Description
Motivation
After discussion at the December monthly meeting (#2291), it was decided to standardise on using \x5c to represent the backslash \ character in regular expressions. Some of the reasons we chose this method are:
- It is portable across engines: it works with Apache, Nginx, and Coraza.
- It works with the new
regexp-assemble.pyscript.
Alternatives
We (I) had previously started using the pattern [\\\\] in CRS rules. This is an alternative portable backslash representation. It was decided not to adopt this method. For future reference, some of the problems with this method are:
- It can be confusing and difficult to understand how it works.
- It doesn't work with the new
regexp-assemble.pyscript. - It doesn't work with Coraza.
- It isn't obvious how to use it in a bracket expression, e.g.
[a-zA-Z<portable-backslash>]
Plan
The plan is to tackle each rule individually with a separate PR, to make it simple to track the work and review each rule change.
I'll start by undoing the previous changes I made to move to [\\\\] and will modify those rules to use \x5c instead.
The goal is to use \x5c in all rules and rule building files. There is also a note on the documentation planning wiki page to document how and why we represent backslashes in this way for the benefit of future CRS developers.
Progress
- Undo previous
[\\\\]changes: convert to using\x5c(undoing PR 2183)- Rule 932200 (Backslashes 932200 #2335)
- Rule 933210 (already done in Fix 933210 Regex #2214)
- Rule 941170 (Backslashes 941170 #2345)
- Work through the rest of the CRS
- Rule 941330 (Backslashes 941330 #2375)
- Rule 942330 (Backslashes 942330 #2376)
- Rule 920460 (Backslashes 920460 #2399)
- Rule 930110 (Backslashes 930110 #2400)
- Rule 932100 ╮
- Rule 932105 │
- Rule 932110 │
- Rule 932115 ├ (Backslashes regexp assemble #2410)
- Rule 932150 │
- Rule 932101 │
- Rule 932106 ╯
- Rule 932190 (Backslashes 932190 #2420)
- Rule 933100 (Backslashes 933100 #2441)
- Rule 941190 (Backslashes 941190 #2442)
- Rule 954100 (Backslashes 954100 #2402)
- Check that all remaining use of
\\,\\\\etc. is legitimate- Update comments for rules 932100 and 932110 (Backslashes 932100, 932110 #2454)