.go | 1 + internal/transformations/uppercase.go | 15 +++++ internal/transformations/uppercase_test.go | 69 +++++++++++++++++++++ 3 files changed, 85 insertions(+) create mode 100644 internal/transformations/uppercase.go create mode 100644 internal/transformations/uppercase_test.go diff --git a/internal/transformations/transformations.go b/internal/transformations/transformations.go index bcfa533b6..75a9f58fa 100644 --- a/internal/transformations/transformations.go +++ b/internal/transformations/transformations.go @@ -51,6 +51,7 @@ func init() { Register("replaceComments", replaceComments) Register("replaceNulls", replaceNulls) Register("sha1", sha1T) + Register("uppercase", upperCase) Register("urlDecode", urlDecode) Register("urlDecodeUni", urlDecodeUni) Register("urlEncode", urlEncode) diff --git a/internal/transformations/uppercase.go b/internal/transformations/uppercase.go new file mode 100644 index 000000000..c3b6da8e7 --- /dev/null +++ b/internal/transformations/uppercase.go @@ -0,0 +1,15 @@ +// Copyright 2022 Juan Pablo Tosso and the OWASP Coraza contributors +// SPDX-License-Identifier: Apache-2.0 + +package transformations + +import ( + "strings" +) + +func upperCase(data string) (string, bool, error) { + // TODO: Explicit implementation of ToUpper would allow optimizing away the byte by byte comparison for returning the changed boolean + // See https://github.com/corazawaf/coraza/pull/778#discussion_r1186963422 + transformedData := strings.ToUpper(data) + return transformedData, data != transformedData, nil +} diff --git a/internal/transformations/uppercase_test.go b/internal/transformations/uppercase_test.go new file mode 100644 index 000000000..e2172e09d --- /dev/null +++ b/internal/transformations/uppercase_test.go @@ -0,0 +1,69 @@ +// Copyright 2022 Juan Pablo Tosso and the OWASP Coraza contributors +// SPDX-License-Identifier: Apache-2.0 + +package transformations + +import "testing" + +func TestUpperCase(t *testing.T) { + tests := []struct { + input string + want string + }{ + { + input: "TestCase", + want: "TESTCASE", + }, + { + input: "test\u0000case", + want: "TEST\u0000CASE", + }, + { + input: "TESTCASE", + want: "TESTCASE", + }, + { + input: "", + want: "", + }, + { + input: "ThIs Is A tExT fOr TeStInG uPPerCAse FuNcTiOnAlItY.", + want: "THIS IS A TEXT FOR TESTING UPPERCASE FUNCTIONALITY.", + }, + } + + for _, tc := range tests { + tt := tc + t.Run(tt.input, func(t *testing.T) { + have, changed, err := upperCase(tt.input) + if err != nil { + t.Error(err) + } + if tt.input == tt.want && changed || tt.input != tt.want && !changed { + t.Errorf("input %q, have %q with changed %t", tt.input, have, changed) + } + if have != tt.want { + t.Errorf("have %q, want %q", have, tt.want) + } + }) + } +} + +func BenchmarkUppercase(b *testing.B) { + tests := []string{ + "tesTcase", + "ThIs Is A tExT fOr TeStInG lOwErCaSe FuNcTiOnAlItY.ThIs Is A tExT fOr TeStInG lOwErCaSe FuNcTiOnAlItY. ThIs Is A tExT fOr TeStInG lOwErCaSe FuNcTiOnAlItY.ThIs Is A tExT fOr TeStInG lOwErCaSe FuNcTiOnAlItY.", + } + for i := 0; i < b.N; i++ { + for _, tt := range tests { + b.Run(tt, func(b *testing.B) { + for j := 0; j < b.N; j++ { + _, _, err := upperCase(tt) + if err != nil { + b.Error(err) + } + } + }) + } + } +}