github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Updated recommended conf to enter XML processor when content-type is application/xml

Browse Source
This commit is contained in:
Chaim Sanders
2016-01-11 10:43:05 -05:00
parent 880b2764a3
commit 1068da464c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modsecurity.conf-recommended
View File

@@ -19,7 +19,7 @@ SecRequestBodyAccess On
# Enable XML request body parser. # Enable XML request body parser.
# Initiate XML Processor in case of xml content-type # Initiate XML Processor in case of xml content-type
# #
SecRule REQUEST_HEADERS:Content-Type "text/xml" \ SecRule REQUEST_HEADERS:Content-Type "(?:text|application)/xml" \
"id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML" "id:'200000',phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"
# Enable JSON request body parser. # Enable JSON request body parser.