github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,762 Commits 55 Branches 109 Tags
Commit Graph

2762 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felipe Zimmerle
5ed5377432
Using VariableValue instead of Variable 2018-10-11 10:01:32 -03:00
Felipe Zimmerle
2d87fc5184
highlight: Fix JSON structure 2018-10-11 10:01:28 -03:00
Felipe Zimmerle
7fb937eabe
Fix on the m_buf generation: avoid padding before request body 2018-10-11 10:01:22 -03:00
Felipe Zimmerle
628c7d1697
Adds request_headers_names.conf to reading_logs_via_rule_message example 2018-10-11 10:01:18 -03:00
Felipe Zimmerle
665b54f5c4
Having a better error handler for the highlight feature 2018-10-11 10:01:13 -03:00
Felipe Zimmerle
a586809db5
Changes the line terminator to fixed value: \n 
\r is no longer take into consideration
 2018-10-11 10:01:09 -03:00
Felipe Zimmerle
2ddb8eb512
Adjusts the line terminator in the RuleMessage::m_buf variable 2018-10-11 10:01:04 -03:00
Felipe Zimmerle
e83f66ee49
Adds support to m_highlightJSON in RuleMessage class 
This variable helds a JSON with information regarding all matches.
Only filled when IncludeFullHighlightLog property is set.
 2018-10-11 10:00:59 -03:00
Felipe Zimmerle
eec95cfe17
First version of the inline highlight calculation 2018-10-11 10:00:54 -03:00
Felipe Zimmerle
aa8fb3434f
Makes matchedvars inline 2018-10-10 23:49:26 -03:00
Felipe Zimmerle
0961760c71
Fix multimatch behavior to match what we have on v2 2018-10-10 18:01:48 -03:00
Felipe Zimmerle
11ebd17b9d
CHANGES: Adds info about: 0x70e32 2018-10-09 22:06:41 -03:00
Felipe Zimmerle
8c6a2ee11a
Using values after transformation at MATCHED_VARS 2018-10-09 22:04:20 -03:00
Felipe Zimmerle
0af0d3bb97
Small fix on @detectXSS test case 2018-10-04 15:02:38 -03:00
Felipe Zimmerle
3691186b75
Adds full support to UpdateActionById. 
Issue #1800
 2018-10-04 01:08:29 -03:00
Felipe Zimmerle
3e9ca37480
Refactoring on the RULE variable 2018-09-28 22:38:40 -03:00
Felipe Zimmerle
7110f97941
Refactoring on the Rule class 2018-09-28 14:13:15 -03:00
Felipe Zimmerle
5cf477ad48
Adds partial support to UpdateActionById 2018-09-26 15:57:02 -03:00
Felipe Zimmerle
bc3d3f1915
Adds support to setenv action 
Issue #1044
 2018-09-25 10:19:52 -03:00
Felipe Zimmerle
4dd2812757
Adds new transaction constructor that accepts the transaction id as parameter. 2018-09-24 21:36:06 -03:00
Felipe Zimmerle
c721e101c0
Adds request IDs and URIs to the debug log 2018-09-24 21:07:11 -03:00
Felipe Zimmerle
0e8cd767e7
CHANGES: Adds info about: 0x028e0 and 0x275a1 2018-09-24 16:40:34 -03:00
Felipe Zimmerle
cdf2da1a09
Adds test case related to issue #1725 2018-09-24 16:39:57 -03:00
Felipe Zimmerle
98b9ae659d
Having a better organization for Variables:: 2018-09-24 16:39:48 -03:00
Felipe Zimmerle
ee50fea266
Handling key exceptions on the variable itself 
This is the first step towords to solve #1697
 2018-09-24 16:16:30 -03:00
Victor Hora
0d53111cb0 CHANGES: Adds info about: #1859 2018-09-19 19:51:20 -04:00
Victor Hora
5aa79c17f2 Add test cases for m.setvar in Lua scripts 2018-09-19 19:47:05 -04:00
Victor Hora
6f458b5203 Fix on top of jmx's m.setvar commit for USER collection in Lua scripts 2018-09-19 19:41:49 -04:00
jxm
45cdb0ed90 fix: function m.setvar not work in lua script 2018-09-19 19:34:13 -04:00
Felipe Zimmerle
c2bc695265
parser: Fix typo on SanitiseArgs 
Related to: #715 and #1889
 2018-09-12 09:37:34 -03:00
Felipe Zimmerle
9c73c09abd
parser: Updates the generated parser file 2018-09-11 21:01:13 -03:00
Victor Hora
a719871458
Fix matching condition and adjust test case 2018-09-11 20:53:17 -03:00
Victor Hora
379f370095
Fix SecResponseBodyAccess and ctl:requestBodyAccess directives 2018-09-11 20:52:30 -03:00
Victor Hora
5c048e3cc4
Explicitly include time.h to fix building the examples 2018-09-11 20:46:19 -03:00
Victor Hora
dce2fed310
Add exception to linker as OpenBSD doesn't like static 2018-09-11 20:45:58 -03:00
Victor Hora
0c0b09ec52
Use glob.h when using OpenBSD 2018-09-11 20:45:58 -03:00
Victor Hora
d97688804e
Fix parser to support GeoLookup with MaxMind 2018-09-11 20:40:28 -03:00
Victor Hora
0a88e0237f
Allow libMaxmind to work with Ubuntu PPA packages 2018-09-11 20:36:30 -03:00
Felipe Zimmerle
dfbff090be
test case: Adds test case related to #1831 2018-09-11 15:40:41 -03:00
Felipe Zimmerle
764a2e43ff
parser: Fix simple quote setvar in the end of the line. 
Fix #1831
 2018-09-11 15:35:26 -03:00
Felipe Zimmerle
738e328723
CHANGES: Adds info about: #1847 2018-09-06 15:39:42 -03:00
Guillaume Quintard
788b696421
Fix pc file 
the include path can't have @PACKAGE@ at the end as we include headers
with

 #include <modsecurity/modsecurity.h>

so it's already in there
 2018-09-06 15:38:17 -03:00
Felipe Zimmerle
16ab99ce3e
modsec_rules_check: uses the gnu .la' instead of .a' file 2018-09-06 11:48:14 -03:00
Felipe Zimmerle
d7b9726357
good practices: Initialize variables before use it 
Original author: Marc Stern (#1889)
 2018-09-05 23:35:24 -03:00
Felipe Zimmerle
d302b99ec5
Adds test case for: #1812 2018-09-05 16:00:42 -03:00
Felipe Zimmerle
4585216ae6
Adds more tests to REQUEST_BASENAME 
Meant to test #1795
 2018-09-04 22:02:56 -03:00
Felipe Zimmerle
a85ca00a55
Fix utf-8 character encoding conversion 
Reported on: #1794
 2018-09-04 21:01:11 -03:00
Victor Hora
90197bdd99 CHANGES: Adds info about: #1807 2018-08-23 12:09:21 -04:00
Victor Hora
aa158ceef3
Set the correct variable (m_requestBodyType) and add test case 2018-08-22 22:46:37 -03:00
Victor Hora
f999f54eda
Adds support for ctl:requestBodyProcessor=URLENCODED 2018-08-22 22:07:04 -03:00