github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-30 11:44:32 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,406 Commits 55 Branches 109 Tags
1edd3570e11e9bb2b6d86b249232b24917a4b0ac
Commit Graph

93 Commits

Author SHA1 Message Date
Felipe Zimmerle
49b7ea99e6 Adds a set of sanity checks to validate API inputs (1 of 2) 2017-06-21 12:59:19 -07:00
Felipe Zimmerle
f5b47a8077 Duplicates the url variable in the disruptive action 
The log message needs to be freed by the consumer. Doing the same with
the url to keep the API consistent.
 2017-06-19 18:32:17 -03:00
Felipe Zimmerle
4726912ec8 Audit Log: Adds space after response size 
Reported at #1452
 2017-06-16 22:55:15 -03:00
Michael Simpson
7e59250068 Fix JSON parsing error message 2017-04-24 16:37:35 -03:00
Felipe Zimmerle
d15b57895b Fix the Multipart parser error for unknown content type 2017-03-28 09:38:10 -03:00
Felipe Zimmerle
e2af60e765 Expands log_cb to share ruleMessage structure instead text 
Text version still available and it is the default options
 2017-03-06 15:02:04 -03:00
Felipe Zimmerle
c3cb23f47d Removes the ';' from the x-www-form-urlencoded body-processor comparison 2017-03-06 15:02:03 -03:00
Felipe Zimmerle
39761ce7b8 Discards the `charset' from the C-T while checking for body processors 
Issue #1330
 2017-03-06 15:02:03 -03:00
Felipe Zimmerle
7ab192e90f Using method instead of procol in the audit logs. 
Issue #1331
 2017-03-06 15:02:03 -03:00
Felipe Zimmerle
4ad3574cf2 Adds offset regression tests and assorted fixes on var's offsets 2017-03-06 15:02:02 -03:00
Felipe Zimmerle
6f47462110 Fix compilation when YAJL is not present 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
d851699529 Adds references to the collection variables 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
f2d149fc5f Extends the direct access model to other collections 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
ca24b6bb06 PoC: Adds support to direct access on ARGS collection 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
c1f11ab4e5 Cosmetics: assorted fixes on the coding style 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
ecbf292f6d Adds first PoC for the operator offset feature 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
e95555132e Contionuation of 1 time variable patch 
Now we have almost 100% of the transaction variables hosted on the
new schema. Variable modifcators (count and exclusion) are not yet
supported on the new schema. Notice that setvar is now using the
parser.
 2017-03-06 15:01:58 -03:00
Felipe Zimmerle
703da3c4f0 Adds PoC about 1-time variable resolution and draft for offset 
There is no need for the variable purely associated with the
transaction (transient) be part of collection that demands
lookups. Also, those variables will held the concept of offset:
The offset from the first byte of the request till the start of
the variable.
 2017-03-06 15:01:52 -03:00
Felipe Zimmerle
a7f465cf3a Avoids string copy by working with pointers while resolving variables 2016-12-28 20:00:14 -03:00
Felipe Zimmerle
bbb61d560c Changes the saving selection for the audit logs 2016-12-28 17:48:21 -03:00
Felipe Zimmerle
9c7416da97 Refactoring the actions classes 2016-12-28 15:20:06 -03:00
Felipe Zimmerle
73877d403a Adds support to section "E" in the auditlogs 2016-12-16 10:55:30 -03:00
Felipe Zimmerle
317808fe54 Adds section "H" to serial audit log 2016-12-16 00:07:15 -03:00
Felipe Zimmerle
2d29740ca4 Cosmetics: better format the serial audit logs 2016-12-15 23:32:53 -03:00
Felipe Zimmerle
c1e96d6c2b Fix rules messages in the audit logs 2016-12-15 23:11:54 -03:00
Felipe Zimmerle
2e9a35c358 Refactoring on the audit logs implementation 
Among of other things, it is now supporting shared file locks between
different process.
 2016-12-14 23:17:28 -03:00
Felipe Zimmerle
31d5d79089 Removes charset=UTF-8 from content-type variable 2016-12-07 15:59:20 -03:00
Felipe Zimmerle
cce6179dcc Refactoring: new structure for logging alerts 
Disruptive actions were moved to actions::disruptive namespace
 2016-12-01 14:14:54 -03:00
Felipe Zimmerle
bfc30dad34 Refactoring: how to report to error logs 2016-12-01 01:05:29 -03:00
Felipe Zimmerle
9116a19bcc Using the decoded uri in REQUEST_URI instead of the encoded one 2016-11-28 12:20:11 -03:00
Felipe Zimmerle
d3a4ec760c Removes slash from REQUEST_BASENAME 2016-11-22 15:33:32 -03:00
Felipe Zimmerle
293a849668 Adds m_uri_no_query_string_decoded to transaction 2016-11-22 15:23:47 -03:00
David Testé
f5898e94c7 Fix documentation typos 2016-11-14 10:23:51 -03:00
Felipe Zimmerle
3ee7b24928 Adds refCounter to actions 2016-11-08 18:14:34 -03:00
Felipe Zimmerle
2244e874e2 Moves static methods from class String to the namespace string 2016-11-04 16:00:44 -03:00
Felipe Zimmerle
62a0cb468b Renames utils/msc_string.[h|cc] to utils/string.[h|cc] 2016-11-04 16:00:42 -03:00
Felipe Zimmerle
424418f54b Renames msc_system.[h|cc] to system.[h|cc] 2016-11-04 16:00:36 -03:00
Felipe Zimmerle
4ced1d18e0 Using full path in the header inclusion 2016-11-04 14:45:01 -03:00
Felipe Zimmerle
768cc74f0e Moves RuleMessage to its own file 2016-11-04 11:58:57 -03:00
Felipe Zimmerle
507ec44cc2 Refactoring on `utils.cc' and adjacents 
Completely removed the `utils.cc' by moving residual functions into
sub-classes of `utils/'
 2016-11-03 20:26:27 -03:00
Felipe Zimmerle
f1e742c159 Moves system related functions from utils' to utils/system' 2016-11-03 10:48:10 -03:00
Felipe Zimmerle
73c4d69174 Moves string related functions from utils' to utils/string' 2016-11-03 10:47:22 -03:00
Felipe Zimmerle
4711644600 dds support to CtlRequestBodyAccess 2016-10-28 09:48:10 -03:00
Abhi Joglekar
28a44b966a SecLang uses RESPONSE_STATUS as variable, not STATUS 
Seclang uses RESPONSE_STATUS as variable to encode the status code for the
request.
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#RESPONSE_STATUS

The CRS v3.0.0-dev rules, for instance, uses the RESPONSE_STATUS variable.
https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/v3.0.0-dev/rules/RESPONSE-50-DATA-LEAKAGES-IIS.conf

When processing response headers, the variable was named STATUS when creating/storing
it in the collection. Fix it, and update regression testcases.
 2016-10-18 21:30:06 -03:00
Felipe Zimmerle
b48e4b3a37 refactoring: Moves Phases enum to outside ModSecurity class 2016-10-07 19:05:50 -03:00
Felipe Zimmerle
c680ddf2cd Refactoring on rulesProperties class 
Among of other things the merge process was improved to detect if
certain properties were set on the origin rule set.
 2016-10-05 12:01:15 -03:00
Felipe Zimmerle
52808b6cf0 Allows REQUEST_HEADERS:Content-Type to be null 
If REQUEST_HEADERS:Content-Type is null, REQBODY_ERROR will be marked as "0"
 2016-07-18 21:31:26 -03:00
Felipe Zimmerle
4cf6c714ac Cosmetics: Fix coding style 2016-07-12 21:59:17 -03:00
Felipe Zimmerle
4078677b7f Cosmetic changes: applies changes suggested by static analysis 2016-07-12 00:46:12 -03:00
Alexey Zelkin
f43704dbef Add explicit 'return true;' for Transaction::extractArguments() 
Unbreaks runtime for FreeBSD 10 (clang generated code)
 2016-07-04 22:42:36 -03:00