Parse capture groups in if-blocks (fixed for crossplane)

[dvershinin]

Based on the work from #51 by @MegaManSec, rebased and adapted for the crossplane-based parser.

This PR enables the IfBlock to provide variables from regex capture groups when using ~, ~*, !~, or !~* operators. For example:

if ($request_uri ~ "^/foo/(.*)$") {
    # $1 is now available as a variable
    return 301 /bar/$1;
}

Key improvement: Capture groups now correctly inherit the boundary (safety constraints) from the source variable being matched. This is critical for HTTP splitting detection:

• if ($uri ~* ^/echo/(.*)$) → $1 inherits $uri's boundary /[^\x20\t]* → can contain \r\n → warning triggered
• if ($request_uri ~* ^/echo/(.*)$) → $1 inherits $request_uri's boundary /[^\s]* → cannot contain \r\n → safe

This distinction matters because:

• $uri contains decoded bytes (nginx decodes %0d%0a → actual \r\n)
• $request_uri contains raw percent-encoded form (%0d%0a stays as-is)

Changes:

• Add provide_variables = True to IfBlock
• Add is_regex property to check for regex operators
• Add variables property that extracts capture groups from the if condition regex with proper boundary inheritance

Fixes #50

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud