github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,999 Commits 55 Branches 109 Tags
Commit Graph

986 Commits

Author SHA1 Message Date
Felipe Zimmerle
9343942398 Adds mutex around the write operation on the auditlogs 2016-01-20 10:21:21 -03:00
Felipe Zimmerle
b46dc34573 Temporarily disable the HTML ENTITY DECODE transformation 2016-01-18 13:48:00 -03:00
Felipe Zimmerle
a102b5ce2c Improves the method fill the ARGS collection 2016-01-15 10:35:24 -03:00
Felipe Zimmerle
98f45f357a Using a better number generator to avoid conflicts 2016-01-15 09:34:51 -03:00
Felipe Zimmerle
36dfe81da0 Adds YAJL_CFLAGS to the project core 2016-01-15 08:12:40 -03:00
Felipe Zimmerle
fc225ff001 Fix whoAmI() call on Transaction 2016-01-15 08:12:27 -03:00
Felipe Zimmerle
b06eaadac7 Places the classes related to audit log into a separate namespace 2016-01-14 14:29:36 -03:00
Felipe Zimmerle
aaf995cc71 Adds missing file: transaction.h and removes assay.cc from git 2016-01-14 12:07:25 -03:00
Felipe Zimmerle
4db5cc7d26 Refactoring on Transaction class: adding comments and renaming variables 2016-01-14 12:02:59 -03:00
Felipe Zimmerle
6f1e6f37d7 Fix trasanction cleanup on the C API 2016-01-14 09:39:11 -03:00
Felipe Zimmerle
a51e707517 Renames class Assay to Transaction 2016-01-13 15:57:00 -03:00
Felipe Zimmerle
d780fd6290 Fix the parse to distinguish between @pm content and a variable 
Before this patch the parser was not understanding @pm content that
contains a variable.
 2016-01-12 13:59:27 -03:00
Felipe Zimmerle
702551ed42 Adds support to action `exec' to sec lang parser 2016-01-12 10:57:06 -03:00
Felipe Zimmerle
923620fbd0 Adds support to the action `allow' in the sec parser 2016-01-12 10:42:36 -03:00
Felipe Zimmerle
7901c2c899 Adds the actions SetSID and SetUID to the seclang parser 2016-01-12 10:34:33 -03:00
Felipe Zimmerle
ab92bed6fa Parser improvement: Supporting variables selection with regex 2016-01-12 09:59:33 -03:00
Felipe Zimmerle
3acc013e49 Improves the secrules parser 2016-01-11 17:50:35 -03:00
Felipe Zimmerle
f23908f145 Improves the secrules parser 2016-01-11 15:14:26 -03:00
Felipe Zimmerle
8c7b6199f7 Optimization on the tolower function 2016-01-07 09:16:06 -03:00
Felipe Zimmerle
0762892368 Small fix on pull request #982 2016-01-06 17:00:43 -03:00
Chaim Sanders
e38a468a26 Updated with suggestions from @zimmerle for code style 2016-01-06 17:00:43 -03:00
Chaim Sanders
b3ab9a4084 Support for correct implimentation of REQUEST_URI 2016-01-06 17:00:43 -03:00
Felipe Zimmerle
dd35b47764 Removes initcol debug messages 2016-01-06 17:00:43 -03:00
Felipe Zimmerle
decf04d264 Adds support to SecResponseBodyMimeType 2015-12-24 11:55:24 -03:00
Felipe Zimmerle
c2d9a153cb Adds support to afl fuzzer in the build system 2015-12-23 00:27:30 -03:00
Felipe Zimmerle
913e22a77d Adds initial support to initcol action 2015-12-22 12:10:15 -03:00
Felipe Zimmerle
fb3696ac04 Fix a few things to provide an easy interface for script bindings 2015-12-22 11:53:36 -03:00
Felipe Zimmerle
ac10d8863c Changes the operator evaluate method to only support two arguments 
Second argument can be empty if there is not need for it.
 2015-12-22 11:53:31 -03:00
Felipe Zimmerle
215c4d1071 Fix ARGS_POST and ARGS_GET variables order on the parser 2015-12-11 09:26:01 -03:00
Felipe Zimmerle
42ce0475b2 Coding style: changes the namespace in the comments 2015-12-10 13:20:32 -03:00
Felipe Zimmerle
80b82d3707 Adds the Global LDADD option and fed according to the platform 2015-12-01 17:34:18 -03:00
Felipe Zimmerle
467c977afc Fix compilation without the GeoIP headers installed on the system 2015-12-01 15:27:14 -03:00
Felipe Zimmerle
854ca4c1cd Removes libinjection sources from the main project and add it as subfolder 
That way we can control the CFLAGS that will be sent to libinjection.
Avoiding, for instance, the utilization of c++11 on libinjection c code.
 2015-12-01 11:21:28 -03:00
Felipe Zimmerle
ea636e80ee Clarifies conditional by placing its parts into parentheses 2015-12-01 10:56:50 -03:00
Felipe Zimmerle
b5a43871e6 Changes library namespace from ModSecurity to modsecurity 2015-12-01 10:55:59 -03:00
Felipe Zimmerle
fbf8ea74f3 Makes YAJL dependency to be optional 2015-11-24 16:03:33 -03:00
Felipe Zimmerle
09a958544d Makes @geoLookup optional depending on the availability of libGeoIP 2015-11-20 11:09:05 -03:00
Felipe Zimmerle
de79848285 Code cosmetics 2015-11-18 12:59:08 -03:00
Andrew Hutchings
c035e76ede Avoid segfault if parser `ref' is empty 2015-11-17 11:28:47 -03:00
Andrew Hutchings
f65b08b066 Fix parser to accept redirect action without single quote 2015-11-17 11:08:39 -03:00
Ivan Prokhorov
7a300eb945 Fix pcre cflags variable and adds LDFLAGS for dependencies 2015-11-16 09:15:38 -08:00
Felipe Zimmerle
47233adf3b Revert "Adds experimental operator cache" 
This reverts commit 326696976fe0bb0f536a910d0038e8fe8bbdaa34.
 2015-11-16 09:15:31 -08:00
Felipe Zimmerle
326696976f Adds experimental operator cache 2015-11-06 10:46:46 -03:00
Felipe Zimmerle
c204f1f003 test: Increases the cache size of the urldecode transformation 2015-11-05 14:18:24 -03:00
Felipe Zimmerle
bb30d42b57 Speed up the random number generation 2015-11-05 14:16:26 -03:00
Felipe Zimmerle
45638ccc91 Limit the amount of transformations inside the cache storage 2015-11-04 16:20:31 -03:00
Felipe Zimmerle
5bef19aa4d Variables resolution results now stored into a std::vector instead of std::list 2015-11-04 15:51:22 -03:00
Felipe Zimmerle
2ee5d4ca8f Testing performance enhancements by enabling transformations cache 
Also reduce the utilization of dynamic cast.
 2015-11-04 00:28:04 -03:00
Felipe Zimmerle
e641c3cc17 Huge improve in the variables resolution time 2015-11-03 22:44:59 -03:00
Felipe Zimmerle
4a771f8c2c Fix pkginclude_HEADERS 2015-10-30 18:59:14 -03:00