github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 19:24:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Allow ability to force request body buffering to memory. Fixes MODSEC-2.

Browse Source
This commit is contained in:
brectanus
2008-09-03 20:42:28 +00:00
parent 139d651bbf
commit 34798e9abe
8 changed files with 69 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
doc/modsecurity2-apache-reference.xml
View File

@@ -4406,6 +4406,10 @@ SecRule REQUEST_CONTENT_TYPE ^text/xml nolog,pass,<emphasis>ctl:requestBodyProce
<para><literal moreinfo="none">requestBodyAccess</literal></para>
</listitem>
<listitem>
<para><literal moreinfo="none">requestBodyBuffering</literal></para>
</listitem>
<listitem>
<para><literal moreinfo="none">requestBodyLimit</literal></para>
</listitem>
@@ -4428,7 +4432,8 @@ SecRule REQUEST_CONTENT_TYPE ^text/xml nolog,pass,<emphasis>ctl:requestBodyProce
</orderedlist>
<para>With the exception of<literal moreinfo="none">
requestBodyProcessor</literal>, each configuration option corresponds to
requestBodyProcessor</literal> and <literal moreinfo="none">
requestBodyBuffering</literal>, each configuration option corresponds to
one configuration directive and the usage is identical.</para>
<para>The requestBodyProcessor option allows you to configure the
@@ -4450,6 +4455,10 @@ SecRule REQUEST_CONTENT_TYPE ^text/xml nolog,pass,<emphasis>ctl:requestBodyProce
should be inspected in the <literal
moreinfo="none">REQUEST_BODY</literal> phase and an appropriate action
taken.</para>
<para>The requestBodyBuffering option allows you to configure the
request body to be buffered (in memory) even if it is not parsed. This
allows inspection of REQUEST_BODY even when no parser is used.</para>
</section>
<section>