github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 16:06:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,022 Commits 55 Branches 109 Tags
Commit Graph

250 Commits

Author SHA1 Message Date
Felipe Zimmerle
6f7fdd9493
Using direct variable access instead m_collections 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
43bba3f942
Removes the depricated MacroExpansion class 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
f17af95728
Using RunTimeString on setvar action 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
a299997e02
Using run time string on the operators 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
6fe8655ed9
Adds support for RunTimeString 
Using RunTimeStrings instead of runtime parser for
macro expansion.
 2018-02-20 13:40:00 -03:00
Izik Abramov
e9f3312ea9
fixed compilation error with disable_debug_log flag 2017-12-12 09:48:08 -03:00
Felipe Zimmerle
3fb71f32d8
Coding style fixes 2017-11-13 22:32:11 -03:00
Felipe Zimmerle
082a3e3287
Adds support to SecWebAppID 2017-11-08 09:33:14 -03:00
Felipe Zimmerle
cb3363c7d5
Adds support for the exec action 2017-11-05 23:31:07 -03:00
Felipe Zimmerle
274f9e5aa1
Refactoring on RuleMessage class, now accepting http code as parameter 2017-10-19 23:00:47 -03:00
Felipe Zimmerle
1ad95254cd
Avoids unicode initialization on every rules block 
ModSecurity-nginx/#67
ModSecurity/#1563
 2017-10-11 12:40:48 -03:00
michaelgranzow-avi
3a048ee2db
Support --enable-debug-logs=no option of configure script (#2) 
* Support --enable-debug-logs=no option of configure script

* Undo unintended white space changes

* Undo more unintended white space changes

* Address review comments - thanks Mirko

* Address more review comments - thanks Mirko
 2017-08-23 23:50:16 -03:00
Felipe Zimmerle
9ee412735d parser: Improves the reading for the url in the redirect action 2017-08-15 15:18:52 -03:00
Lasse Karstensen
515e073503
Rename FromNowOneAllowType to FromNowOnAllowType. 
This misspelling is confusing (is it allow one more rule, or all of
them?) and since v3 isn't released yet, use the major version bump
opportunity to rectify it.
 2017-07-28 22:46:55 -03:00
Felipe Zimmerle
4bec6b0019
Adds support to ctl:ruleEngine 2017-07-27 22:05:10 -03:00
Felipe Zimmerle
9cb3f23b50
Adds support to setrsc action 2017-06-09 16:59:04 -03:00
Victor Hora
37868d1534
Add missing feature: t:uppercase transformation 2017-06-02 21:47:54 -03:00
Felipe Zimmerle
37619bae77
Removes local cache for transformations 2017-05-10 09:29:08 -03:00
Felipe Zimmerle
6421ff087a
Forces disruptive to be first-rule-only 
ModSecurity version 3 is capable to handle disruptive actions in different
rules from the chain. However, lets get it working in the same fashion that
we have in version 2.
 2017-04-24 21:06:35 -03:00
Felipe Zimmerle
cf4deaa3a0
Using uint64_t instead of u_int64_t 2017-03-28 12:55:40 -03:00
Felipe Zimmerle
e2af60e765
Expands log_cb to share ruleMessage structure instead text 
Text version still available and it is the default options
 2017-03-06 15:02:04 -03:00
Felipe Zimmerle
027d50b76b
Adds first version of `processContentOffset' 
This commit also includes an example application on how to use the
`processContentOffset' method.
 2017-03-06 15:02:02 -03:00
Felipe Zimmerle
e95efa05cc
Fix assorted memory and static analysis errors 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
f2d149fc5f
Extends the direct access model to other collections 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
ca24b6bb06
PoC: Adds support to direct access on ARGS collection 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
c1f11ab4e5
Cosmetics: assorted fixes on the coding style 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
b516cc6de1
Adds operation unset to setVar action 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
e95555132e
Contionuation of 1 time variable patch 
Now we have almost 100% of the transaction variables hosted on the
new schema. Variable modifcators (count and exclusion) are not yet
supported on the new schema. Notice that setvar is now using the
parser.
 2017-03-06 15:01:58 -03:00
Felipe Zimmerle
0c37ba336b
Fixed utf8ToUnicode bad memory access 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
068a3eb517
Fixed bad memory access in utf8ToUnicode class 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
60402d8b80
Renames defaultActions to m_defaultActions in RulesProperties 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
168fa22e19
Collections cleanup: removes resolveFirstCopy method 2016-12-28 19:56:27 -03:00
Felipe Zimmerle
15b81d09e7
Refactoring on the transformation classes 2016-12-28 19:53:37 -03:00
Felipe Zimmerle
bbb61d560c
Changes the saving selection for the audit logs 2016-12-28 17:48:21 -03:00
Felipe Zimmerle
9c7416da97
Refactoring the actions classes 2016-12-28 15:20:06 -03:00
Felipe Zimmerle
cce6179dcc
Refactoring: new structure for logging alerts 
Disruptive actions were moved to actions::disruptive namespace
 2016-12-01 14:14:54 -03:00
Felipe Zimmerle
bfc30dad34
Refactoring: how to report to error logs 2016-12-01 01:05:29 -03:00
Felipe Zimmerle
e6b58014db
Cosmetics: Fix some static analysis report 2016-11-29 14:31:15 -03:00
Felipe Zimmerle
9bd37ccb63
Refactoring: Rule class 2016-11-28 13:07:25 -03:00
Felipe Zimmerle
a776cce6d7
Changes RULE variable group to be save at transient collection 2016-11-28 13:00:04 -03:00
Felipe Zimmerle
2930d40d57
Changes the actions to affect the ruleMessage instead of transaction 2016-11-28 12:32:31 -03:00
Felipe Zimmerle
8fa0523fe0
Adds initial support to the multiMatch action 2016-11-28 12:20:18 -03:00
Felipe Zimmerle
eecb90cfd0
setvar: needs review 2016-11-28 12:12:04 -03:00
Felipe Zimmerle
3ee7b24928
Adds refCounter to actions 2016-11-08 18:14:34 -03:00
Felipe Zimmerle
2244e874e2
Moves static methods from class String to the namespace string 2016-11-04 16:00:44 -03:00
Felipe Zimmerle
62a0cb468b
Renames utils/msc_string.[h|cc] to utils/string.[h|cc] 2016-11-04 16:00:42 -03:00
Felipe Zimmerle
4ced1d18e0
Using full path in the header inclusion 2016-11-04 14:45:01 -03:00
Felipe Zimmerle
768cc74f0e
Moves RuleMessage to its own file 2016-11-04 11:58:57 -03:00
Felipe Zimmerle
507ec44cc2
Refactoring on `utils.cc' and adjacents 
Completely removed the `utils.cc' by moving residual functions into
sub-classes of `utils/'
 2016-11-03 20:26:27 -03:00
Felipe Zimmerle
73c4d69174
Moves string related functions from utils' to utils/string' 2016-11-03 10:47:22 -03:00