Document MULTIPART_CRLF_LF_LINES.

2026-01-10 02:04:36 +03:00 · 2007-10-15 18:27:42 +00:00
parent 5cc5a608b9
commit 5549ed2ed8
1 changed files with 19 additions and 1 deletions
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -1972,6 +1972,24 @@ SecRule <emphasis role="bold">ENV:tag</emphasis> "suspicious"</programlisting>
      (REQUEST_HEADERS:<emphasis>Headername</emphasis>)</para>
    </section>

+    <section>
+      <title><literal>MULTIPART_CRLF_LF_LINES</literal></title>
+
+      <para>This flag variable will be set to <literal>1</literal> whenever a
+      multipart request uses mixed line terminators. The
+      <literal>multipart/form-data</literal> RFC requires
+      <literal>CRLF</literal> sequence to be used to terminate lines. Since
+      some client implementations use only <literal>LF</literal> to terminate
+      lines you might want to allow them to proceed under certain
+      circumstances (if you want to do this you will need to stop using
+      <literal>MULTIPART_STRICT_ERROR</literal> and check each multipart flag
+      variable individually, avoding <literal>MULTIPART_LF_LINE</literal>).
+      However, mixing <literal>CRLF</literal> and <literal>LF</literal> line
+      terminators is dangerous as it can allow for evasion. Therefore, in such
+      cases, you will have to add a check for
+      <literal>MULTIPART_CRLF_LF_LINES</literal>.</para>
+    </section>
+
    <section>
      <title><literal>MULTIPART_STRICT_ERROR</literal></title>

@@ -4411,4 +4429,4 @@ SecRule XML "<emphasis role="bold">@validateSchema /path/to/apache2/conf/xml.xsd
      </section>
    </section>
  </section>
-</article>
+</article>