github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,653 Commits 55 Branches 109 Tags
Commit Graph

115 Commits

Author SHA1 Message Date
Ervin Hegedus
534702b248
Refactoring Config*Int types 2025-07-20 22:37:04 +02:00
Ervin Hegedus
9e41a53760
Finish XMLArgs processing in v3 2025-04-20 18:21:28 +02:00
Eduardo Arias
2c613fb77c Simplify initialization of fileName member of Rule instances 2024-09-04 10:51:21 -03:00
Eduardo Arias
2f5dac5c4c Simplified initialization of Transformation's action_kind 
- Some of the Transformation classes would initialize their Action's
  action_kind using the default (using Transformation constructor
  without an action_kind parameter).
- Others, however, would use that constructor and initialize action_kind
  manually in their constructor, but setting the default value
  (RunTimeBeforeMatchAttemptKind = 1), which was redundant.
- Removed unused Transformation constructor to specify action_kind.
- Converted Action::Kind into an 'enum class' to require using the enum
  constants (instead of integer values, which are difficult to track in
  the codebase and change)
 2024-08-27 10:00:54 -03:00
Eduardo Arias
c917d6a2dc Initialize variable in if statement to avoid doing dynamic_cast twice 
- Refactored duplicate code in RuleWithOperator::getVariablesExceptions
- Leveraged auto to simplify declaration of dynamic_cast pointers.
 2024-08-08 13:37:23 -07:00
Martin Vierula
118e1b3a44 Support expirevar for in-memory collection 2023-09-29 11:40:03 -07:00
Brandon Payton
f3d8198b84 Respond to code review feedback 2023-04-11 13:47:02 -04:00
Brandon Payton
0c42ee229e Switch to simpler PCRE error flags 2023-04-11 13:44:07 -04:00
Brandon Payton
8c269d31c5 Update Regex util to support match limits 
If the rx or rxGlobal operator encounters a regex error,
the RX_ERROR and RX_ERROR_RULE_ID variables are set.
RX_ERROR contains a simple error code which can be either
OTHER or MATCH_LIMIT. RX_ERROR_RULE_ID unsurprisingly
contains the ID of the rule associated with the error.
More than one rule may encounter regex errors,
but only the first error is reflected in these variables.
 2023-04-11 13:40:40 -04:00
Martin Vierula
55d6aa94e1 Resolve memory leak (bison-generated position.filename) 2023-02-17 09:59:34 -08:00
Martin Vierula
ec1232a69b
Support equals sign in XPath expressions 2023-01-19 08:37:38 -08:00
Martin Vierula
0840a29c33
Advance bison version to v3.7.6 2022-09-12 20:26:13 -07:00
Martin Vierula
fa6e41857d
Multipart parsing fixes and new MULTIPART_PART_HEADERS collection 2022-09-07 06:29:20 -07:00
Martin Vierula
2d51efae49 Add ctl:auditengine action support 2022-01-20 14:04:30 -08:00
Martin Vierula
ac79c1c29b
Support configurable limit on depth of JSON parsing 2021-11-15 18:51:25 -08:00
martinhsv
2672db103e
Add support for new operator rxGlobal 2020-10-26 08:55:07 -03:00
Felipe Zimmerle
995f22b3ce
Having Bison 3.7.2 2020-10-14 13:58:37 -03:00
Felipe Zimmerle
7a48245aed
Creates RuleUnconditional 
Makes RuleScript child of RuleWithActions instead of Operator
 2020-03-31 14:44:19 -03:00
Felipe Zimmerle
59d4268882
Refactoring: renames Rule to RuleWithOperator 2020-03-31 10:00:08 -03:00
Felipe Zimmerle
43f8aee6b6
Splits Rule class into: Rule, RuleBase, RuleMarker 2020-03-30 20:21:36 -03:00
Felipe Zimmerle
fda03c0016
Yet another refactoring in Rule 2020-03-30 15:38:51 -03:00
Felipe Zimmerle
b66224853b
Refactoring in Rule: Meaningful structures name 2020-03-27 17:43:43 -03:00
Felipe Zimmerle
343b86c2a7
Makes m_fileName a shared pointer 2020-03-27 15:00:22 -03:00
Felipe Zimmerle
6b0ad8049a
Having default actions as o shared pointer 2020-03-26 09:59:57 -03:00
Felipe Zimmerle
9d158611cf
Makes Rule a shared pointer 2020-03-25 16:11:23 -03:00
Felipe Zimmerle
88789a577f
parser: Using bison 3.5.2 2020-03-11 14:21:11 -03:00
Felipe Zimmerle
6a742cdf76
Refactoring: Renames RulesProperties to RulesSetProperties 2020-02-17 13:17:03 -03:00
martinhsv
f57265a3e2
Support configurable limit on number of arguments processed 2020-02-14 11:00:01 -03:00
Felipe Zimmerle
7495675d54
Refactoring: Renames Rules to RulesSet 
RulesSet does not only contain rules but alse properties
 2020-02-11 14:26:47 -03:00
Felipe Zimmerle
6a0df8ca5c
parser: new bison version 2020-02-11 11:15:09 -03:00
Rufus125
86ce479b59
Adds new operator to check for data leakage of Austrian social security number 2019-05-29 20:57:08 -03:00
Felipe Zimmerle
61c11251b6
parser: Fix filename 2019-04-23 13:17:23 -03:00
Felipe Zimmerle
0669c2e64d
parser: new bison version 2019-04-22 10:46:27 -03:00
Felipe Zimmerle
4e76c6adf0
Renames namespace Variables to variables 2019-03-06 15:53:20 -03:00
Felipe Zimmerle
b9ed150224
Fix namespace utilization on seclang-parser.yy 2019-03-06 15:12:44 -03:00
Felipe Zimmerle
d00ea5111d
Adds initial support to drop action 2018-12-24 16:35:41 -03:00
Victor Hora
e3b9f7c913
Fix SecUnicodeMapFile support 
Makes SecUnicodeMapFile read the file and adjust transformation to use the
right variable.
 2018-10-31 22:57:39 -03:00
Felipe Zimmerle
3f0ea90970
Test case skeleton for #1941 2018-10-29 11:14:31 -03:00
Felipe Zimmerle
973c1f1028
Fix rule line number 
Issue #1844
 2018-10-24 21:02:35 -03:00
Felipe Zimmerle
ef7f65db90
Changes debuglogs schema to avoid unecessary str allocation 2018-10-23 17:00:16 -03:00
Felipe Zimmerle
23e0d35d2d
Fix the SecUnicodeMapFile and SecUnicodeCodePage 2018-10-23 17:00:11 -03:00
Felipe Zimmerle
85ecd190d9
Adds full support to UpdateActionById. 
Issue #1800
 2018-10-23 16:26:11 -03:00
Felipe Zimmerle
74841779f8
Adds partial support to UpdateActionById 2018-10-23 16:26:10 -03:00
Felipe Zimmerle
bc3d3f1915
Adds support to setenv action 
Issue #1044
 2018-09-25 10:19:52 -03:00
Felipe Zimmerle
98b9ae659d
Having a better organization for Variables:: 2018-09-24 16:39:48 -03:00
Felipe Zimmerle
ee50fea266
Handling key exceptions on the variable itself 
This is the first step towords to solve #1697
 2018-09-24 16:16:30 -03:00
Felipe Zimmerle
c2bc695265
parser: Fix typo on SanitiseArgs 
Related to: #715 and #1889
 2018-09-12 09:37:34 -03:00
Felipe Zimmerle
9c73c09abd
parser: Updates the generated parser file 2018-09-11 21:01:13 -03:00
Felipe Zimmerle
764a2e43ff
parser: Fix simple quote setvar in the end of the line. 
Fix #1831
 2018-09-11 15:35:26 -03:00
Victor Hora
f999f54eda
Adds support for ctl:requestBodyProcessor=URLENCODED 2018-08-22 22:07:04 -03:00