ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00

Author	SHA1	Message	Date
Felipe Zimmerle	6ced3b3921	Refactoring on Action - having RuleWithAction and RuleWithActionsProperties	2020-10-30 09:19:38 -03:00
Felipe Zimmerle	aaffd314e5	Delays variable name resolution to whenever it is necessary	2020-10-29 13:44:09 -03:00
Felipe Zimmerle	647717b926	Computes auditlog during rules load time	2020-10-29 13:44:05 -03:00
Felipe Zimmerle	8aa3e3439d	actions: Removes Rule parameter from runtime execute Generals organization on the Action class	2020-10-29 13:44:05 -03:00
Felipe Zimmerle	e345cf5ca3	tests: Romoves unused header from a test case	2020-10-29 13:44:04 -03:00
Felipe Zimmerle	8890f9bbbc	Better error handling when loading configurations	2020-10-29 13:44:03 -03:00
Felipe Zimmerle	6547f3601f	Refactoring: Makes transformations to work with new execute signature	2020-10-29 13:44:01 -03:00
Felipe Zimmerle	35a341e473	Refactoring in the Rule class to make it more elegant	2020-10-29 13:43:59 -03:00
Felipe Zimmerle	0daeb09b0a	Adds new method for rule merge IMPORTANT: SecDefaultAction specified on a child configuration will overwrite the ones specified on the parent; Previously it was concatenating.	2020-10-29 13:43:54 -03:00
Michael Granzow	1b7aa42c77	Issue-2423: Meta-actions like 'msg' should be applied at end of chain	2020-10-29 10:33:02 -03:00
martinhsv	2672db103e	Add support for new operator rxGlobal	2020-10-26 08:55:07 -03:00
Felipe Zimmerle	377fb723ca	Makes lua 5.1 workable again Issue #2389	2020-09-21 10:04:40 -03:00
martinhsv	b9620c26a0	rx:exit after full match; fix TX population after unused group	2020-06-29 06:13:45 -07:00
martinhsv	a1547eaa32	Regression tests: audit log compare support and test cases	2020-03-31 15:01:26 -03:00
Felipe Zimmerle	7a48245aed	Creates RuleUnconditional Makes RuleScript child of RuleWithActions instead of Operator	2020-03-31 14:44:19 -03:00
Felipe Zimmerle	43f8aee6b6	Splits Rule class into: Rule, RuleBase, RuleMarker	2020-03-30 20:21:36 -03:00
Felipe Zimmerle	9d158611cf	Makes Rule a shared pointer	2020-03-25 16:11:23 -03:00
Felipe Zimmerle	1e26bf2078	Revert "Creates the RulesSetPhases clas" This reverts commit 072e4edc53e388fdf64a5eb9d4317544a1c8ada6.	2020-03-11 08:17:56 -03:00
Felipe Zimmerle	072e4edc53	Creates the RulesSetPhases clas	2020-03-05 07:13:02 -03:00
martinhsv	f57265a3e2	Support configurable limit on number of arguments processed	2020-02-14 11:00:01 -03:00
martinhsv	136db3e582	Multipart Content-Disposition should allow filename* field	2020-02-11 10:29:38 -03:00
martinhsv	1b1fdc055b	Fix rule-update-target exclusions for plain (non-regex) variables	2020-02-11 09:42:37 -03:00
martinhsv	0470168056	Fix: audit log data omitted when nolog,auditlog	2020-01-07 11:16:07 -03:00
martinhsv	b8160cce6b	Fix Cookie header parsing issues	2019-11-20 08:51:06 -03:00
Ervin Hegedus	7ba77631f9	Replace Cookie parsing method	2019-11-20 08:51:05 -03:00
martinhsv	9cac167faf	Fix argument key-value pair parsing cases	2019-11-05 13:06:29 -03:00
felipe	c41ab312f3	Updates test cases	2019-10-24 09:59:57 -03:00
Felipe Zimmerle	beedddd6c6	Fix @pm lookup for possible matches on offset zero	2019-10-02 08:05:14 -07:00
Felipe Zimmerle	2bdc5f9d0a	Adds test case to cover issue #2005	2019-06-18 15:10:43 -03:00
Felipe Zimmerle	6ab464ab78	negative lookup on the key name instead of COLLECTION:key	2019-06-17 13:04:25 -03:00
Ervin Hegedus	c0142cf326	Changed compared variables of range id intervall in ruleRemoveById ctl action. #2111 * changed the variables in clause * added test case (@theMiddle) * fixes #2111	2019-06-04 10:28:30 -03:00
Felipe Zimmerle	9ebebfc838	Fix test case 1960	2019-06-04 08:38:45 -03:00
Felipe Zimmerle	50abc072c4	Make block action execution dependent of the SecEngine status	2019-06-03 19:55:02 -03:00
Felipe Zimmerle	a4e8484115	Having body limits to respect the rule engine state	2019-06-03 14:05:10 -03:00
Felipe Zimmerle	20b90364fa	Adds test case for #1872	2019-05-31 11:50:47 -03:00
Felipe Zimmerle	1b8d69da02	Fix dict element regular expression selection on SecRuleUpdateTargetByTag	2019-05-31 01:42:51 -03:00
Felipe Zimmerle	5472362313	Fix SecRuleUpdateTargetByTag with regular expressions	2019-05-31 01:42:47 -03:00
Ervin Hegedus	7a93bea8f7	Added some test cases related to #2099	2019-05-30 09:52:27 -03:00
Rufus125	86ce479b59	Adds new operator to check for data leakage of Austrian social security number	2019-05-29 20:57:08 -03:00
Felipe Zimmerle	b574418386	regression: Using github instead of modsecurity.org for SecRemoteRules	2019-04-05 12:59:34 -03:00
Ervin Hegedus	a6e6bc2b5f	Allow empty anchored variable to use	2019-02-12 09:31:19 -03:00
Ervin Hegedus	2d3fbbc56a	Modified affected test cases, which checked wrong variables	2019-02-12 09:16:07 -03:00
Ervin Hegedus	17d79ed7ba	Fixed data collecting in multipart parsing	2019-02-12 09:16:07 -03:00
Ervin Hegedus	4b3e6328e3	Fixed validateByteRange parsing method	2019-02-12 09:10:36 -03:00
Felipe Zimmerle	145f2f35b7	tests: Updates secrules-language-tests	2019-02-05 11:26:03 -03:00
Felipe Zimmerle	d00ea5111d	Adds initial support to drop action	2018-12-24 16:35:41 -03:00
Felipe Zimmerle	25bb1f1bcc	Changes ENV test case to read the default MODSECURTIY env var	2018-11-29 15:21:28 -03:00
Felipe Zimmerle	d2b14de268	Allow 0 length JSON requests As discussed at: #1822	2018-11-29 10:39:46 -03:00
Felipe Zimmerle	ce3abf2626	Adds support to multiple ranges in ctl:ruleRemoveById Issue #1956	2018-11-26 20:48:18 -03:00
Victor Hora	cbf2fe9703	Adjust boundary test cases for the less strict parsing	2018-11-20 22:17:53 -03:00

1 2 3 4 5 ...

326 Commits