Test that the http_cookie content matches against a http request which holds the content.

multiple http transactions and body chunks of request handling

Test that the http_client_body content matches against a http request which holds the content.

Negative test that the negated http_client_body content matches against a http request which holds hold the content.

Test that the negated http_client_body content matches against a http request which doesn't hold the content.

Check the signature working to alert against cookie/set-cookie

Test that the http_header content matches against a http request which holds the content.

Negative test that the negated http_header content matches against a http request which holds hold the content.

Test that the negated http_header content matches against a http request which doesn't hold the content.

Test that the http_header content matches against a http request against a case insensitive pattern.

Test that the http_header content matches against a http request which holds the content, against a cross boundary present pattern.

Test that the http_header content matches against a http request which holds the content.

Test parser accepting valid rules and rejecting invalid rules

Test that the http_client_body content matches against a http request against a case insensitive pattern.

Check the signature working to alert against set-cookie

Check the signature working to alert when http_cookie is not present

Check the signature working to alert when http_cookie is matched .

Checks if a http_cookie is registered in a Signature, if some parameter is specified with http_cookie in the signature

Checks if a http_cookie is registered in a Signature, if content is not specified in the signature

Test the pruning of SACK ranges.

simple match with distance

AppLayerHtpFileParseContentRangeTest04 is a test for setting up a valid range value without the size.

AppLayerHtpFileParseContentRangeTest03 is a regression test for setting up an invalid range value.

AppLayerHtpFileParseContentRangeTest02 is a regression test for setting up an invalid range value.

AppLayerHtpFileParseContentRangeTest01 is a test for setting up a valid range value.

Test the insertion of out of window condition.

Test the insertion on out of window condition.

Test the pruning of SACK ranges.

simple match with pcre/R

Test the pruning of SACK ranges.

Test the insertion of SACK ranges.

test insert with overlaps

Test the file_data fails with flow:to_server.

Test that the http_client_body content matches against a http request which holds the content, against a cross boundary present pattern.

Test that the http_client_body content matches against a http request which holds the content.

Test that an invalid signature containing a rawbytes along with a http_client_body is invalidated.

Test invalid signatures

Test that a signature containing an valid http_client_body entry is parsed.

Test that a signature containing a http_client_body is correctly parsed and the keyword is registered.

Test parser accepting valid rules and rejecting invalid rules

app-layer-event:http.host_header_ambiguous should not be set

endswith (isdataat) recursion logic based on DetectEngineContentInspectionTest06

mix in byte_extract

mix in byte_jump

mix in negation

extreme recursion

isdataat recursion logic

multiple independent blocks recursion logic

pcre recursion logic

simple recursion logic

Negative test that the negated http_host content matches against a http request which holds hold the content.

Test that the http_raw_host content matches against a http request which holds the content.

Negative test that the negated http_raw_host content matches against a http request which holds hold the content.

Test that the negated http_raw_host content matches against a http request which doesn't hold the content.

Test that the http_raw_host content matches against a http request against a case insensitive pattern.

Test that the http_raw_host content matches against a http request which holds the content, against a cross boundary present pattern.

Test that the http_raw_host content matches against a http request which holds the content.

multiple http transactions and body chunks of request handling

Test that the http_host content matches against a http request which holds the content.

multiple http transactions and body chunks of request handling

Test that the negated http_host content matches against a http request which doesn't hold the content.

Test that the http_host content matches against a http request against a case insensitive pattern.

Test that the http_host content matches against a http request which holds the content, against a cross boundary present pattern.

Test that the http_host content matches against a http request which holds the content.

invalid sig: uppercase content

Test that a http_host with nocase is parsed.

Test that an invalid signature containing a rawbytes along with a http_host is invalidated.

Test that an invalid signature containing no content but a http_host is invalidated.

Test that the http_raw_host header content matches against a http request which holds the content.

Test that the http_method content matches against a http request which holds the content.

Test that the http_raw_host header content matches against a http request which holds the content.

Test that a signature containing an valid http_host entry is parsed.

Test that the http_raw_host header content matches against a http request which holds the content.

Test that the http_raw_host content matches against a http request which holds the content.

Test that the http_raw_host header content matches against a http request which holds the content.

Test that the http_raw_host content matches against a http request which holds the content.

Test that the http_raw_host content matches against a http request against a case insensitive pattern.

Test that the http_header content matches against a http request which holds the content.

Trailing headers.

reassembly bug where headers with names of length 6 were skipped

Test that the http_header content matches against a http request which holds the content.

Trailing headers.

Test that the http_header content matches against a http request which holds the content.

app-layer-event:http.host_header_ambiguous should be set

Test that the http_host header content matches against a http request which holds the content.

Test that a signature containing a http_host is correctly parsed and the keyword is registered.

Test that the http_host header content matches against a http request which holds the content.

test insert with overlap

Test that the http_host content matches against a http request which holds the content.

Test that the http_host header content matches against a http request which holds the content.

Test that the http_host content matches against a http request which holds the content.

Trailing headers.

Check if replace is working with within

Parsing test content and replace length differ

Parsing test content after replace

Parsing test no content

Parsing test: non valid because of http_header on same content as replace keyword

Parsing test: non valid because of http protocol

Parsing test

Check if replace is working with within

RfbSecresultTestParse01 is a test for a valid secresult value

Check if replace is working with within

Check if replace is working when depth block match used

Check if replace is working when depth is used

Check if replace is working when nocase used

Check if replace is not done when second content match and not first

Check if replace is not done when second content don't match

Check if replace is working with second content

Check if replace is working with offset and keyword inversion

Check if replace is working with offset

Send a get request in three chunks + more data.

DetectStreamSizeParseTest02 is a test to make sure that we detect the invalid stream_size options.

DetectStreamSizeParseTest01 is a test to make sure that we parse the user options correctly, when given valid stream_size options.

Send a get request in three chunks + more data.

DetectSshSoftwareVersionTestParse03 is a test to make sure that we don't return a ssh_data with an empty value specified

DetectSshSoftwareVersionTestParse02 is a test to make sure that we parse the software version correctly

DetectSshSoftwareVersionTestParse01 is a test to make sure that we parse a software version correctly

Send a get request in three chunks + more data.

Check if replace is working

DetectSshVersionTestParse03 is a test to make sure that we don't return a ssh_data with an invalid value specified

DetectSshVersionTestParse02 is a test to make sure that we parse the proto version (compatible with proto version 2) correctly

DetectSshVersionTestParse01 is a test to make sure that we parse a proto version correctly

DetectRpcTestParse05 is a test to check the match function

DetectRpcTestParse05 is a test for check invalid values

DetectRpcTestParse04 is a test for check the discarding of empty options

DetectRpcTestParse03 is a test for checking the wildcards and not specified fields

DetectRpcTestParse02 is a test for setting the established rpc opt

DetectRpcTestParse01 is a test to make sure that we return "something" when given valid rpc opt

RfbSecresultTestParse02 is a test for an invalid secresult value

Test pcre option for dce sig(yeah I'm bored of writing test titles).

Check a signature with inconsistent pcre modifiers

Check a signature with inconsistent pcre relative

Check a signature with pcre relative http_uri

Check a signature with pcre relative uricontent

Check a signature with pcre relative raw uri

Check a signature with pcre relative client-body

Check a signature with pcre relative header

Check a signature with pcre relative raw header

Check a signature with pcre relative cookie

Check a signature with pcre relative method

Check a signature with inconsistent pcre modifiers

DetectPcreParseTest09 make sure we parse pcre with a content that has slashes

DetectPcreParseTest08 make sure we parse pcre with O opts

DetectPcreParseTest07 make sure we parse pcre with /Ui opts

DetectPcreParseTest06 make sure we parse pcre with smi opts

DetectPcreParseTest05 make sure we parse pcre with no opts

DetectPcreParseTest04 make sure we allow escaped "

DetectPcreParseTest03 make sure we don't allow invalid opts UZi.

DetectPcreParseTest02 make sure we don't allow invalid opts Ui$.

DetectPcreParseTest01 make sure we don't allow invalid opts 7.

test tls (app layer) rule

DetectQuicCyuStringTest01 is a test for a valid quic packet, matching on the cyu string

Test packet Matches

parsing: invalid reference.

for two valid references.

one valid reference.

QuicVersionTestParse03 is a test for an invalid value

QuicVersionTestParse01 is a test for a valid value

QuicUaTestParse03 is a test for an invalid value

QuicUaTestParse01 is a test for a valid value

QuicSniTestParse03 is a test for an invalid value

QuicSniTestParse01 is a test for a valid value

DetectStreamSizeParseTest03 is a test to make sure that we match the packet correctly provided valid stream size.

DetectQuicCyuHashTest01 is a test for a valid quic packet, matching on the cyu hash

multiple http transactions and body chunks of request handling

test pcre P modifier with multiple pipelined http transactions

Test tracking of body chunks per transactions (on requests)

anchored pcre

Bug 1957

Bug 1098

Check a signature with inconsistent pcre modifiers

Test the Urilen keyword setup

Test the setting of the per protocol timeouts.

various options

DetectWithinTestPacket01 is a test to check matches of within, if the previous keyword is pcre (bug 145)

Check a signature with given urilen

DetectUrilenSetpTest01 is a test for setting up an valid urilen values with valid "<>" operator and include spaces arround the given values. In the test the values are setup with initializing the detection engine context and setting up the signature itself.

Test the Urilen keyword setup

Test the setting of the per protocol free function to free the protocol specific memory.

Test the Urilen keyword setup

DetectThresholdTestSig14 is a test for checking the working by_both limits by setting up the signature and later testing its working by matching received packets against the sig.

DetectThresholdTestSig13 is a test for checking the working by_rule limits by setting up the signature and later testing its working by matching received packets against the sig.

Test drop action being set even if thresholded

Test the memcap incrementing/decrementing and memcap check

App Layer reassembly.

3 in order segments, then reassemble, add one more and reassemble again. test the sliding window reassembly with a small window size so that we cutting off at the start (left edge). Test if the first segment is removed from the list.

3 in order segments, then reassemble, add one more and reassemble again. test the sliding window reassembly with a small window size so that we cutting off at the start (left edge) with small packet overlap.

3 in order segments, then reassemble, add one more and reassemble again. test the sliding window reassembly with a small window size so that we cutting off at the start (left edge)

3 in order segments, then reassemble, add one more and reassemble again. test the sliding window reassembly.

3 in order segments in inline reassembly

Test to make sure we detect the sequence wrap around and continue stream reassembly properly.

Test the unlimited config value of reassembly depth.

Test to make sure that reassembly_depth is enforced.

Test drop action being set even if thresholded

Test to make sure that we sent all the segments from the initial segments to app layer until we have detected the app layer proto.

Test to make sure that we don't return the segments until the app layer proto has been detected and after that remove the processed segments.

Test the handling of packets missed by IDS, but the end host has received it and send the acknowledgment of it. The packet is missed in the middle of the stream.

Test the handling of packets missed by IDS, but the end host has received it and send the acknowledgment of it. The packet is missed in the starting of the stream.

Test the handling of packets missed by both IDS and the end host. The packet is missed in the end of the stream.

Test the handling of packets missed by both IDS and the end host. The packet is missed in the middle of the stream.

Test the handling of packets missed by both IDS and the end host. The packet is missed in the starting of the stream.

Test flow allocations when it reach memcap

FlagsTestParse05 test if ACK+PUSH and more flags are set. Ignore SYN and RST bits. Must fails.

Negative test.

Parse 'C' and 'E' flags.

test for a valid flags value

FlagsTestParse12 check if no flags are set. Must fails.

FlagsTestParse11 test if ACK or PUSH are set. Ignore SYN and RST. Must fails.

FlagsTestParse10 test if ACK and PUSH are not set. Must return success.

FlagsTestParse09 test if SYN and RST are not set. Must fails.

FlagsTestParse08 test if SYN or RST are set. Must return success.

FlagsTestParse07 test if SYN or RST are set. Must fails.

FlagsTestParse06 test if ACK+PUSH and more flags are set. Ignore URG and RST bits. Must return success.

DetectSeqSigTest01 tests parses

FlagsTestParse04 check if ACK bit is set. Must fails.

FlagsTestParse03 test if ACK and PUSH are set. Must return success

FlagsTestParse02 is a test for an invalid flags value

FlagsTestParse01 is a test for a valid flags value

DetectTagTestParse05 is a test for default opts

DetectTagTestParse04 is a test for default opts

DetectTagTestParse03 is a test for setting the stateless tag opt

DetectTagTestParse02 is a test to check that we parse tag correctly

DetectTagTestParse01 is a test to make sure that we return "something" when given valid tag opt

DetectStreamSizeParseTest04 is a test to make sure that we match the stream_size against invalid packet parameters.

ThresholdTestParse04 is a test for an invalid threshold options in any order

Test drop action being set even if thresholded

DetectThresholdTestSig5 is a test for checking the working of limit keyword by setting up the signature and later testing its working by matching the received packet against the sig.

DetectThresholdTestSig4 is a test for checking the working of both keyword by setting up the signature and later testing its working by matching the received packet against the sig.

DetectThresholdTestSig3 is a test for checking the working of limit keyword by setting up the signature and later testing its working by matching the received packet against the sig.

DetectThresholdTestSig2 is a test for checking the working of threshold keyword by setting up the signature and later testing its working by matching the received packet against the sig.

DetectThresholdTestSig1 is a test for checking the working of limit keyword by setting up the signature and later testing its working by matching the received packet against the sig.

ThresholdTestParse07 is a test for thresholding by_rule

ThresholdTestParse06 is a test for thresholding by_both

ThresholdTestParse05 is a test for a valid threshold options in any order

Test that the http_method content matches against a http request which holds the content.

ThresholdTestParse03 is a test for a valid threshold options in any order

ThresholdTestParse02 is a test for a invalid threshold options

ThresholdTestParse01 is a test for a valid threshold options

DetectWindowTestPacket01 is a test to check window with constructed packets

DetectWindowTestParse03 is a test to check for a big value

DetectWindowTestParse03 is a test to check for an empty value

DetectWindowTestParse02 is a test for setting the window opt negated

DetectWindowTestParse01 is a test to make sure that we set the size correctly when given valid window opt

DetectSeqSigTest02 tests seq keyword

Test the setting up a OS policy. Te OS policy values are defined in the config string "dummy_conf_string"

Test the various OS policies based on different IP addresses from configuration defined in 'dummy_conf_string1'

Test the setting up a OS policy. Te OS policy values are defined in the config string "dummy_conf_string1". To check the setting of Default os policy

Test the setting up a OS policy. Te OS policy values are defined in the config string "dummy_conf_string1"

set up a TCP session using the 4WHS: SYN, SYN, SYN/ACK, ACK: however the SYN/ACK and ACK are part of a normal 3WHS

set up a TCP session using the 4WHS: SYN, SYN, SYN/ACK, ACK, but the SYN/ACK does not have the right SEQ

Test the setting up a TCP session using the 4WHS: SYN, SYN, SYN/ACK, ACK

Test the various OS policies based on different IP addresses from configuration defined in 'dummy_conf_string1'

Test the setting up a TCP session when we are seeing asynchronous stream, while we missed the SYN and SYN/ACK packets in that stream. Later, we start to receive the packet from other end stream too.

Test the setting up a TCP session when we are seeing asynchronous stream, while we missed the SYN and SYN/ACK packets in that stream.

Test the setting up a TCP session when we are seeing asynchronous stream, while we missed the SYN packet of that stream.

Test the setting up a TCP session when we are seeing asynchronous stream, while we see all the packets in that stream from start.

Test the working of No stream reassembly flag. The stream will not reassemble the segment if the flag is set.

Test the working on PAWS. The packet will be accepted by engine as the timestamp is valid and it is in window.

Test the working on PAWS. The packet will be dropped by stream, as its timestamp is old, although the segment is in the window.

Test the setting up a TCP session when we have seen only the FIN, RST packets packet of the session. The session is setup only if midstream sessions are allowed to setup.

Test the setting up a TCP session when we missed the initial 3WHS packet of the session. The session is setup only if midstream sessions are allowed to setup.

Test the setting up a TCP session when we missed the initial SYN/ACK packet of the session. The session is setup only if midstream sessions are allowed to setup.

multiple different SYN/ACK, pick second

Check that the expected defaults are loaded if the action-order configuration is not present.

Check that we load a valid config

Check that we invalidate with unknown keywords and/or more than the expected (It should default to pass, drop, reject, alert)

Check that we invalidate if any action is missing (It should default to pass, drop, reject, alert)

Check that we invalidate with unknown keywords (It should default to pass, drop, reject, alert)

Check that we invalidate duplicated actions (It should default to pass, drop, reject, alert)

multiple different SYN/ACK, over the limit

multiple different SYN/ACK, pick neither

Test the setting up a TCP session when we missed the initial SYN packet of the session. The session is setup only if midstream sessions are allowed to setup.

multiple different SYN/ACK, pick first

Test the validation of the ACK number before setting up the stream.last_ack and update the next_seq after loosing the .

Test the validation of the ACK number before setting up the stream.last_ack.

Test the processing of out of order FIN packets in tcp session.

Test the memcap incrementing/decrementing and memcap check

Test the initialization of tcp streams with congestion flags

Test the stream mem leaks conditions.

DetectTtlParseTest04 is a test for setting up an valid ttl value with ">" operator and include spaces arround the given values.

sigs with patterns at the limit of the pm's size limit

SigTest42NoPayloadInspection is a test to check that when PKT_NOPAYLOAD_INSPECTION flag is set, we don't need to inspect the packet contents.

SigTest41NoPacketInspection is a test to check that when PKT_NOPACKET_INSPECTION flag is set, we don't need to inspect the packet protocol header or its contents.

SigTest37ContentAndIsdataatKeywords02 is a test to check window with constructed packets,

SigTest36ContentAndIsdataatKeywords01 is a test to check window with constructed packets,

DetectTtlTestSig01 is a test for checking the working of ttl keyword by setting up the signature and later testing its working by matching the received packet against the sig.

DetectTtlSetupTest01 is a test for setting up an valid ttl values with valid "-" operator and include spaces arround the given values. In the test the values are setup with initializing the detection engine context setting up the signature itself.

DetectTtlParseTest07 is a test for setting up an valid ttl values with invalid "<>" operator and include spaces arround the given values.

DetectTtlParseTest06 is a test for setting up an valid ttl values with invalid "=" operator and include spaces arround the given values.

DetectTtlParseTest05 is a test for setting up an valid ttl values with "-" operator and include spaces arround the given values.

test if the engine set flag to drop pkts of a flow that triggered a drop action on IPS mode

DetectTtlParseTest03 is a test for setting up an valid ttl values with "-" operator.

DetectTtlParseTest02 is a test for setting up an valid ttl value with "<" operator.

DetectTtlParseTest01 is a test for setting up an valid ttl value.

signature with a valid xor value.

signature with an invalid xor value.

signature with a pcrexform value without substring capture

signature with a valid pcrexform value.

signature with an invalid pcrexform value.

DetectTlsVersionTestParse02 is a test to make sure that we parse the "id" option correctly when given an invalid id option it should return id_d = NULL

DetectTlsVersionTestParse01 is a test to make sure that we parse the "id" option correctly when given valid id option

no overlap

Test the deallocation of TCP session for a given packet and return the memory back to ssn_pool and corresponding segments to segment pool.

Test the allocation of TCP session for a given packet from the ssn_pool.

policy 'last'

Solaris policy

policy Linux old

Linux policy

Vista Policy

BSD policy

overlap, data not different

multiple overlaps

max u32 value

partial overlap

full overlap

bug #815

almost identical patterns

ICMP packet shouldn't be matching port based sig Bug #611

test if the engine set flag to drop pkts of a flow that triggered a drop action on IPS mode, and it doesn't inspect any other packet of the stream

test if the engine set flag to drop pkts of a flow that triggered a drop action on IPS mode

Check that all the algorithms (no case) work at any offset and any pattern length

Check if the threshold file is loaded and well parsed

lots of gaps in block list

Check if the threshold file is loaded and well parsed

Check that all the algorithms work at any offset and any pattern length

issue 130 (@redmine) check to ensure that the problem is not the algorithm implementation

Generic test for boyer moore nocase matching

Generic test for boyer moore matching

Generic test for Bs2Bm no case matching

Generic test for Bs2Bm matching

Generic test for BasicSearch nocase matching

Generic test for BasicSearch matching

Check that valid address and port group vars are correctly retrieved from the configuration.

Check that Signatures with invalid address and port groups, are are invalidated by the Signature parsing API.

Check if the suppress rules work - ip only rule

Global UTHPacketMatchSig (Packet *p, const char *) Test if a packet match a signature given as string Hint: Useful for unittests with only one packet and one signature

Global UTHPacketMatchSigMpm (Packet *, char *, uint16_t) Test if a packet match a signature given as string and a mpm_type Hint: Useful for unittests with only one packet and one signature

Global UTHMatchPackets (DetectEngineCtx *, Packet **, int) UTHMatchPackets Match a packet or a array of packets against sigs of a de_ctx, but note that the return value doesn't mean that we have a match, we have to check it later with PacketAlertCheck()

Global UTHMatchPacketsWithResults (DetectEngineCtx *de_ctx, Packet **p, int num_packets, uint32_t sids[], uint32_t *results, int numsigs) UTHMatchPacketsWithResults Match a packet or a array of packets against sigs of a de_ctx, checking that each signature matches X times for certain packets

" Check if the rate_filter by_both work when similar packets going in opposite direction

Check if the rate_filter rules work with track by_both

Check if the threshold file is loaded and well parsed, and applied correctly to a rule with thresholding

Check if the threshold file is loaded and well parsed

Check if the suppress rule parsing handles errors correctly

Check that Signatures with valid address and port groups are parsed without any errors by the Signature parsing API.

Check if the suppress rules work

Check if the threshold file is loaded and well parsed

Check if the rate_filter rules work

Check if the rate_filter rules work with track by_rule

Check if the rate_filter rules work

Check if the rate_filter rules are loaded and well parsed with multilines

Check if the rate_filter rules are loaded and well parsed

Check that valid ipv4 addresses/netblocks are inserted into the host os radix tree, and the host os api retrieves the right value for the host os flavour, on supplying as arg an ipv4 addresses that has been added to the host os radix tree.

endswith logic

Check the loading of host info from a configuration file.

Check that valid ipv4 addresses are inserted into the host os radix tree, and the host os api retrieves the right value for the host os flavour, on supplying as arg an ipv4 addresses that has been added to the host os radix tree.

Check that valid ipv6 addresses/netblocks are inserted into the host os radix tree, and the host os api retrieves the right value for the host os flavour, on supplying as arg an ipv6 address that has been added to the host os radix tree.

Check that valid ipv6 addresses are inserted into the host os radix tree, and the host os api retrieves the right value for the host os flavour, on supplying as arg an ipv6 address that has been added to the host os radix tree.

pool with unlimited size

Check that valid ipv4 addresses are inserted into the host os radix tree, and the host os api retrieves the right value for the host os flavour, on supplying as arg an ipv4 addresses that has been added to the host os radix tree.

Check that invalid ipv4 addresses and ipv4 netblocks are rejected by the host os info API

Check if we the IPs with the right OS flavours are added to the host OS radix tree, and the IPS with invalid flavours returns an error(-1)

Check if the classtype info from the invalid classification.config file have not been loaded into the hash table, and cross verify to check that the hash table contains no classtype data.

Check if the classtype info from the classification.config file have been loaded into the hash table.

Check that only valid classtypes are loaded into the hash table from the classification.config file.

Check that invalid classtypes present in the classification config file aren't loaded.

Check that the classification file is loaded and the detection engine content class_conf_hash_table loaded with the classtype data.

max u32 value + 1

Check special combinations of netblocks and addresses on best search checking the returned userdata

Check that invalid address and port groups are properly handled by the API.

Check that valid address and port group vars are correctly retrieved from the configuration.

Check if the reference info from the reference.config file have been loaded into the hash table.

Check if the reference info from the invalid reference.config file have not been loaded into the hash table, and cross verify to check that the hash table contains no reference data.

Check if the reference info from the reference.config file have been loaded into the hash table.

Check that only valid references are loaded into the hash table from the reference.config file.

Check that invalid references present in the reference.config file aren't loaded.

Check that the reference file is loaded and the detection engine content reference_conf_ht loaded with the reference data.

SCRadixTestIPV4NetblockInsertion26 insert a node searching on it. Should always return true but the purpose of the test is to monitor the memory usage to detect memleaks (there was one on searching)

SCRadixTestIPV4NetblockInsertion15 insert a node searching on it. Should always return true but the purpose of the test is to monitor the memory usage to detect memleaks (there was one on searching)

Test matching on bytes in a certificate

Check that the best match search works for all the possible netblocks of a fixed address

Check special combinations of netblocks and addresses on best search checking the returned userdata

Check that the best match search works for all the possible netblocks of a fixed address

Test that the http_server_body content matches against a http request which holds the content.

multiple http transactions and body chunks of request handling

Test that the http_server_body content matches against a http request which holds the content. Negated match.

Test that the http_server_body content matches against a http request which holds the content. Case insensitive.