use dedicated request body processor rules for CRS collections

Author: blotus

appsec-rules/crowdsecurity/crs.yaml

@@ -2,6 +2,11 @@ name: crowdsecurity/crs
 seclang_rules:
  - SecRuleEngine On
  - SecRequestBodyAccess On
+ - Secrule REQUEST_HEADERS:Content-Type "@rx ^application/x-www-form-urlencoded" "id:300,phase:1,pass,nolog,noauditlog,ctl:requestBodyProcessor=URLENCODED"
+ - Secrule REQUEST_HEADERS:Content-Type "@rx ^multipart/form-data" "id:301,phase:1,pass,nolog,noauditlog,ctl:requestBodyProcessor=MULTIPART"
+ - Secrule REQUEST_HEADERS:Content-Type "@rx ^application/xml" "id:302,phase:1,pass,nolog,noauditlog,ctl:requestBodyProcessor=XML"
+ - Secrule REQUEST_HEADERS:Content-Type "@rx ^application/json" "id:303,phase:1,pass,nolog,noauditlog,ctl:requestBodyProcessor=JSON"
+ - Secrule REQUEST_HEADERS:Content-Type "@rx ^text/xml" "id:304,phase:1,pass,nolog,noauditlog,ctl:requestBodyProcessor=XML"
 seclang_files_rules:
  - crs-setup.conf
  - crs-plugins/*/*-config.conf

collections/crowdsecurity/appsec-crs-inband.yaml

@@ -4,7 +4,6 @@ parsers:
 appsec-configs:
   - crowdsecurity/crs-inband
 appsec-rules:
-  - crowdsecurity/base-config
   - crowdsecurity/crs
 scenarios:
   - crowdsecurity/appsec-native

collections/crowdsecurity/appsec-crs.yaml

@@ -4,7 +4,6 @@ parsers:
 appsec-configs:
   - crowdsecurity/crs
 appsec-rules:
-  - crowdsecurity/base-config
   - crowdsecurity/crs
 scenarios:
   - crowdsecurity/crowdsec-appsec-outofband