github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Change 'sanitise' to 'sanitize' everywhere, preserving the 'sanitise' action variants for backward compatibility.

Browse Source
This commit is contained in:
ivanr 2009-10-29 17:57:18 +00:00
parent 6d83f91b2b
commit 8fe278e845
8 changed files with 145 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
apache2/modsecurity.c
View File

@ -297,12 +297,12 @@ apr_status_t modsecurity_tx_init(modsec_rec *msr) {
}
}
msr->arguments_to_sanitise = apr_table_make(msr->mp, 16);
if (msr->arguments_to_sanitise == NULL) return -1;
msr->request_headers_to_sanitise = apr_table_make(msr->mp, 16);
if (msr->request_headers_to_sanitise == NULL) return -1;
msr->response_headers_to_sanitise = apr_table_make(msr->mp, 16);
if (msr->response_headers_to_sanitise == NULL) return -1;
msr->arguments_to_sanitize = apr_table_make(msr->mp, 16);
if (msr->arguments_to_sanitize == NULL) return -1;
msr->request_headers_to_sanitize = apr_table_make(msr->mp, 16);
if (msr->request_headers_to_sanitize == NULL) return -1;
msr->response_headers_to_sanitize = apr_table_make(msr->mp, 16);
if (msr->response_headers_to_sanitize == NULL) return -1;
/* Initialise cookies */
msr->request_cookies = apr_table_make(msr->mp, 16);

6
apache2/modsecurity.h
View File

@ -250,9 +250,9 @@ struct modsec_rec {
const char *request_content_type;
apr_table_t *arguments;
apr_table_t *arguments_to_sanitise;
apr_table_t *request_headers_to_sanitise;
apr_table_t *response_headers_to_sanitise;
apr_table_t *arguments_to_sanitize;
apr_table_t *request_headers_to_sanitize;
apr_table_t *response_headers_to_sanitize;
apr_table_t *request_cookies;
unsigned int is_relevant;

84
apache2/msc_logging.c
View File

@ -287,7 +287,7 @@ static char *create_auditlog_boundary(request_rec *r) {
* Sanitises the request line by removing the parameters
* that have been marked as sensitive.
*/
static void sanitise_request_line(modsec_rec *msr) {
static void sanitize_request_line(modsec_rec *msr) {
const apr_array_header_t *tarr;
const apr_table_entry_t *telts;
int i;
@ -299,7 +299,7 @@ static void sanitise_request_line(modsec_rec *msr) {
qspos++;
/* Loop through the list of sensitive parameters. */
tarr = apr_table_elts(msr->arguments_to_sanitise);
tarr = apr_table_elts(msr->arguments_to_sanitize);
telts = (const apr_table_entry_t*)tarr->elts;
for (i = 0; i < tarr->nelts; i++) {
msc_arg *arg = (msc_arg *)telts[i].val;
@ -313,7 +313,7 @@ static void sanitise_request_line(modsec_rec *msr) {
j = arg->value_origin_offset;
while((*p != '\0')&&(j--)) p++;
if (*p == '\0') {
msr_log(msr, 1, "Unable to sanitise variable \"%s\" at offset %u of QUERY_STRING"
msr_log(msr, 1, "Unable to sanitize variable \"%s\" at offset %u of QUERY_STRING"
"because the request line is too short.",
log_escape_ex(msr->mp, arg->name, arg->name_len),
arg->value_origin_offset);
@ -326,7 +326,7 @@ static void sanitise_request_line(modsec_rec *msr) {
*p++ = '*';
}
if (*p == '\0') {
msr_log(msr, 1, "Unable to sanitise variable \"%s\" at offset %u (size %d) "
msr_log(msr, 1, "Unable to sanitize variable \"%s\" at offset %u (size %d) "
"of QUERY_STRING because the request line is too short.",
log_escape_ex(msr->mp, arg->name, arg->name_len),
arg->value_origin_offset, arg->value_origin_len);
@ -491,7 +491,7 @@ void sec_audit_logger(modsec_rec *msr) {
text = apr_psprintf(msr->mp, "\n--%s-%c--\n", msr->new_auditlog_boundary, AUDITLOG_PART_REQUEST_HEADERS);
sec_auditlog_write(msr, text, strlen(text));
sanitise_request_line(msr);
sanitize_request_line(msr);
sec_auditlog_write(msr, msr->request_line, strlen(msr->request_line));
sec_auditlog_write(msr, "\n", 1);
@ -500,9 +500,9 @@ void sec_audit_logger(modsec_rec *msr) {
te = (apr_table_entry_t *)arr->elts;
for (i = 0; i < arr->nelts; i++) {
text = apr_psprintf(msr->mp, "%s: %s\n", te[i].key, te[i].val);
/* Do we need to sanitise this request header? */
if (apr_table_get(msr->request_headers_to_sanitise, te[i].key) != NULL) {
/* Yes, sanitise it. */
/* Do we need to sanitize this request header? */
if (apr_table_get(msr->request_headers_to_sanitize, te[i].key) != NULL) {
/* Yes, sanitize it. */
memset(text + strlen(te[i].key) + 2, '*', strlen(te[i].val));
}
sec_auditlog_write(msr, text, strlen(text));
@ -525,17 +525,17 @@ void sec_audit_logger(modsec_rec *msr) {
apr_array_header_t *sorted_args;
unsigned int offset = 0, last_offset = 0;
msc_arg *nextarg = NULL;
int sanitise = 0; /* IMP1 Use constants for "sanitise" values. */
int sanitize = 0; /* IMP1 Use constants for "sanitize" values. */
char *my_error_msg = NULL;
sorted_args = apr_array_make(msr->mp, 25, sizeof(const msc_arg *));
/* First we need to sort the arguments that need to be
* sanitised in descending order (we are using a stack structure
* sanitized in descending order (we are using a stack structure
* to store then so the order will be ascending when we start
* popping them out). This is because we will
* be reading the request body sequentially and must
* sanitise it as we go.
* sanitize it as we go.
*/
for(;;) {
@ -544,7 +544,7 @@ void sec_audit_logger(modsec_rec *msr) {
/* Find the next largest offset (excluding
* the ones we've used up already).
*/
tarr = apr_table_elts(msr->arguments_to_sanitise);
tarr = apr_table_elts(msr->arguments_to_sanitize);
telts = (const apr_table_entry_t*)tarr->elts;
for(i = 0; i < tarr->nelts; i++) {
msc_arg *arg = (msc_arg *)telts[i].val;
@ -570,7 +570,7 @@ void sec_audit_logger(modsec_rec *msr) {
*/
if (nextarg == NULL) break;
sanitise = 2; /* Means time to pop the next argument out. */
sanitize = 2; /* Means time to pop the next argument out. */
last_offset = offset;
offset = 0;
{ /* IMP1 Fix this ugly bit here. */
@ -580,7 +580,7 @@ void sec_audit_logger(modsec_rec *msr) {
}
/* Now start retrieving the body chunk by chunk and
* sanitise data in pieces.
* sanitize data in pieces.
*/
rc = modsecurity_request_body_retrieve_start(msr, &my_error_msg);
@ -589,8 +589,8 @@ void sec_audit_logger(modsec_rec *msr) {
} else {
msc_data_chunk *chunk = NULL;
unsigned int chunk_offset = 0;
unsigned int sanitise_offset = 0;
unsigned int sanitise_length = 0;
unsigned int sanitize_offset = 0;
unsigned int sanitize_length = 0;
text = apr_psprintf(msr->mp, "\n--%s-%c--\n", msr->new_auditlog_boundary, AUDITLOG_PART_REQUEST_BODY);
sec_auditlog_write(msr, text, strlen(text));
@ -598,46 +598,46 @@ void sec_audit_logger(modsec_rec *msr) {
for(;;) {
rc = modsecurity_request_body_retrieve(msr, &chunk, -1, &my_error_msg);
if (chunk != NULL) {
/* Anything greater than 1 means we have more data to sanitise. */
while (sanitise > 1) {
/* Anything greater than 1 means we have more data to sanitize. */
while (sanitize > 1) {
msc_arg **arg = NULL;
if (sanitise == 2) {
if (sanitize == 2) {
/* Get the next argument from the stack. */
arg = (msc_arg **)apr_array_pop(sorted_args);
if (arg == NULL) sanitise = 0; /* We're done sanitising. */
if (arg == NULL) sanitize = 0; /* We're done sanitising. */
else {
/* Continue with sanitation to process the
* retrieved argument.
*/
sanitise = 1;
sanitise_offset = (*arg)->value_origin_offset;
sanitise_length = (*arg)->value_origin_len;
sanitize = 1;
sanitize_offset = (*arg)->value_origin_offset;
sanitize_length = (*arg)->value_origin_len;
}
}
if (sanitise) {
/* Check if the data we want to sanitise is
if (sanitize) {
/* Check if the data we want to sanitize is
* stored in the current chunk.
*/
if (chunk_offset + chunk->length > sanitise_offset) {
if (chunk_offset + chunk->length > sanitize_offset) {
unsigned int soff; /* data offset within chunk */
unsigned int len; /* amount in this chunk to sanitise */
unsigned int len; /* amount in this chunk to sanitize */
soff = sanitise_offset - chunk_offset;
soff = sanitize_offset - chunk_offset;
if (soff + sanitise_length <= chunk->length) {
if (soff + sanitize_length <= chunk->length) {
/* The entire argument resides in the current chunk. */
len = sanitise_length;
sanitise = 2; /* Get another parameter to sanitise. */
len = sanitize_length;
sanitize = 2; /* Get another parameter to sanitize. */
} else {
/* Some work to do here but we'll need to seek
* another chunk.
*/
len = chunk->length - soff;
sanitise_offset += len;
sanitise_length -= len;
sanitise = 1; /* It's OK to go to the next chunk. */
sanitize_offset += len;
sanitize_length -= len;
sanitize = 1; /* It's OK to go to the next chunk. */
}
/* Yes, we actually write over the original data.
@ -650,7 +650,7 @@ void sec_audit_logger(modsec_rec *msr) {
}
}
/* Write the sanitised chunk to the log
/* Write the sanitized chunk to the log
* and advance to the next chunk. */
sec_auditlog_write(msr, chunk->data, chunk->length);
chunk_offset += chunk->length;
@ -676,7 +676,7 @@ void sec_audit_logger(modsec_rec *msr) {
if ((msr->msc_reqbody_read)&&(msr->mpd != NULL)) {
char *buffer = NULL;
buffer = multipart_reconstruct_urlencoded_body_sanitise(msr);
buffer = multipart_reconstruct_urlencoded_body_sanitize(msr);
if (buffer == NULL) {
msr_log(msr, 1, "Audit log: Failed to reconstruct request body.");
} else {
@ -710,9 +710,9 @@ void sec_audit_logger(modsec_rec *msr) {
te = (apr_table_entry_t *)arr->elts;
for (i = 0; i < arr->nelts; i++) {
text = apr_psprintf(msr->mp, "%s: %s\n", te[i].key, te[i].val);
/* Do we need to sanitise this response header? */
if (apr_table_get(msr->response_headers_to_sanitise, te[i].key) != NULL) {
/* Yes, sanitise it. */
/* Do we need to sanitize this response header? */
if (apr_table_get(msr->response_headers_to_sanitize, te[i].key) != NULL) {
/* Yes, sanitize it. */
memset(text + strlen(te[i].key) + 2, '*', strlen(te[i].val));
}
sec_auditlog_write(msr, text, strlen(text));
@ -816,7 +816,7 @@ void sec_audit_logger(modsec_rec *msr) {
const apr_array_header_t *tarr;
const apr_table_entry_t *telts;
tarr = apr_table_elts(msr->arguments_to_sanitise);
tarr = apr_table_elts(msr->arguments_to_sanitize);
telts = (const apr_table_entry_t*)tarr->elts;
if (tarr->nelts > 0) {
@ -837,7 +837,7 @@ void sec_audit_logger(modsec_rec *msr) {
const apr_array_header_t *tarr;
const apr_table_entry_t *telts;
tarr = apr_table_elts(msr->request_headers_to_sanitise);
tarr = apr_table_elts(msr->request_headers_to_sanitize);
telts = (const apr_table_entry_t*)tarr->elts;
if (tarr->nelts > 0) {
@ -857,7 +857,7 @@ void sec_audit_logger(modsec_rec *msr) {
const apr_array_header_t *tarr;
const apr_table_entry_t *telts;
tarr = apr_table_elts(msr->response_headers_to_sanitise);
tarr = apr_table_elts(msr->response_headers_to_sanitize);
telts = (const apr_table_entry_t*)tarr->elts;
if (tarr->nelts > 0) {

4
apache2/msc_multipart.c
View File

@ -1279,7 +1279,7 @@ int multipart_get_arguments(modsec_rec *msr, char *origin, apr_table_t *argument
/**
*
*/
char *multipart_reconstruct_urlencoded_body_sanitise(modsec_rec *msr) {
char *multipart_reconstruct_urlencoded_body_sanitize(modsec_rec *msr) {
multipart_part **parts;
char *body;
unsigned int body_len;
@ -1317,7 +1317,7 @@ char *multipart_reconstruct_urlencoded_body_sanitise(modsec_rec *msr) {
* in the memory.
*/
if (msr->phase >= PHASE_LOGGING) {
if (apr_table_get(msr->arguments_to_sanitise, parts[i]->name) != NULL) {
if (apr_table_get(msr->arguments_to_sanitize, parts[i]->name) != NULL) {
memset(parts[i]->value, '*', strlen(parts[i]->value));
}
}

2
apache2/msc_multipart.h
View File

@ -133,6 +133,6 @@ apr_status_t DSOLOCAL multipart_cleanup(modsec_rec *msr);
int DSOLOCAL multipart_get_arguments(modsec_rec *msr, char *origin, apr_table_t *arguments);
char DSOLOCAL *multipart_reconstruct_urlencoded_body_sanitise(modsec_rec *msr);
char DSOLOCAL *multipart_reconstruct_urlencoded_body_sanitize(modsec_rec *msr);
#endif

90
apache2/re_actions.c
View File

@ -973,8 +973,8 @@ static char *msre_action_xmlns_validate(msre_engine *engine, msre_action *action
return NULL;
}
/* sanitiseArg */
static apr_status_t msre_action_sanitiseArg_execute(modsec_rec *msr, apr_pool_t *mptmp,
/* sanitizeArg */
static apr_status_t msre_action_sanitizeArg_execute(modsec_rec *msr, apr_pool_t *mptmp,
msre_rule *rule, msre_action *action)
{
const char *sargname = NULL;
@ -990,7 +990,7 @@ static apr_status_t msre_action_sanitiseArg_execute(modsec_rec *msr, apr_pool_t
msc_arg *arg = (msc_arg *)telts[i].val;
if (strcasecmp(sargname, arg->name) == 0) {
apr_table_addn(msr->arguments_to_sanitise, arg->name, (void *)arg);
apr_table_addn(msr->arguments_to_sanitize, arg->name, (void *)arg);
}
}
@ -1001,8 +1001,8 @@ static apr_status_t msre_action_sanitiseArg_execute(modsec_rec *msr, apr_pool_t
#define SANITISE_REQUEST_HEADER 2
#define SANITISE_RESPONSE_HEADER 3
/* sanitiseMatched */
static apr_status_t msre_action_sanitiseMatched_execute(modsec_rec *msr, apr_pool_t *mptmp,
/* sanitizeMatched */
static apr_status_t msre_action_sanitizeMatched_execute(modsec_rec *msr, apr_pool_t *mptmp,
msre_rule *rule, msre_action *action)
{
const char *sargname = NULL;
@ -1041,7 +1041,7 @@ static apr_status_t msre_action_sanitiseMatched_execute(modsec_rec *msr, apr_poo
type = SANITISE_RESPONSE_HEADER;
}
else {
msr_log(msr, 3, "sanitiseMatched: Don't know how to handle variable: %s",
msr_log(msr, 3, "sanitizeMatched: Don't know how to handle variable: %s",
mvar->name);
return 0;
}
@ -1053,17 +1053,17 @@ static apr_status_t msre_action_sanitiseMatched_execute(modsec_rec *msr, apr_poo
for (i = 0; i < tarr->nelts; i++) {
msc_arg *arg = (msc_arg *)telts[i].val;
if (strcasecmp(sargname, arg->name) == 0) {
apr_table_addn(msr->arguments_to_sanitise, arg->name, (void *)arg);
apr_table_addn(msr->arguments_to_sanitize, arg->name, (void *)arg);
}
}
break;
case SANITISE_REQUEST_HEADER :
apr_table_set(msr->request_headers_to_sanitise, sargname, "1");
apr_table_set(msr->request_headers_to_sanitize, sargname, "1");
break;
case SANITISE_RESPONSE_HEADER :
apr_table_set(msr->response_headers_to_sanitise, sargname, "1");
apr_table_set(msr->response_headers_to_sanitize, sargname, "1");
break;
default :
@ -1074,19 +1074,19 @@ static apr_status_t msre_action_sanitiseMatched_execute(modsec_rec *msr, apr_poo
return 1;
}
/* sanitiseRequestHeader */
static apr_status_t msre_action_sanitiseRequestHeader_execute(modsec_rec *msr, apr_pool_t *mptmp,
/* sanitizeRequestHeader */
static apr_status_t msre_action_sanitizeRequestHeader_execute(modsec_rec *msr, apr_pool_t *mptmp,
msre_rule *rule, msre_action *action)
{
apr_table_set(msr->request_headers_to_sanitise, action->param, "1");
apr_table_set(msr->request_headers_to_sanitize, action->param, "1");
return 1;
}
/* sanitiseResponseHeader */
static apr_status_t msre_action_sanitiseResponseHeader_execute(modsec_rec *msr, apr_pool_t *mptmp,
/* sanitizeResponseHeader */
static apr_status_t msre_action_sanitizeResponseHeader_execute(modsec_rec *msr, apr_pool_t *mptmp,
msre_rule *rule, msre_action *action)
{
apr_table_set(msr->response_headers_to_sanitise, action->param, "1");
apr_table_set(msr->response_headers_to_sanitize, action->param, "1");
return 1;
}
@ -2195,7 +2195,20 @@ void msre_engine_register_default_actions(msre_engine *engine) {
ACTION_CGROUP_NONE,
NULL,
NULL,
msre_action_sanitiseArg_execute
msre_action_sanitizeArg_execute
);
/* sanitizeArg */
msre_engine_action_register(engine,
"sanitizeArg",
ACTION_NON_DISRUPTIVE,
1, 1,
NO_PLUS_MINUS,
ACTION_CARDINALITY_MANY,
ACTION_CGROUP_NONE,
NULL,
NULL,
msre_action_sanitizeArg_execute
);
/* sanitiseMatched */
@ -2208,7 +2221,20 @@ void msre_engine_register_default_actions(msre_engine *engine) {
ACTION_CGROUP_NONE,
NULL,
NULL,
msre_action_sanitiseMatched_execute
msre_action_sanitizeMatched_execute
);
/* sanitizeMatched */
msre_engine_action_register(engine,
"sanitizeMatched",
ACTION_NON_DISRUPTIVE,
0, 0,
NO_PLUS_MINUS,
ACTION_CARDINALITY_MANY,
ACTION_CGROUP_NONE,
NULL,
NULL,
msre_action_sanitizeMatched_execute
);
/* sanitiseRequestHeader */
@ -2221,7 +2247,20 @@ void msre_engine_register_default_actions(msre_engine *engine) {
ACTION_CGROUP_NONE,
NULL,
NULL,
msre_action_sanitiseRequestHeader_execute
msre_action_sanitizeRequestHeader_execute
);
/* sanitizeRequestHeader */
msre_engine_action_register(engine,
"sanitizeRequestHeader",
ACTION_NON_DISRUPTIVE,
1, 1,
NO_PLUS_MINUS,
ACTION_CARDINALITY_MANY,
ACTION_CGROUP_NONE,
NULL,
NULL,
msre_action_sanitizeRequestHeader_execute
);
/* sanitiseResponseHeader */
@ -2234,7 +2273,20 @@ void msre_engine_register_default_actions(msre_engine *engine) {
ACTION_CGROUP_NONE,
NULL,
NULL,
msre_action_sanitiseResponseHeader_execute
msre_action_sanitizeResponseHeader_execute
);
/* sanitizeResponseHeader */
msre_engine_action_register(engine,
"sanitizeResponseHeader",
ACTION_NON_DISRUPTIVE,
1, 1,
NO_PLUS_MINUS,
ACTION_CARDINALITY_MANY,
ACTION_CGROUP_NONE,
NULL,
NULL,
msre_action_sanitizeResponseHeader_execute
);
/* setenv */

32
doc/modsecurity2-apache-reference.xml
View File

@ -5126,7 +5126,7 @@ SecRule REQUEST_HEADERS:User-Agent "Test" log,deny,status:403</programlisting>
</section>
<section>
<title><literal>sanitiseArg</literal></title>
<title><literal>sanitizeArg</literal></title>
<para><emphasis>Description:</emphasis> Sanitises (replaces each byte
with an asterisk) a named request argument prior to audit
@ -5136,7 +5136,7 @@ SecRule REQUEST_HEADERS:User-Agent "Test" log,deny,status:403</programlisting>
<para>Example:</para>
<programlisting format="linespecific">SecAction nolog,phase:2,<emphasis>sanitiseArg:password</emphasis></programlisting>
<programlisting format="linespecific">SecAction nolog,phase:2,<emphasis>sanitizeArg:password</emphasis></programlisting>
<para><emphasis>Note</emphasis></para>
@ -5148,7 +5148,7 @@ SecRule REQUEST_HEADERS:User-Agent "Test" log,deny,status:403</programlisting>
</section>
<section>
<title><literal>sanitiseMatched</literal></title>
<title><literal>sanitizeMatched</literal></title>
<para><emphasis>Description:</emphasis> Sanitises the variable (request
argument, request header, or response header) that caused a rule
@ -5156,52 +5156,52 @@ SecRule REQUEST_HEADERS:User-Agent "Test" log,deny,status:403</programlisting>
<para><emphasis>Action Group:</emphasis> Non-disruptive</para>
<para>Example: This action can be used to sanitise arbitrary transaction
<para>Example: This action can be used to sanitize arbitrary transaction
elements when they match a condition. For example, the example below
will sanitise any argument that contains the word<emphasis>
will sanitize any argument that contains the word<emphasis>
password</emphasis> in the name.</para>
<programlisting format="linespecific">SecRule ARGS_NAMES password nolog,pass,<emphasis>sanitiseMatched</emphasis></programlisting>
<programlisting format="linespecific">SecRule ARGS_NAMES password nolog,pass,<emphasis>sanitizeMatched</emphasis></programlisting>
<para><emphasis>Note</emphasis></para>
<para>Same note as sanitiseArg.</para>
<para>Same note as sanitizeArg.</para>
</section>
<section>
<title><literal>sanitiseRequestHeader</literal></title>
<title><literal>sanitizeRequestHeader</literal></title>
<para><emphasis>Description:</emphasis> Sanitises a named request
header.</para>
<para><emphasis>Action Group:</emphasis> Non-disruptive</para>
<para>Example: This will sanitise the data in the Authorization
<para>Example: This will sanitize the data in the Authorization
header.</para>
<programlisting format="linespecific">SecAction log,phase:1,<emphasis>sanitiseRequestHeader:Authorization</emphasis></programlisting>
<programlisting format="linespecific">SecAction log,phase:1,<emphasis>sanitizeRequestHeader:Authorization</emphasis></programlisting>
<para><emphasis>Note</emphasis></para>
<para>Same note as sanitiseArg.</para>
<para>Same note as sanitizeArg.</para>
</section>
<section>
<title><literal>sanitiseResponseHeader</literal></title>
<title><literal>sanitizeResponseHeader</literal></title>
<para><emphasis>Description:</emphasis> Sanitises a named response
header.</para>
<para><emphasis>Action Group:</emphasis> Non-disruptive</para>
<para>Example: This will sanitise the Set-Cookie data sent to the
<para>Example: This will sanitize the Set-Cookie data sent to the
client.</para>
<programlisting format="linespecific">SecAction log,phase:3,<emphasis>sanitiseResponseHeader:Set-Cookie</emphasis></programlisting>
<programlisting format="linespecific">SecAction log,phase:3,<emphasis>sanitizeResponseHeader:Set-Cookie</emphasis></programlisting>
<para><emphasis>Note</emphasis></para>
<para>Same note as sanitiseArg.</para>
<para>Same note as sanitizeArg.</para>
</section>
<section>
@ -5958,7 +5958,7 @@ SecRule XML "<emphasis>@validateSchema /path/to/apache2/conf/xml.xsd</emphasis>"
<para>Example:</para>
<programlisting format="linespecific">SecRule ARGS "<emphasis>@verifyCC \d{13,16}</emphasis>" \
"phase:2,sanitiseMatched,log,auditlog,pass,msg:'Potential credit card number'"</programlisting>
"phase:2,sanitizeMatched,log,auditlog,pass,msg:'Potential credit card number'"</programlisting>
</section>
<section>

8
doc/modsecurity2-data-formats.xml
View File

@ -347,7 +347,7 @@
<para>ModSecurity alerts will always contain text fragments that were
taken from configuration or the transaction. Such text fragments escaped
before they are user in messages, in order to sanitise the potentially
before they are user in messages, in order to sanitize the potentially
dangerous characters. They are also sometimes surrounded using double
quotes. The escaping algorithm is as follows:<orderedlist>
<listitem>
@ -856,7 +856,7 @@ Server: Apache/2.x.x
<title>Sanitised-Args</title>
<para>The <literal>Sanitised-Args</literal> header contains a list
of arguments that were sanitised (each byte of their content
of arguments that were sanitized (each byte of their content
replaced with an asterisk) before logging. For example:</para>
<programlisting>Sanitised-Args: "old_password", "new_password", "new_password_repeat".</programlisting>
@ -866,7 +866,7 @@ Server: Apache/2.x.x
<title>Sanitised-Request-Headers</title>
<para>The <literal>Sanitised-Request-Headers</literal> header
contains a list of request headers that were sanitised before
contains a list of request headers that were sanitized before
logging. For example:</para>
<programlisting>Sanitised-Request-Headers: "Authentication".</programlisting>
@ -876,7 +876,7 @@ Server: Apache/2.x.x
<title>Sanitised-Response-Headers</title>
<para>The <literal>Sanitised-Response-Headers</literal> header
contains a list of response headers that were sanitised before
contains a list of response headers that were sanitized before
logging. For example:</para>
<programlisting>Sanitised-Response-Headers: "My-Custom-Header".</programlisting>