Support configurable limit on depth of JSON parsing

2025-09-30 03:34:29 +03:00 · 2021-11-15 18:51:25 -08:00
parent ec86b242e1
commit ac79c1c29b
11 changed files with 5749 additions and 5554 deletions
--- a/headers/modsecurity/rules_set_properties.h
+++ b/headers/modsecurity/rules_set_properties.h
@@ -366,6 +366,7 @@ class RulesSetProperties {
                            PropertyNotSetConfigBoolean);

        to->m_argumentsLimit.merge(&from->m_argumentsLimit);
+        to->m_requestBodyJsonDepthLimit.merge(&from->m_requestBodyJsonDepthLimit);
        to->m_requestBodyLimit.merge(&from->m_requestBodyLimit);
        to->m_responseBodyLimit.merge(&from->m_responseBodyLimit);

@@ -464,6 +465,7 @@ class RulesSetProperties {
    ConfigBoolean m_tmpSaveUploadedFiles;
    ConfigBoolean m_uploadKeepFiles;
    ConfigDouble m_argumentsLimit;
+    ConfigDouble m_requestBodyJsonDepthLimit;
    ConfigDouble m_requestBodyLimit;
    ConfigDouble m_requestBodyNoFilesLimit;
    ConfigDouble m_responseBodyLimit;