Felipe Zimmerle
b4051246b1
Adds support to SecResponseBodyMimeTypesClear
2017-08-16 22:21:03 -03:00
Felipe Zimmerle
48f1470269
Adds support to SecArgumentSeparator
2017-08-16 18:27:51 -03:00
Felipe Zimmerle
a302538521
parser: Adds SecWebAppId not supported note
2017-08-16 17:31:59 -03:00
Felipe Zimmerle
2c4e65f7ee
parser: Adds support to quoted paramenter in SecDataDir
2017-08-16 17:17:39 -03:00
Felipe Zimmerle
bb2fe0e039
parser: Adds note saying that SecServerSignature is not supported
2017-08-16 17:14:42 -03:00
Felipe Zimmerle
e6cfd5379d
parser: Adds SecRuleScript not implemented note
2017-08-16 17:00:36 -03:00
Felipe Zimmerle
cd533e00e7
parser: Adds support to quoted arguments on SecUploadDir
2017-08-16 10:17:51 -03:00
Felipe Zimmerle
b5d0dc2409
paser: Adds support for quoted argument on SecTmpDir
2017-08-16 09:51:56 -03:00
Felipe Zimmerle
5ffc5c1633
parser: Adds support to quoted arguments in asorted configurations
2017-08-16 09:37:34 -03:00
Felipe Zimmerle
9abc37157d
parser: Adds msg: ContentInjection is not yet supported
2017-08-16 09:21:23 -03:00
Felipe Zimmerle
06447ea3d4
parser: Adds support to double quotes on adit logs file
2017-08-16 00:18:06 -03:00
Felipe Zimmerle
c525cbfb20
parser: Adds ability to inform auditlog status without quotes
2017-08-16 00:17:58 -03:00
Felipe Zimmerle
9ee412735d
parser: Improves the reading for the url in the redirect action
2017-08-15 15:18:52 -03:00
Felipe Zimmerle
8c66a1b4c2
Adds support to double quotes on debug logs conf
2017-08-15 14:20:39 -03:00
Victor Hora
53ff0e1a57
Adds initial support to SecHttpBlKey
2017-07-29 00:12:14 -03:00
Felipe Zimmerle
4bec6b0019
Adds support to ctl:ruleEngine
2017-07-27 22:05:10 -03:00
Felipe Zimmerle
e14dc602e5
Adds support to SecRuleUpdateTargetById
2017-07-04 13:13:13 -07:00
Felipe Zimmerle
fba9c20ea1
Adds initial support to SecRuleUpdateTargetByTag
2017-07-03 17:42:34 -07:00
Felipe Zimmerle
508a2b5a4a
Adds sanity check on SecRemoteRules directive input
2017-06-21 19:08:12 -07:00
Felipe Zimmerle
c3a0d8d9bb
Fix collections element selection by regex
...
Reported at #1369
2017-06-17 00:11:28 -03:00
Felipe Zimmerle
9cb3f23b50
Adds support to setrsc action
2017-06-09 16:59:04 -03:00
Felipe Zimmerle
e795253ecf
Fix crash on SecRuleRemoveById malformated parameter
...
Fix issue #1440
2017-06-06 22:14:13 -03:00
Victor Hora
37868d1534
Add missing feature: t:uppercase transformation
2017-06-02 21:47:54 -03:00
Victor Hora
9d70345d3d
Add missing hexDecode transformation to seclang parser
2017-05-29 22:48:23 -03:00
Felipe Zimmerle
c97db2f361
Adds verbose message when a resource is not found.
...
Fix #1309
2017-05-02 13:39:37 -03:00
Felipe Zimmerle
b3c8e97ff7
Parse fix: accepting variables in between quotes
2017-03-30 10:02:36 -03:00
Felipe Zimmerle
e2bd87d07d
Fix minor parser errors
2017-03-06 15:02:04 -03:00
Felipe Zimmerle
d6363607aa
Accept quoted regexp in the collection selection
2017-03-06 15:02:03 -03:00
Felipe Zimmerle
f2d149fc5f
Extends the direct access model to other collections
2017-03-06 15:02:00 -03:00
Felipe Zimmerle
ca24b6bb06
PoC: Adds support to direct access on ARGS collection
2017-03-06 15:01:59 -03:00
Felipe Zimmerle
ba6b972ca8
Makes global collection allowed to be set by setVar
2017-03-06 15:01:59 -03:00
Felipe Zimmerle
e95555132e
Contionuation of 1 time variable patch
...
Now we have almost 100% of the transaction variables hosted on the
new schema. Variable modifcators (count and exclusion) are not yet
supported on the new schema. Notice that setvar is now using the
parser.
2017-03-06 15:01:58 -03:00
Felipe Zimmerle
703da3c4f0
Adds PoC about 1-time variable resolution and draft for offset
...
There is no need for the variable purely associated with the
transaction (transient) be part of collection that demands
lookups. Also, those variables will held the concept of offset:
The offset from the first byte of the request till the start of
the variable.
2017-03-06 15:01:52 -03:00
Felipe Zimmerle
a6f07f621d
Makes the lexical errors a little bit more verbose
2017-03-06 15:01:51 -03:00
Felipe Zimmerle
5086fef492
Fix parser while continuation line is used between var and op
2017-03-06 15:01:50 -03:00
Felipe Zimmerle
59114dd598
Refactoring on the operators parsers (2/2)
...
This is the first step towards remove the memory leaks in the parser
2017-03-06 15:01:50 -03:00
Felipe Zimmerle
9cda4c0be0
cosmetics: Having the parser in a better shape regarding operators 1/2
2017-03-06 15:01:50 -03:00
Felipe Zimmerle
15b81d09e7
Refactoring on the transformation classes
2016-12-28 19:53:37 -03:00
Felipe Zimmerle
9c7416da97
Refactoring the actions classes
2016-12-28 15:20:06 -03:00
Felipe Zimmerle
ab88083159
parser: Fix the expanded list inclusion
2016-11-16 15:47:21 -03:00
Felipe Zimmerle
4643501507
parser: Improves the include error when the file does not exist
2016-11-14 10:23:00 -03:00
Felipe Zimmerle
8b4f1bc46c
Fix rule file inclusion path
...
The inclusion was not taking `*' into consideration, leading the
relative configuration inclusion to fail. That was very annoying.
2016-11-11 15:15:51 -03:00
Felipe Zimmerle
2244e874e2
Moves static methods from class String to the namespace string
2016-11-04 16:00:44 -03:00
Felipe Zimmerle
62a0cb468b
Renames utils/msc_string.[h|cc] to utils/string.[h|cc]
2016-11-04 16:00:42 -03:00
Felipe Zimmerle
4ced1d18e0
Using full path in the header inclusion
2016-11-04 14:45:01 -03:00
Felipe Zimmerle
ac4cb53d09
parser: Better understands escaped quotes in operator parameters
2016-11-04 01:55:47 -03:00
Felipe Zimmerle
507ec44cc2
Refactoring on `utils.cc' and adjacents
...
Completely removed the `utils.cc' by moving residual functions into
sub-classes of `utils/'
2016-11-03 20:26:27 -03:00
Felipe Zimmerle
f1e742c159
Moves system related functions from utils' to utils/system'
2016-11-03 10:48:10 -03:00
Felipe Zimmerle
73c4d69174
Moves string related functions from utils' to utils/string'
2016-11-03 10:47:22 -03:00
Felipe Zimmerle
2bb9d7988f
Cosmetics: huge refactoring in the parser
...
The parser is now more elegant and resilient.
2016-10-31 17:33:24 -03:00
