From 64f0400b87e754f430c24ac1ba725b3d4c30f980 Mon Sep 17 00:00:00 2001
From: Philippe Antoine <contact@catenacyber.fr>
Date: Wed, 30 Nov 2022 16:38:52 +0100
Subject: [PATCH] http: check that custom logging does not collide

for content range header for instance
---
 tests/http2-range/suricata.yaml | 25 +++++++++++++++++++++++++
 tests/http2-range/test.yaml     |  6 ++++++
 2 files changed, 31 insertions(+)
 create mode 100644 tests/http2-range/suricata.yaml

diff --git a/tests/http2-range/suricata.yaml b/tests/http2-range/suricata.yaml
new file mode 100644
index 000000000..76791fe54
--- /dev/null
+++ b/tests/http2-range/suricata.yaml
@@ -0,0 +1,25 @@
+%YAML 1.1
+---
+
+outputs:
+  - eve-log:
+      enabled: yes
+      types:
+        - files
+        - stats
+        - http:
+           custom: [Content-Range]
+  - file-store:
+      version: 2
+      enabled: yes
+      force-filestore: yes
+      stream-depth: 0
+
+app-layer:
+  protocols:
+    http:
+      enabled: yes
+      libhtp:
+        default-config:
+          personality: IDS
+          response-body-limit: 100kb
diff --git a/tests/http2-range/test.yaml b/tests/http2-range/test.yaml
index a3b204d97..058e97eeb 100644
--- a/tests/http2-range/test.yaml
+++ b/tests/http2-range/test.yaml
@@ -15,6 +15,12 @@ checks:
       match:
         event_type: fileinfo
         fileinfo.size: 69
+  - filter:
+      count: 1
+      match:
+        event_type: http
+        http.response_headers[0].name: "Content-Range"
+        http.response_headers[0].value: "bytes 10-20/69"
   - filter:
       count: 0
       match:
-- 
2.47.2