github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2657 from martinhsv/v2/master

Browse Source 
Add SecRequestBodyJsonDepthLimit to modsecurity.conf-recommended
This commit is contained in:
martinhsv 2021-12-22 10:16:00 -05:00 committed by GitHub
commit 4fc4ba5c31
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGES
View File

@ -1,6 +1,8 @@
DD mmm YYYY - 2.9.x (to be released)
-------------------
* Add SecRequestBodyJsonDepthLimit to modsecurity.conf-recommended
[Issue #2647 @theMiddleBlue, @airween, @877509395 ,@martinhsv]
* IIS: Update dependencies for Windows build as of v2.9.5
[@martinhsv]

5
modsecurity.conf-recommended
View File

@ -58,6 +58,11 @@ SecRequestBodyInMemoryLimit 131072
#
SecRequestBodyLimitAction Reject
# Maximum parsing depth allowed for JSON objects. You want to keep this
# value as low as practical.
#
SecRequestBodyJsonDepthLimit 512
# Verify that we've correctly processed the request body.
# As a rule of thumb, when failing to process a request body
# you should reject the request (when deployed in blocking mode)