Suppress rule 200002 when editing contacts in Nextcloud

[pyllyukko]

Issue

Modifying contacts triggers an XML parsing error (rule 200002 in modsecurity.conf) which can be whitelisted in REQUEST-903.9003-NEXTCLOUD-EXCLUSION-RULES.conf.

Background

Sofware	Version
CRS	3.2.0
ModSecurity	3.0.4
Nextcloud	18.0.3

Reproduction

• Open contacts app in Nextcloud
• Select some contact
• Click on some contact detail (like phone number) to edit it
• Change the value
• "Exit" the contact detail field editing by clicking elsewhere

This will trigger a HTTP PUT request into /remote.php/dav/addressbooks/users/<username>/contacts/<some-uuid>.vcf that has Content-Type: application/xml and has the contact vCard (which of course isn't XML) in it's body.

Fix

This PR disables 200002 with PUT requests into addressbooks.

[franbuehler]

In the monthly chat meeting from May 4 we decided to merge this PR: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1749#issuecomment-623634756