From: Philippe Antoine <contact@catenacyber.fr>
Date: Mon, 26 Apr 2021 13:50:17 +0000 (+0200)
Subject: Adds check for http.cookie keyword on http2 traffic
X-Git-Tag: suricata-6.0.4~87
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F501%2Fhead;p=thirdparty%2Fsuricata-verify.git

Adds check for http.cookie keyword on http2 traffic
---

diff --git a/tests/http2-bugfixes/test.rules b/tests/http2-bugfixes/test.rules
new file mode 100644
index 000000000..27a0f66a6
--- /dev/null
+++ b/tests/http2-bugfixes/test.rules
@@ -0,0 +1 @@
+alert http2 any any -> any any (http.cookie; content:"VISITOR"; sid:10;)
diff --git a/tests/http2-bugfixes/test.yaml b/tests/http2-bugfixes/test.yaml
index f868748a4..25c4a9c0d 100644
--- a/tests/http2-bugfixes/test.yaml
+++ b/tests/http2-bugfixes/test.yaml
@@ -28,3 +28,8 @@ checks:
       match:
         event_type: fileinfo
         fileinfo.size: 880
+  - filter:
+      count: 4
+      match:
+        event_type: alert
+        alert.signature_id: 10