From 6350e2badc9b9f2d4ce724539772a099a7643830 Mon Sep 17 00:00:00 2001 From: brectanus Date: Mon, 11 Jun 2007 21:28:03 +0000 Subject: [PATCH] Do not log alert message for subrequests. See #124. Cleanup CHANGES. --- CHANGES | 8 ++++---- apache2/mod_security2.c | 5 +++-- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/CHANGES b/CHANGES index f5aaea4f..72942b08 100644 --- a/CHANGES +++ b/CHANGES @@ -2,9 +2,9 @@ ?? ??? 2007 - 2.2.0-trunk ------------------------- - * TODO: Detect static files (trac #15) + * Do not trigger "pause" action for subrequests. - * Added rule file/line to audit log messages. + * Added matching rule filename and line number to audit log. * Added new phrase matching operators, @pm and @pmFromFile. These use an alternate set based matching engine to perform faster phrase @@ -14,10 +14,10 @@ * Fixed problem with subrequests not being intercepted (only logged). - * Add Solaris to the list of platforms not supporting the hidden + * Added Solaris to the list of platforms not supporting the hidden visibility attribute. - * Remove excessive debug log entries about "capture" action. + * Removed excessive debug log entries about "capture" action. * Fixed decoding full-width unicode in t:urlDecodeUni. diff --git a/apache2/mod_security2.c b/apache2/mod_security2.c index d25ffa81..638a1d62 100644 --- a/apache2/mod_security2.c +++ b/apache2/mod_security2.c @@ -79,9 +79,10 @@ int perform_interception(modsec_rec *msr) { phase_text = apr_psprintf(msr->mp, " (phase %i)", msr->phase); /* By default we log at level 1 but we switch to 4 - * if a nolog action was used to hide the message. + * if a nolog action was used or this is a subrequest + * to hide the message. */ - log_level = (actionset->log != 1) ? 4 : 1; + log_level = ((actionset->log != 1) || (msr->r->main != NULL)) ? 4 : 1; /* Pause the request first (if configured to do so and the main request). */ if (actionset->intercept_pause && (msr->r->main == NULL)) {