github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,071 Commits 55 Branches 109 Tags
Commit Graph

202 Commits

Author SHA1 Message Date
Felipe Zimmerle
7ccf54d330 Adds md5 transformation 
Replaced the old md5 implementation by the mbetls one.
 2016-05-24 21:28:19 -03:00
Felipe Zimmerle
348cf3bfab Adds support to the REMOTE_USER variable 2016-05-23 18:32:53 -03:00
Felipe Zimmerle
f989ecd5cb Adds support to SecXMLExternalEntity 2016-05-18 17:02:15 -03:00
Felipe Zimmerle
6a7b970fe3 Adds support to ctl:requestBodyProcessor=XML 2016-05-18 10:30:25 -03:00
Felipe Zimmerle
1f45d6cea8 Adds full support to the libxml action 
Issue #1148
 2016-05-18 09:47:30 -03:00
Felipe Zimmerle
8c714af8e1 Actions refactoring: now there is a clear definiation on the action name 2016-05-17 14:36:59 -03:00
Felipe Zimmerle
1b88947d9b Adds support 'xmlns' action to the libmodsec parser 2016-05-16 18:24:54 -03:00
Felipe Zimmerle
3e8defb853 Adds support to the operator @validateDTD 
Further info #1003
 2016-05-13 09:20:10 -03:00
Felipe Zimmerle
6a40752500 Adds XML variable, xml body request processor and @validateSchema 2016-05-12 11:11:40 -03:00
Felipe Zimmerle
35636674e3 Adds the missing regression tests for USERID 2016-05-11 20:36:47 -03:00
Felipe Zimmerle
ff9aa5c7cf Adds support to the variable SESSIONID 2016-05-06 14:38:38 -03:00
Felipe Zimmerle
a2a47798e9 Adds support to the collection SESSION and setsid action 2016-05-06 14:38:04 -03:00
Felipe Zimmerle
bc887cdcf2 Fix Valgrind regression test script 
Calling the right binary name
 2016-05-03 17:40:11 -03:00
Felipe Zimmerle
5643d2fa28 Warming up to the remote collections support 
Huge refactoring to have the code in shape to later support the
remote collections with different backends.
 2016-05-03 17:39:49 -03:00
Felipe Zimmerle
19137452c4 Updates `secrules-language-tests' reference. 
SpiderLabs/ModSecurity#1098
 2016-04-04 15:22:24 -03:00
Felipe Zimmerle
e5acc95de8 First version of global' and ip' collections 2016-03-30 18:22:00 -03:00
Felipe Zimmerle
c43391072c Fix some issues reported by the static analysis 2016-03-18 19:37:51 -03:00
Felipe Zimmerle
88ca736543 Avoids the installation of test utilities during `make install' 
Those utilities are not interesting for the general usage, most
likekly it will be used by very retrict number of people whom are
likely to compile ModSecurity by their selfs.

This issue was reported on #1083
 2016-03-18 14:26:41 -03:00
Felipe Zimmerle
e0926fee37 Fix parser error while dealing with operator negation 
This patch closes the issue #960
 2016-03-17 18:06:46 -03:00
Felipe Zimmerle
1f68075a28 Process the logging phase on the benchmark utility 2016-02-17 14:39:10 -03:00
Felipe Zimmerle
49fc1f8b79 Fix memory leak on the benchmark utility 
Now deleting the transaction object even if there is an intervention
 2016-02-16 23:04:07 -03:00
Felipe Zimmerle
a102b5ce2c Improves the method fill the ARGS collection 2016-01-15 10:35:24 -03:00
Felipe Zimmerle
2830525f89 Adds missing file: script.lua 2016-01-14 12:07:59 -03:00
Felipe Zimmerle
a51e707517 Renames class Assay to Transaction 2016-01-13 15:57:00 -03:00
Felipe Zimmerle
f3fd5d6621 Adds owasp/2 experiemntal rules on the test set for benchmark 2016-01-12 14:24:59 -03:00
Felipe Zimmerle
331df90bab Enables OWASP CRS optional_rules on becnhmark test case 2016-01-12 10:50:38 -03:00
Felipe Zimmerle
ab92bed6fa Parser improvement: Supporting variables selection with regex 2016-01-12 09:59:33 -03:00
Felipe Zimmerle
ed13cab9f4 Adds script to download and configure benchmark script to use owasp v[3,2] 2016-01-11 17:50:15 -03:00
Felipe Zimmerle
a4d8dfd5ee Adds ModSecurity recommended configuration file 2016-01-11 13:56:14 -03:00
Felipe Zimmerle
a225f8b5b7 Fix SecResponseBodyMimeType test case 2016-01-06 17:00:43 -03:00
Felipe Zimmerle
decf04d264 Adds support to SecResponseBodyMimeType 2015-12-24 11:55:24 -03:00
Felipe Zimmerle
c2d9a153cb Adds support to afl fuzzer in the build system 2015-12-23 00:27:30 -03:00
Felipe Zimmerle
913e22a77d Adds initial support to initcol action 2015-12-22 12:10:15 -03:00
Felipe Zimmerle
2a950a435b Fix various minor bugs in the regression test suite 
Now if a test fails it keep testing the others tests from the same
family. The output was also improved.
 2015-12-10 18:36:20 -03:00
Felipe Zimmerle
80b82d3707 Adds the Global LDADD option and fed according to the platform 2015-12-01 17:34:18 -03:00
Felipe Zimmerle
b5a43871e6 Changes library namespace from ModSecurity to modsecurity 2015-12-01 10:55:59 -03:00
Felipe Zimmerle
a69e49a1b0 Makes DebugLogs optional by compilation flag 2015-11-26 17:11:40 -03:00
Felipe Zimmerle
fbf8ea74f3 Makes YAJL dependency to be optional 2015-11-24 16:03:33 -03:00
ajrpayne
45711b5224 Update issue-960.json with 3rd test. 2015-11-23 10:08:21 -03:00
Felipe Zimmerle
d8361d57c6 Adds a regression test for issue #960 2015-11-20 15:24:09 -03:00
Felipe Zimmerle
18c862a84a Adds the concept of `resources' to the regression test utility 
If a given resource is not available the test is skipped. Useful
to test operators that depends on 3rd party libraries that may
not be available, for instance: GeoIP.
 2015-11-20 13:39:57 -03:00
Felipe Zimmerle
283c8c818d Fix some static analysis warnings 2015-11-18 13:56:31 -03:00
Felipe Zimmerle
ac61d1c40b Adds missing file 2015-11-18 13:30:59 -03:00
Felipe Zimmerle
3c45a57130 Fix regression tests structure : using method instead of protocol 2015-11-18 11:14:49 -03:00
Andrew Hutchings
c035e76ede Avoid segfault if parser `ref' is empty 2015-11-17 11:28:47 -03:00
Ivan Prokhorov
7a300eb945 Fix pcre cflags variable and adds LDFLAGS for dependencies 2015-11-16 09:15:38 -08:00
Felipe Zimmerle
ca33ba4200 Temporary adds the missing optimization.cc 2015-11-06 05:37:47 -08:00
Felipe Zimmerle
9e295dedca Adds rules optimization test app 2015-11-06 19:00:57 -03:00
Felipe Zimmerle
48704c27a9 Removes some memory leaks 2015-10-30 18:59:08 -03:00
Felipe Zimmerle
93031d93d0 Cosmetics: Fix coding style issues 2015-10-27 10:21:14 -03:00