github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
324 Commits 55 Branches 109 Tags
Commit Graph

324 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ivanr
2068357af8 Added m.getvars() and finalised Lua support. 2007-12-21 12:50:03 +00:00
brectanus
8924f605d4 Add some more test cases. 2007-12-20 23:42:09 +00:00
brectanus
6dd6156466 Fixed returns for urlDecodeUni, urlDecode, urlEncode and normalisePathWin. See #439. 2007-12-20 23:29:07 +00:00
brectanus
9551218d23 Fixed URL decoding with invalid encoding. See #439. 2007-12-20 23:01:38 +00:00
brectanus
a210e73257 Fixed return codes for base64Decode, base64Encode, compressWhitespace as well as replaceComments not adding the space for a comment w/o ending. See #439. 2007-12-20 22:59:26 +00:00
brectanus
ef18503f05 More cleanup and fixes in the testing framework. 2007-12-20 21:33:29 +00:00
brectanus
78f83198d0 Remove \0ooo support from t:escapeSeqDecode. See #423. 2007-12-20 21:04:19 +00:00
brectanus
4104e261e7 Update verifyCC checks w/data Ofer sent me. 2007-12-20 19:23:20 +00:00
brectanus
9504be7d78 Fix a bug in testing framework where NUL is lost in parameter and add support for running only a single test in a conf file. 2007-12-20 19:22:13 +00:00
brectanus
246ed9cbc5 Make sure a zero-length CC# does not verify. 2007-12-20 19:19:34 +00:00
brectanus
59685455d9 Update core rules to 1.5.1. 2007-12-20 17:01:12 +00:00
ivanr
f64c7c39e8 Lua: Added support for scripting to @inspectFile. 2007-12-20 15:53:23 +00:00
ivanr
4cecdf4c5b Added support for Lua to the exec action. 2007-12-20 12:06:30 +00:00
ivanr
a45c4bb551 Lua: Fix compile warnings. 2007-12-20 10:38:16 +00:00
ivanr
4fcd787b94 Lua: Support relative filenames in SecRuleScript. 2007-12-20 10:17:48 +00:00
ivanr
235fd2c077 Lua: Add ability to retrieve values from persistent collections. 2007-12-20 09:55:58 +00:00
ivanr
fa4738e865 Lua: Preserve entire scripts, not just main(). This allows for more complex logic to be written as the user can now use functions. It also allows room for future expansion. 2007-12-20 09:21:35 +00:00
brectanus
3860a702ab Added support for unit testing operators. Only verifyCC tests written. 2007-12-20 01:40:29 +00:00
brectanus
3a8e0a4dfd Some more reorg of tests. 2007-12-19 23:43:51 +00:00
brectanus
a04e03b2c7 Some reorg of tests. 2007-12-19 23:41:49 +00:00
brectanus
61e4623bae Move around some code to make unit tests easier to build. 2007-12-19 20:44:56 +00:00
brectanus
2103fb560b Rename msc-test to msc_test. 2007-12-19 20:40:33 +00:00
brectanus
4e7c243c39 Make libxml2 *required*. 2007-12-19 18:13:41 +00:00
ivanr
6974a1c781 Fixed l_log to prevent percentage characters from Lua interfering with formatting. 2007-12-19 17:47:08 +00:00
brectanus
a0198a9e6c Polish up docs for md5/sha1. 2007-12-19 17:20:23 +00:00
ivanr
f3fae3155d Adjust Lua debugging levels to 8, to avoid logging at level 9 from skewing the results. 2007-12-19 17:13:02 +00:00
ivanr
80aa065d23 Document the Lua functionality added so far. 2007-12-19 17:07:24 +00:00
brectanus
e834a860dd Avoid double close of DBM on error. 2007-12-19 16:43:27 +00:00
brectanus
a96cbc0f69 Merge in Lua to test framework. 2007-12-19 16:11:42 +00:00
ivanr
e357bb55af Add quoting to unparsed rule generation. 2007-12-19 16:11:32 +00:00
ivanr
cdcb3bdb14 Lua: Added support for retrieving parametarised parameters (e.g. ARGS:p). 2007-12-19 15:46:45 +00:00
ivanr
4414cb8527 Lua: Support retrieval of individual variables from scripts. 2007-12-19 14:35:20 +00:00
ivanr
aef5a460b6 Fix Lua support. Enable logging from Lua scripts (using m.log()). 2007-12-19 12:50:21 +00:00
ivanr
e0c444953c Update Makefile to compile with Lua support 2007-12-19 11:26:55 +00:00
ivanr
afd3cbf14f Implemented SecRuleScript LUA_SCRIPT [ACTIONS]. 2007-12-19 11:22:52 +00:00
ivanr
6f6934e9d3 Code polish. 2007-12-19 09:22:58 +00:00
brectanus
d2dee97a31 Fix jsDecode \xHH to verify HH is there and valid hex. See #439. 2007-12-19 00:31:08 +00:00
brectanus
5da9a05d1c Remove the callback from the verifyCC regex (not used anymore). 2007-12-19 00:26:19 +00:00
brectanus
499c3f3167 Add initial unit testing framework. See #438. 2007-12-19 00:09:30 +00:00
brectanus
2657154eaa Update docs for t:md5 and t:sha1 to note that they are in binary form and should be hex encoded to be human readable. 2007-12-18 22:50:01 +00:00
brectanus
8360aacc22 Use use new msr->rule_was_intercepted flag. See #425. 2007-12-17 19:58:35 +00:00
brectanus
a99357ad5b Add ability to use <IfDefine MODSEC_2.5>. See #436. 2007-12-17 19:06:08 +00:00
ivanr
a703c9c626 Minor allow bug fix. 2007-12-17 15:11:18 +00:00
ivanr
dc081c5df1 Removed some code that implemented SecRequestEncoding. Left the directive in, as well as the structure member as they are harmless. 2007-12-17 15:09:59 +00:00
ivanr
b9a28882b2 Enhanced allow. 2007-12-17 11:22:47 +00:00
brectanus
9b0ce5ae67 Move an extraneous debug log line from level 4 to level 9. 2007-12-17 05:43:49 +00:00
brectanus
8a1687bf36 Make phase 5 more strict and catch an inherited disruptive action. See #429. 2007-12-17 05:13:49 +00:00
brectanus
5bd9e0640f Add CHANGES entry. See #425. 2007-12-15 00:57:21 +00:00
brectanus
32100608e5 Handle actionset being NULL. See #66 and #429. 2007-12-15 00:42:39 +00:00
brectanus
05c8ccd07e Moved modsecurity_crs_55_marketing.conf. 2007-12-14 23:31:33 +00:00