github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
271 Commits 55 Branches 109 Tags
Commit Graph

271 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
brectanus
4602f7d908 Remove tabs from CHANGES. 2007-12-14 22:52:29 +00:00
brectanus
9136d391d3 Forgoten CHANGES entry for last commit. 2007-12-14 22:50:01 +00:00
brectanus
476684e6ec Stricter configuration parsing. See #66 and #429. 2007-12-14 22:45:01 +00:00
brectanus
cd51a10046 Allow all rules to run in phase 5. See #425. 2007-12-14 22:34:16 +00:00
brectanus
515290434c Add 2.1.4 changes to trunk CHANGES. 2007-12-14 20:22:54 +00:00
brectanus
f68f0156c3 Cleanup CHANGES. 2007-12-14 20:20:18 +00:00
brectanus
5065852dfe More efficient collection persistance and deletion on retrieval. See #345 and #426. 2007-12-14 19:53:23 +00:00
brectanus
4c11791a94 Escape cache value in log. 2007-12-14 00:42:04 +00:00
brectanus
aa68fff104 Fixed decoding \9 with t:escapeSeqDecode. See #423. 2007-12-14 00:30:25 +00:00
brectanus
8aa31fd099 Change jsDecodeuni to jsDecode which also decodes all the other JS escapes. See #193. 2007-12-14 00:19:46 +00:00
brectanus
b0de659133 Added t:jsDecodeUni handling unicode similar to t:urlDecodeUni. See #193. 2007-12-13 00:58:02 +00:00
brectanus
cbf79d43ba Update version to ready for 2.5.0-rc1. 2007-12-12 23:08:14 +00:00
brectanus
54cac6461b Add IS_NEW and IS_EXPIRED collection variables. See #345. 2007-12-12 22:52:08 +00:00
brectanus
2203428507 Prefer "offset" to "pos". 2007-12-12 18:43:40 +00:00
brectanus
e7e9756966 Add var name to validateUtf8Encoding message. See #408. 2007-12-12 18:40:35 +00:00
brectanus
3c1d5a0210 More efficient multimatch support and cleaned up debugging and messages. See #69. 2007-12-12 17:56:25 +00:00
brectanus
2dff0fb9f5 Speed up luhn algorithm and add multimatching capabilities to verifyCC. See #69. 2007-12-12 01:30:58 +00:00
brectanus
423fd0eea2 Update skipAfter docs to mention markers. See #416. 2007-12-11 18:03:37 +00:00
brectanus
715a8eae58 Implement SecMarker. See #416. 2007-12-11 17:53:50 +00:00
ivanr
37f5231ccd Minor code fixes. 2007-12-03 21:13:37 +00:00
ivanr
bbcf1d08fc Added an APR-Util variant of character encoding conversion. 2007-12-03 14:46:00 +00:00
ivanr
c25071b832 Initial experimental implementation of SecRequestEncoding. See #390 for more details. 2007-12-03 14:04:53 +00:00
brectanus
22873995f7 Rename placeholder type from RULE_PH_TARGET to RULE_PH_SKIPAFTER. 2007-12-02 16:26:05 +00:00
brectanus
2bf4556cd0 Checkin fix to rule removal code to avoid placeholders. 2007-12-02 15:35:09 +00:00
brectanus
9e9bb318b3 Rewrite the luhn algorithm to be faster and easier to read. See #69. 2007-12-01 00:42:28 +00:00
brectanus
13e209909f Add in verifyCC operator from mod_security2_op_verifyCC.c. See #69. 
This still needs to be fixed.
 2007-11-30 23:26:06 +00:00
brectanus
a6c2d867f4 Improvements to audit logging matching rules. See #93. 2007-11-30 21:31:12 +00:00
brectanus
dcdce0cbc5 Added matching rules to audit log data. See #93. 2007-11-30 00:52:21 +00:00
brectanus
85053718d9 Cleanup log output for skipAfter. See #258. 2007-11-29 23:14:02 +00:00
ivanr
ff12e6f1c0 Remove comment that is not needed. 2007-11-29 18:10:54 +00:00
ivanr
526bcc0b5a More informative change log message for fixing utf-8 validation. 2007-11-29 14:50:54 +00:00
ivanr
c5c759d6f0 Forgot to update CHANGES. 2007-11-29 14:03:05 +00:00
ivanr
d3a0a2887a Fix utf-8 validation (again\!\!\!). 2007-11-29 13:30:39 +00:00
ivanr
575e86388a Implemented SecRequestBodyNoFilesLimit (#103). 2007-11-29 11:41:48 +00:00
ivanr
fd5e4fb32c Fix bugs introduced by the recent change to audit logging. 2007-11-29 11:09:38 +00:00
ivanr
ab6a81fe7a Remove unused reqbody_status from modsec_rec. 2007-11-29 10:46:12 +00:00
brectanus
1cfc906fac Fixed apr_size_t formatting warnings by using portable %APR_SIZE_T_FMT instead of %lu. 2007-11-28 01:09:15 +00:00
brectanus
8cec4dd251 Some more debugging and fixes for skipAfter. See #258. 2007-11-28 01:04:26 +00:00
ivanr
4a08d7e6bf Handle out-of-disk-space conditions gracefully when writing to audit log. 2007-11-27 10:52:14 +00:00
brectanus
800cfc2cc2 Added missing #else block for printf attributes. 2007-11-27 00:17:50 +00:00
brectanus
e47fdeb420 Changed %p formatter to APRs %pp (wish that was documented). 
Marked msr_log() as a printf style function so GNU compiler can check formatting types.
Fixed a few other warnings with msr_log() formatters.
 2007-11-26 22:53:51 +00:00
brectanus
9447ae67b8 Added placeholder support for skipAfter so that it works with removed rules. See #258. 2007-11-26 22:27:15 +00:00
brectanus
1860e2a35e Renamed SecGeoLookupsDb to SecGeoLookupDB. 2007-11-26 17:04:42 +00:00
ivanr
6ca5b831fb Document SecComponentSignature. Update CHANGES. 2007-11-26 16:22:33 +00:00
ivanr
b163864ba7 Implemented SecComponentSignature. 2007-11-26 16:05:56 +00:00
ivanr
e467d3cac0 Unified messages in the error log and in the audit log. 2007-11-26 15:39:37 +00:00
ivanr
f0be2ff6b0 Added warning message when XML request body parser fails. 2007-11-26 15:05:48 +00:00
brectanus
2cefbda2e3 Fix quotes in an example. 2007-11-19 17:19:13 +00:00
brectanus
40c5b2004f Remove extraneous 'void *' cast. 2007-11-15 19:11:59 +00:00
brectanus
aff6900539 Initial full pass through code to fix issues with 64-bit/mismatch sign/mismatch size printf style formatters. 
Still need to look more into how we are handling time and convert to apr_time_t (or time_t) where appropriate.
Still need to look into our use of 'long' as windows is LLP64 where 'long' is still 32-bit.
 2007-11-15 19:09:14 +00:00