ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00

Author	SHA1	Message	Date
Felipe Zimmerle	8da49842d8	Fix typo on the audit logs. It is not _serverity_. Renamed to severity. Details on issue: #1114	2016-04-04 13:38:23 -03:00
Felipe Zimmerle	85d8b8e9b7	Fixed typo error in the HTTPS client implementation It is ModSecurity not _modesecurity_. Details in issue #1113	2016-04-04 13:35:19 -03:00
Felipe Zimmerle	8d052853a8	Adds support to https audit log output This functionality was built for test only.	2016-04-04 13:29:15 -03:00
Felipe Zimmerle	e5acc95de8	First version of `global' and` ip' collections	2016-03-30 18:22:00 -03:00
Felipe Zimmerle	214cc15785	Cosmetics: Reduce the coding style warnings	2016-03-21 17:59:31 -03:00
Felipe Zimmerle	c43391072c	Fix some issues reported by the static analysis	2016-03-18 19:37:51 -03:00
Felipe Zimmerle	e3dd2937e6	Installs the library file in the right path [lib\|lib64] Fixed the issue reported on #1083: - The option --libdir will be respected whenever it is used. - The library will be installed at ??/lib64 when needed.	2016-03-18 16:01:02 -03:00
Felipe Zimmerle	e0926fee37	Fix parser error while dealing with operator negation This patch closes the issue #960	2016-03-17 18:06:46 -03:00
Felipe Zimmerle	47a62b98bb	Saves `MATCHED_VAR' and related before execute the actions Actions should have access to the MATCHED_VAR.	2016-02-18 20:02:28 -03:00
Felipe Zimmerle	30d9ade192	Fix macro expansion: Now support } and/or }% to close a variable	2016-02-18 19:39:43 -03:00
Felipe Zimmerle	f44143436b	Fix parser error on free text operator	2016-02-18 10:11:54 -03:00
Felipe Zimmerle	1e3cafb734	Fix memory management on the rules' messages (try 2)	2016-02-17 13:32:31 -03:00
Felipe Zimmerle	71970915b1	Using `clear' to clean up lists instead of clean via integration	2016-02-17 12:21:05 -03:00
Felipe Zimmerle	163483e8d4	Fix memory management on the rules' messages	2016-02-16 23:30:14 -03:00
Felipe Zimmerle	ed8b0c85d7	Fix `capture' memory management The capture action was implemented before the transaction concept. While partially ported to use the transaction, some of the elements were not freed correctly. Now it is fully ported to use the class Transaction.	2016-02-16 23:24:15 -03:00
Felipe Zimmerle	e346454374	Fix memory leaks on the collections/variables management	2016-02-16 23:04:11 -03:00
Felipe Zimmerle	8647d63e90	Fix m accuracy initialization inside the Rule class	2016-02-15 15:47:36 -03:00
Felipe Zimmerle	a2ffb36159	Adds "matched" line to the audit logs	2016-02-12 13:28:43 -03:00
Felipe Zimmerle	362b376acb	Adds verbose logs to audit logs while deciding or not to save a request	2016-02-12 11:51:33 -03:00
Felipe Zimmerle	77a1dcab9b	parser: fix issue with skipAfter action Considering \n and/or \r as the end of the token.	2016-02-11 16:42:39 -03:00
Felipe Zimmerle	049e4eb69d	Adds support to the @rbl operator	2016-02-11 14:25:58 -03:00
Felipe Zimmerle	4bdb4ed63a	Fix chained rules execution order	2016-02-10 14:29:45 -03:00
Felipe Zimmerle	8143f8ea89	Adds support to the action `maturity'	2016-02-10 13:55:12 -03:00
Felipe Zimmerle	714df8db20	Adds support to the action `accuracy'	2016-02-10 13:35:02 -03:00
Felipe Zimmerle	5a2a81a568	Adds support to the action `ver'	2016-02-10 12:53:22 -03:00
Felipe Zimmerle	77900ed4e2	Fix rules `messages' on the auditlog	2016-02-10 12:03:52 -03:00
Felipe Zimmerle	9474373264	General improvements on audit logs information Making actions: msg, logdata, tag and others to work in the same fashion that they work on ModSecurity v2.x	2016-02-05 15:19:53 -03:00
Felipe Zimmerle	b9b3e82900	Fix AuditLog parts selection	2016-01-21 15:03:47 -03:00
Felipe Zimmerle	9343942398	Adds mutex around the write operation on the auditlogs	2016-01-20 10:21:21 -03:00
Felipe Zimmerle	b46dc34573	Temporarily disable the HTML ENTITY DECODE transformation	2016-01-18 13:48:00 -03:00
Felipe Zimmerle	a102b5ce2c	Improves the method fill the ARGS collection	2016-01-15 10:35:24 -03:00
Felipe Zimmerle	98f45f357a	Using a better number generator to avoid conflicts	2016-01-15 09:34:51 -03:00
Felipe Zimmerle	36dfe81da0	Adds YAJL_CFLAGS to the project core	2016-01-15 08:12:40 -03:00
Felipe Zimmerle	fc225ff001	Fix whoAmI() call on Transaction	2016-01-15 08:12:27 -03:00
Felipe Zimmerle	b06eaadac7	Places the classes related to audit log into a separate namespace	2016-01-14 14:29:36 -03:00
Felipe Zimmerle	aaf995cc71	Adds missing file: transaction.h and removes assay.cc from git	2016-01-14 12:07:25 -03:00
Felipe Zimmerle	4db5cc7d26	Refactoring on Transaction class: adding comments and renaming variables	2016-01-14 12:02:59 -03:00
Felipe Zimmerle	6f1e6f37d7	Fix trasanction cleanup on the C API	2016-01-14 09:39:11 -03:00
Felipe Zimmerle	a51e707517	Renames class Assay to Transaction	2016-01-13 15:57:00 -03:00
Felipe Zimmerle	d780fd6290	Fix the parse to distinguish between @pm content and a variable Before this patch the parser was not understanding @pm content that contains a variable.	2016-01-12 13:59:27 -03:00
Felipe Zimmerle	702551ed42	Adds support to action `exec' to sec lang parser	2016-01-12 10:57:06 -03:00
Felipe Zimmerle	923620fbd0	Adds support to the action `allow' in the sec parser	2016-01-12 10:42:36 -03:00
Felipe Zimmerle	7901c2c899	Adds the actions SetSID and SetUID to the seclang parser	2016-01-12 10:34:33 -03:00
Felipe Zimmerle	ab92bed6fa	Parser improvement: Supporting variables selection with regex	2016-01-12 09:59:33 -03:00
Felipe Zimmerle	3acc013e49	Improves the secrules parser	2016-01-11 17:50:35 -03:00
Felipe Zimmerle	f23908f145	Improves the secrules parser	2016-01-11 15:14:26 -03:00
Felipe Zimmerle	8c7b6199f7	Optimization on the tolower function	2016-01-07 09:16:06 -03:00
Felipe Zimmerle	0762892368	Small fix on pull request #982	2016-01-06 17:00:43 -03:00
Chaim Sanders	e38a468a26	Updated with suggestions from @zimmerle for code style	2016-01-06 17:00:43 -03:00
Chaim Sanders	b3ab9a4084	Support for correct implimentation of REQUEST_URI	2016-01-06 17:00:43 -03:00

1 2 3 4 5 ...

464 Commits