From f66e8c5b38b24fabf493aea63d4f1aeb030187a4 Mon Sep 17 00:00:00 2001 From: ivanr Date: Mon, 15 Oct 2007 18:27:42 +0000 Subject: [PATCH] Document MULTIPART_CRLF_LF_LINES. --- doc/modsecurity2-apache-reference.xml | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/doc/modsecurity2-apache-reference.xml b/doc/modsecurity2-apache-reference.xml index 40c19d5d..c4d6edd8 100644 --- a/doc/modsecurity2-apache-reference.xml +++ b/doc/modsecurity2-apache-reference.xml @@ -3,7 +3,7 @@ ModSecurity Reference Manual - Version 2.5.0-dev3 / (October 1, 2007) + Version 2.5.0-dev?/ (October 15, 2007) 2004-2007 @@ -2332,6 +2332,24 @@ SecRule TX:MYMATCH "@eq ARGS:param" deny +
+ <literal>MULTIPART_CRLF_LF_LINES</literal> + + This flag variable will be set to 1 whenever a + multipart request uses mixed line terminators. The + multipart/form-data RFC requires + CRLF sequence to be used to terminate lines. Since + some client implementations use only LF to terminate + lines you might want to allow them to proceed under certain + circumstances (if you want to do this you will need to stop using + MULTIPART_STRICT_ERROR and check each multipart flag + variable individually, avoding MULTIPART_LF_LINE). + However, mixing CRLF and LF line + terminators is dangerous as it can allow for evasion. Therefore, in such + cases, you will have to add a check for + MULTIPART_CRLF_LF_LINES. +
+
<literal>MULTIPART_STRICT_ERROR</literal>