github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update CHANGES.

Browse Source 
Sync up docs.
This commit is contained in:
brectanus 2008-08-15 20:25:27 +00:00
parent 225339525d
commit d419a21682
2 changed files with 35 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CHANGES
View File

@ -1,7 +1,15 @@
31 Jul 2008 - trunk
=======
-------------------
* Implement cssDecode.
* Allow for disabling request body limit checks in phase:1.
* Added transformations for processing parity for legacy protocols ported
to HTTP(S): t:parityEven7bit, t:parityOdd7bit, t:parityZero7bit
* Added t:cssDecode transformation to decode CSS escapes.
* Now log XML parsing/validation warnings and errors to be in the debug log
at levels 3 and 4, respectivly.
* Persistent counter updates are now atomic.

28
doc/modsecurity2-apache-reference.xml
View File

@ -4,7 +4,7 @@
Manual</title>
<articleinfo>
<releaseinfo>Version 2.6.0-trunk (July 31, 2008)</releaseinfo>
<releaseinfo>Version 2.6.0-trunk (August 15, 2008)</releaseinfo>
<copyright>
<year>2004-2008</year>
@ -3853,6 +3853,28 @@ SecRule <emphasis>XML:/xq:employees/employee/name/text()</emphasis> Fred \
to forward slashes.</para>
</section>
<section>
<title><literal>parityEven7bit</literal></title>
<para>This function calculates even parity of 7-bit data replacing
the 8th bit of each target byte with the calculated parity bit.</para>
</section>
<section>
<title><literal>parityOdd7bit</literal></title>
<para>This function calculates odd parity of 7-bit data replacing
the 8th bit of each target byte with the calculated parity bit.</para>
</section>
<section>
<title><literal>parityZero7bit</literal></title>
<para>This function calculates zero parity of 7-bit data replacing
the 8th bit of each target byte with a zero parity bit which allows
inspection of even/odd parity 7bit data as ASCII7 data.</para>
</section>
<section>
<title><literal>removeNulls</literal></title>
@ -5469,7 +5491,7 @@ SecRule REQUEST_HEADERS:Ip-Address "!<emphasis>@streq %{TX.1}</emphasis>"</progr
SecRule REQUEST_HEADERS:Content-Type ^text/xml$ \
phase:1,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML
SecRule REQBODY_PROCESSOR "!^XML$" nolog,pass,skipAfter:12345
SecRule XML "<emphasis>@validateDTD /path/to/apache2/conf/xml.dtd</emphasis>,id:12345"</programlisting>
SecRule XML "<emphasis>@validateDTD /path/to/apache2/conf/xml.dtd</emphasis>" "deny,id:12345"</programlisting>
</section>
<section>
@ -5484,7 +5506,7 @@ SecRule XML "<emphasis>@validateDTD /path/to/apache2/conf/xml.dtd</emphasis>,id:
SecRule REQUEST_HEADERS:Content-Type ^text/xml$ \
phase:1,t:lowercase,nolog,pass,ctl:requestBodyProcessor=XML
SecRule REQBODY_PROCESSOR "!^XML$" nolog,pass,skipAfter:12345
SecRule XML "<emphasis>@validateSchema /path/to/apache2/conf/xml.xsd</emphasis>,id:12345"</programlisting>
SecRule XML "<emphasis>@validateSchema /path/to/apache2/conf/xml.xsd</emphasis>" "deny,id:12345"</programlisting>
<para>This operator requires request body to be processed as XML.</para>
</section>