ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-19 18:54:23 +03:00

Author	SHA1	Message	Date
Felipe Zimmerle	665df04516	Cosmetics: avoid compilation warnings	2016-07-29 11:29:24 -03:00
Felipe Zimmerle	5d64f73817	Makes RULE collection to be resolved inside a macro expansion	2016-07-21 13:09:22 -03:00
Felipe Zimmerle	d781b00f70	Fix the `log' action and the webserver error callback	2016-07-16 15:20:31 -03:00
Felipe Zimmerle	4cf6c714ac	Cosmetics: Fix coding style	2016-07-12 21:59:17 -03:00
Felipe Zimmerle	4078677b7f	Cosmetic changes: applies changes suggested by static analysis	2016-07-12 00:46:12 -03:00
Felipe Zimmerle	833089eb70	Adds method resolveFirstCopy to collections Using the copy whenever it is necessary to avoid memory leak.	2016-07-08 10:22:37 -03:00
Alexey Zelkin	45850d17da	Fix typo (= vs ==)	2016-07-04 22:42:00 -03:00
Felipe Zimmerle	3d1d0514fd	Fix pass action behaviour: now only ingore actions within the same rule More details on issue #1152	2016-07-01 11:01:51 -03:00
Felipe Zimmerle	f72bd587ec	Adds support to the allow action	2016-06-30 20:44:51 -03:00
Felipe Zimmerle	b0f69b1262	Adds support to the `skip' action	2016-06-30 10:35:42 -03:00
Felipe Zimmerle	90adb53935	Adds support to JSON request body parser	2016-06-29 21:55:41 -03:00
Felipe Zimmerle	2477470607	Adds support to the resource collection	2016-06-24 15:17:29 -03:00
Felipe Zimmerle	7d06c32b0d	Adds error messages while failed to init a collection	2016-06-24 13:48:57 -03:00
Felipe Zimmerle	0fdde52532	Fix setvar action to accept equals nothing	2016-06-23 15:48:23 -03:00
Felipe Zimmerle	56d084a7f4	Adds support the variable rule Issue #1016	2016-06-20 14:03:45 -03:00
Felipe Zimmerle	6052d2628b	Adds support to URLENCODED_ERROR variable	2016-06-20 11:34:43 -03:00
Felipe Zimmerle	7bd6e9a2bd	Makes XML request body processor to be selected only by ctl:equestBodyProcessor	2016-06-16 17:20:47 -03:00
Felipe Zimmerle	f833a61089	Fix memory leak on html dentity decode transformation	2016-06-16 10:32:44 -03:00
Felipe Zimmerle	e6c542c5b5	Fix invalid read on sql hex decode transformation	2016-06-16 10:31:15 -03:00
Alexey Zelkin	32f22d1a79	Use explicit variable size for copying char. For some reason plain call to "ret.append(&b)" copy 32 bit of data. This change unbreaks CmdLine unit tests for FreeBSD 10, CentOS 7, RHEL 7 and Debian 8.	2016-06-15 23:10:27 -03:00
Alexey Zelkin	57ad70bb2b	Add missing 'retrun's for functions declared return value. This change fixes SIGILLs on executable built with clang 3.4. Tested against FreeBSD 10.3.	2016-06-15 23:10:27 -03:00
Felipe Zimmerle	967c8c90f2	Fixed minor behavior on the trasnformations and added sha1-mbedtls	2016-05-30 16:54:13 -03:00
Felipe Zimmerle	8d49903279	Adds support to the transformations parity[even\|odd\|zero]7bit Issues: #968, #969, #967	2016-05-27 10:45:05 -03:00
Felipe Zimmerle	1fe0e34201	Adds support to sqlHexDecode transformation Issue #973	2016-05-25 20:19:54 -03:00
Felipe Zimmerle	bd2e95953c	Adds support to the hexDecode transformation Issue: #973	2016-05-25 18:49:34 -03:00
Felipe Zimmerle	2b056485d0	Adds support to Utf8ToUnicode transformation Issue #974	2016-05-25 18:21:26 -03:00
Felipe Zimmerle	b7e82261ce	Adds support to removeComments transformation on libmodsec Issue #970	2016-05-25 11:17:32 -03:00
Felipe Zimmerle	7ccf54d330	Adds md5 transformation Replaced the old md5 implementation by the mbetls one.	2016-05-24 21:28:19 -03:00
Felipe Zimmerle	bf4a9d7633	Adds support to base64DecodeExt transformation More info on #964	2016-05-24 21:28:19 -03:00
Felipe Zimmerle	056753d57a	Adds support to base64 encode transformation	2016-05-24 21:28:14 -03:00
Felipe Zimmerle	e48f468cbc	Adds support to base64 decode transformation	2016-05-24 10:04:06 -03:00
Felipe Zimmerle	f989ecd5cb	Adds support to SecXMLExternalEntity	2016-05-18 17:02:15 -03:00
Felipe Zimmerle	6a7b970fe3	Adds support to ctl:requestBodyProcessor=XML	2016-05-18 10:30:25 -03:00
Felipe Zimmerle	1f45d6cea8	Adds full support to the libxml action Issue #1148	2016-05-18 09:47:30 -03:00
Felipe Zimmerle	8c714af8e1	Actions refactoring: now there is a clear definiation on the action name	2016-05-17 14:36:59 -03:00
Felipe Zimmerle	1b88947d9b	Adds support 'xmlns' action to the libmodsec parser	2016-05-16 18:24:54 -03:00
Felipe Zimmerle	758ecb5d6d	Adds support to USER collection, setuid action and USERID variable More details on: #1026, #1024, #1048	2016-05-09 20:27:08 -03:00
Felipe Zimmerle	ff9aa5c7cf	Adds support to the variable SESSIONID	2016-05-06 14:38:38 -03:00
Felipe Zimmerle	a2a47798e9	Adds support to the collection SESSION and setsid action	2016-05-06 14:38:04 -03:00
Felipe Zimmerle	c85529158e	Adds support to the cmd_line transformation Details on #965	2016-05-05 15:47:21 -03:00
Felipe Zimmerle	1539a8c3ef	Fix the coding style of the pull request #1115	2016-04-05 09:56:08 -03:00
bjh7242	8b3b014062	updated transformation file to include removeWhitespace transformation	2016-04-05 09:04:54 -03:00
bjh7242	883b804d90	adding removeWhitespace transformation	2016-04-05 09:04:49 -03:00
Felipe Zimmerle	0a60924c8f	Reduces the amount of warnings Trimming the pull request #1098	2016-04-04 15:31:19 -03:00
Felipe Zimmerle	6f93563fc2	Fix in parser: now understanding the removeCommentsChar transformation SpiderLabs/ModSecurity#1098	2016-04-04 15:25:34 -03:00
bjh7242	a5a21ea192	added remove_comments_char to address issue #971	2016-04-04 13:45:08 -03:00
Felipe Zimmerle	e5acc95de8	First version of `global' and` ip' collections	2016-03-30 18:22:00 -03:00
Felipe Zimmerle	214cc15785	Cosmetics: Reduce the coding style warnings	2016-03-21 17:59:31 -03:00
Felipe Zimmerle	c43391072c	Fix some issues reported by the static analysis	2016-03-18 19:37:51 -03:00
Felipe Zimmerle	ed8b0c85d7	Fix `capture' memory management The capture action was implemented before the transaction concept. While partially ported to use the transaction, some of the elements were not freed correctly. Now it is fully ported to use the class Transaction.	2016-02-16 23:24:15 -03:00

... 2 3 4 5 6

287 Commits