ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00

Author	SHA1	Message	Date
Felipe Zimmerle	4cf6c714ac	Cosmetics: Fix coding style	2016-07-12 21:59:17 -03:00
Felipe Zimmerle	4078677b7f	Cosmetic changes: applies changes suggested by static analysis	2016-07-12 00:46:12 -03:00
Alexey Zelkin	f43704dbef	Add explicit 'return true;' for Transaction::extractArguments() Unbreaks runtime for FreeBSD 10 (clang generated code)	2016-07-04 22:42:36 -03:00
Felipe Zimmerle	f72bd587ec	Adds support to the allow action	2016-06-30 20:44:51 -03:00
Felipe Zimmerle	e77e4c4c14	Adds missing test case to Makefile.am and initializes the skip var	2016-06-30 13:46:15 -03:00
Felipe Zimmerle	90adb53935	Adds support to JSON request body parser	2016-06-29 21:55:41 -03:00
Felipe Zimmerle	2477470607	Adds support to the resource collection	2016-06-24 15:17:29 -03:00
Felipe Zimmerle	60be385ebe	Adds support to the SERVER_NAME variable	2016-06-21 10:53:11 -03:00
Felipe Zimmerle	df1f7c5e08	Adds support to the RESPONSE_PROTOCOL variable	2016-06-21 10:52:18 -03:00
Felipe Zimmerle	b8bd0c5960	API CHANGE: response status is now set on processResponseHeaders That change was needed to move the variable attribution to earliest as possible. We also have a new field for HTTP_PROTOCOL version used on the response.	2016-06-21 09:24:46 -03:00
Felipe Zimmerle	a36b2da86a	Adds support to the STATUS variable	2016-06-20 20:34:39 -03:00
Felipe Zimmerle	6052d2628b	Adds support to URLENCODED_ERROR variable	2016-06-20 11:34:43 -03:00
Felipe Zimmerle	c5262d54f2	Fix argument uri decode order The uri decode happens after the string is splitted, not before.	2016-06-17 15:34:06 -03:00
Felipe Zimmerle	dbaf79fb8e	Adds extractArguments facilitator method Little refactoring to use this method instead of doing it manually in different parts of the code.	2016-06-17 15:15:44 -03:00
Felipe Zimmerle	5c088c8be4	Adds addArgument method to transaction class There was a bit of refactoring to use the addArgument function, instead of adding the items manually.	2016-06-17 14:34:22 -03:00
Felipe Zimmerle	ebe8424758	Adds support to REQBODY_ERROR_MSG and REQBODY_ERROR Support to REQBODY_PROCESSOR_ERROR and REQBODY_PROCESSOR_ERROR_MSG were also added.	2016-06-16 23:14:15 -03:00
Felipe Zimmerle	7bd6e9a2bd	Makes XML request body processor to be selected only by ctl:equestBodyProcessor	2016-06-16 17:20:47 -03:00
Felipe Zimmerle	7cb27eb9fc	Implements the support to fill the REQBODY_PROCESSOR variable	2016-06-16 15:47:40 -03:00
Felipe Zimmerle	9cec9db794	Fix memory leak in the method toJSON from Transaction class	2016-06-16 10:33:15 -03:00
Felipe Zimmerle	9919026620	Fixes regarding memory management Fixes assorted issues identified by valgrind.	2016-06-16 00:03:57 -03:00
Felipe Zimmerle	2e3da7ea24	Better support for multipart ModSecurity v2.x parser was ported into 3.x branch. All the multipart related variables should be workbale.	2016-06-10 09:40:08 -03:00
Felipe Zimmerle	6a7b970fe3	Adds support to ctl:requestBodyProcessor=XML	2016-05-18 10:30:25 -03:00
Felipe Zimmerle	8c714af8e1	Actions refactoring: now there is a clear definiation on the action name	2016-05-17 14:36:59 -03:00
Felipe Zimmerle	6a40752500	Adds XML variable, xml body request processor and @validateSchema	2016-05-12 11:11:40 -03:00
Felipe Zimmerle	758ecb5d6d	Adds support to USER collection, setuid action and USERID variable More details on: #1026, #1024, #1048	2016-05-09 20:27:08 -03:00
Felipe Zimmerle	a2a47798e9	Adds support to the collection SESSION and setsid action	2016-05-06 14:38:04 -03:00
Felipe Zimmerle	3062ff2aa5	Using Collection instead of GlobalCollection Both has the same methods and characteristics except for the fact that one is global and the other not. That can be handled by the backend.	2016-05-04 22:42:24 -03:00
Felipe Zimmerle	64c4f23a4e	Collection class was changed to be a simple interface InMomoryPerProcess class was added to be used where the old Collection was used.	2016-05-04 22:42:17 -03:00
Felipe Zimmerle	5643d2fa28	Warming up to the remote collections support Huge refactoring to have the code in shape to later support the remote collections with different backends.	2016-05-03 17:39:49 -03:00
Felipe Zimmerle	8da49842d8	Fix typo on the audit logs. It is not _serverity_. Renamed to severity. Details on issue: #1114	2016-04-04 13:38:23 -03:00
Felipe Zimmerle	e5acc95de8	First version of `global' and` ip' collections	2016-03-30 18:22:00 -03:00
Felipe Zimmerle	214cc15785	Cosmetics: Reduce the coding style warnings	2016-03-21 17:59:31 -03:00
Felipe Zimmerle	1e3cafb734	Fix memory management on the rules' messages (try 2)	2016-02-17 13:32:31 -03:00
Felipe Zimmerle	163483e8d4	Fix memory management on the rules' messages	2016-02-16 23:30:14 -03:00
Felipe Zimmerle	e346454374	Fix memory leaks on the collections/variables management	2016-02-16 23:04:11 -03:00
Felipe Zimmerle	a2ffb36159	Adds "matched" line to the audit logs	2016-02-12 13:28:43 -03:00
Felipe Zimmerle	362b376acb	Adds verbose logs to audit logs while deciding or not to save a request	2016-02-12 11:51:33 -03:00
Felipe Zimmerle	77900ed4e2	Fix rules `messages' on the auditlog	2016-02-10 12:03:52 -03:00
Felipe Zimmerle	9474373264	General improvements on audit logs information Making actions: msg, logdata, tag and others to work in the same fashion that they work on ModSecurity v2.x	2016-02-05 15:19:53 -03:00
Felipe Zimmerle	b9b3e82900	Fix AuditLog parts selection	2016-01-21 15:03:47 -03:00
Felipe Zimmerle	a102b5ce2c	Improves the method fill the ARGS collection	2016-01-15 10:35:24 -03:00
Felipe Zimmerle	fc225ff001	Fix whoAmI() call on Transaction	2016-01-15 08:12:27 -03:00
Felipe Zimmerle	b06eaadac7	Places the classes related to audit log into a separate namespace	2016-01-14 14:29:36 -03:00
Felipe Zimmerle	4db5cc7d26	Refactoring on Transaction class: adding comments and renaming variables	2016-01-14 12:02:59 -03:00
Felipe Zimmerle	6f1e6f37d7	Fix trasanction cleanup on the C API	2016-01-14 09:39:11 -03:00
Felipe Zimmerle	a51e707517	Renames class Assay to Transaction	2016-01-13 15:57:00 -03:00

46 Commits