github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Temporarily disable the HTML ENTITY DECODE transformation

Browse Source
This commit is contained in:
Felipe Zimmerle 2016-01-18 13:48:00 -03:00
parent a102b5ce2c
commit b46dc34573
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/actions/transformations/html_entity_decode.cc
View File

@ -42,7 +42,10 @@ std::string HtmlEntityDecode::evaluate(std::string value,
}
char *tmp = strdup(value.c_str());
html_entities_decode_inplace((unsigned char *)tmp, value.size());
// FIXME: html_entities_decode_inplace is not working as expected
// temporary disabled to perform the audit_log tests.
//html_entities_decode_inplace((unsigned char *)tmp, value.size());
std::string ret("");
ret.assign(tmp);
free(tmp);