github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 11:16:33 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,397 Commits 55 Branches 109 Tags
20134ef242f374fd37f3224ea98cecded9abd2e2
Commit Graph

189 Commits

Author SHA1 Message Date
Felipe Zimmerle
9cb3f23b50 Adds support to setrsc action 2017-06-09 16:59:04 -03:00
Felipe Zimmerle
c97db2f361 Adds verbose message when a resource is not found. 
Fix #1309
 2017-05-02 13:39:37 -03:00
Felipe Zimmerle
6421ff087a Forces disruptive to be first-rule-only 
ModSecurity version 3 is capable to handle disruptive actions in different
rules from the chain. However, lets get it working in the same fashion that
we have in version 2.
 2017-04-24 21:06:35 -03:00
Felipe Zimmerle
e2bbe9858f XML Parser: removes unnecessary message from debug logs 
Fix #44
 2017-04-05 09:40:05 -03:00
Felipe Zimmerle
4ad3574cf2 Adds offset regression tests and assorted fixes on var's offsets 2017-03-06 15:02:02 -03:00
Felipe Zimmerle
44121bdee3 Updates secrules-language-tests 2017-03-06 15:02:01 -03:00
Felipe Zimmerle
c06daba398 Adds support for curl resource on the regression tests 2017-03-06 15:02:01 -03:00
Felipe Zimmerle
f2d149fc5f Extends the direct access model to other collections 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
6abbb7e91e Fix regular expression test case and updates the test list 
Repoted on #1295
 2017-03-06 15:01:52 -03:00
Felipe Zimmerle
a6f07f621d Makes the lexical errors a little bit more verbose 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
59114dd598 Refactoring on the operators parsers (2/2) 
This is the first step towards remove the memory leaks in the parser
 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
a7f465cf3a Avoids string copy by working with pointers while resolving variables 2016-12-28 20:00:14 -03:00
Felipe Zimmerle
1218d8c845 Fix the audit log engine status selection 
SecAuditEngine was not being respected by the auditlog generation
 2016-12-15 14:55:31 -03:00
Felipe Zimmerle
2e9a35c358 Refactoring on the audit logs implementation 
Among of other things, it is now supporting shared file locks between
different process.
 2016-12-14 23:17:28 -03:00
Felipe Zimmerle
1719e1d7e9 test-cases: updates the remote reference 2016-12-01 14:23:18 -03:00
Felipe Zimmerle
bfc30dad34 Refactoring: how to report to error logs 2016-12-01 01:05:29 -03:00
Felipe Zimmerle
9bd37ccb63 Refactoring: Rule class 2016-11-28 13:07:25 -03:00
Felipe Zimmerle
eecb90cfd0 setvar: needs review 2016-11-28 12:12:04 -03:00
Felipe Zimmerle
d3a4ec760c Removes slash from REQUEST_BASENAME 2016-11-22 15:33:32 -03:00
Felipe Zimmerle
c98be42f8f Limits the transformation output to 80 chars in the debug logs 2016-11-16 15:37:52 -03:00
Felipe Zimmerle
d3de1c743a Adds missing action-ctl_rule_remove_by_id.json 2016-10-31 13:19:34 -03:00
Felipe Zimmerle
4711644600 dds support to CtlRequestBodyAccess 2016-10-28 09:48:10 -03:00
Felipe Zimmerle
161cc36acf Adds support to action CtlRuleRemoteTargetById 2016-10-26 10:58:42 -03:00
Felipe Zimmerle
9245369a54 Adds support to action CtlRuleRemoteTargetByTag 2016-10-25 15:43:50 -03:00
Abhi Joglekar
28a44b966a SecLang uses RESPONSE_STATUS as variable, not STATUS 
Seclang uses RESPONSE_STATUS as variable to encode the status code for the
request.
https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual#RESPONSE_STATUS

The CRS v3.0.0-dev rules, for instance, uses the RESPONSE_STATUS variable.
https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/v3.0.0-dev/rules/RESPONSE-50-DATA-LEAKAGES-IIS.conf

When processing response headers, the variable was named STATUS when creating/storing
it in the collection. Fix it, and update regression testcases.
 2016-10-18 21:30:06 -03:00
Felipe Zimmerle
678a97d0f7 Refectoring on the DebugLog mechanism 
The DebugLog implementation was modified to use shared memory
to keep the information about the opened files and file handles.
The modification was necessary to avoid race-conditions. This
commit also closes the issue SpiderLabs/ModSecurity-nginx#17
 2016-10-18 18:43:51 -03:00
Felipe Zimmerle
f3bbcfc7ef Removes SecDebugLog directive from the test cases 2016-10-18 18:23:35 -03:00
Felipe Zimmerle
0e5f72977e Changes MATCHED_VAR behaviour 
Only cleanup the variable if there wasn't a match within the rule
 2016-07-29 10:40:45 -07:00
Felipe Zimmerle
f723870f18 Fix case sensitive variable resolution in in memory backend 
Variables are case insensitive
 2016-07-22 13:34:57 -03:00
Felipe Zimmerle
5d64f73817 Makes RULE collection to be resolved inside a macro expansion 2016-07-21 13:09:22 -03:00
Felipe Zimmerle
37079ef668 Adds support to SecRuleRemoveById 2016-07-18 15:02:38 -03:00
Felipe Zimmerle
38b338d1d6 Adds test case for regular express selection 2016-07-11 11:07:30 -03:00
Felipe Zimmerle
4daf9d8ab0 Adds a test case for WEBSERVER_ERROR_LOG 
WEBSERVER_ERROR_LOG is not supported by libmodsecurity. This test case
confirms the parser error that says so.
 2016-07-08 11:05:09 -03:00
Felipe Zimmerle
6e4226ee4d Adds support to global collections shared among different process 
There is a memory leak in the variable resolution that should be
contained by an internal change in the way that the variables
are resolved.
 2016-07-07 23:03:47 -03:00
Felipe Zimmerle
3d1d0514fd Fix pass action behaviour: now only ingore actions within the same rule 
More details on issue #1152
 2016-07-01 11:01:51 -03:00
Felipe Zimmerle
b332018cc2 Adds regressiont test for issue #1152 2016-06-30 23:50:21 -03:00
Felipe Zimmerle
f72bd587ec Adds support to the allow action 2016-06-30 20:44:51 -03:00
Felipe Zimmerle
b0f69b1262 Adds support to the `skip' action 2016-06-30 10:35:42 -03:00
Felipe Zimmerle
90adb53935 Adds support to JSON request body parser 2016-06-29 21:55:41 -03:00
Felipe Zimmerle
193fa2e804 Changes regressions tests to fit the recent modification on the parser 2016-06-24 09:18:48 -03:00
Felipe Zimmerle
02909f7cd8 parser: arbitraty text can be used instead of operator 
The usage of an arbitrary text instead operator was expecting that the
arbitrary text start by something different from "@" or "!", now it can
start with anything, including "@", and/or "!". Notice however that
there aren't such thing as a bad  operator. Bad operator will be used as
input of @rx. Issue #1136.
 2016-06-22 16:59:50 -03:00
Felipe Zimmerle
0d53dda1a1 Adds support to @unconditionalMatch 
Issue #1002
 2016-06-21 13:46:55 -03:00
Felipe Zimmerle
60be385ebe Adds support to the SERVER_NAME variable 2016-06-21 10:53:11 -03:00
Felipe Zimmerle
df1f7c5e08 Adds support to the RESPONSE_PROTOCOL variable 2016-06-21 10:52:18 -03:00
Felipe Zimmerle
a36b2da86a Adds support to the STATUS variable 2016-06-20 20:34:39 -03:00
Felipe Zimmerle
56d084a7f4 Adds support the variable rule 
Issue #1016
 2016-06-20 14:03:45 -03:00
Felipe Zimmerle
45bfb594b9 Adds missing tests cases 2016-06-20 11:35:00 -03:00
Felipe Zimmerle
6052d2628b Adds support to URLENCODED_ERROR variable 2016-06-20 11:34:43 -03:00
Felipe Zimmerle
c5262d54f2 Fix argument uri decode order 
The uri decode happens after the string is splitted, not before.
 2016-06-17 15:34:06 -03:00
Felipe Zimmerle
1e6b40ebea Fix some improperly formatted test cases 2016-06-14 15:32:37 -03:00