github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,699 Commits 55 Branches 109 Tags
Commit Graph

2699 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
brectanus
3f7fc7c758 Added string comparison operators: @contains, @is, @beginsWith and @endsWith with support for macro expansion. See #54. 2007-05-01 22:00:34 +00:00
brectanus
0a1610f850 More debug log enhancements - quote values to easier see whitespace. 2007-05-01 21:52:47 +00:00
brectanus
a3c3f25ae0 Fix macro expansion. See #118. 
Fix some debug log output to escape NULs properly in preparation for #54.
Up version to prepare for 2.2.0 pre-releases.
 2007-05-01 21:36:24 +00:00
brectanus
b93eef9db3 Added t:length to transform a value to its character length. See #55. 2007-05-01 15:59:52 +00:00
brectanus
5482606c37 Added t:trimLeft, t:trimRight, t:trim to remove whitespace from a value on the left, right or both. (see trac #117) 2007-05-01 15:55:35 +00:00
brectanus
d9a26780ab Add SecAuditLog2 directive (trac #102) 2007-04-25 20:46:23 +00:00
brectanus
e556a914f9 Remove tabs 2007-04-25 17:53:02 +00:00
rbarnett
f2c96bae2a I added notes about accessing response headers in phase:3 and phase:5. 2007-04-12 18:46:12 +00:00
rbarnett
e72540b0a0 I added the XML and HTML files for the Migration Matrix doc. 2007-04-10 20:23:36 +00:00
brectanus
82fdc7cf3f Format CHANGES to add space before '*' 2007-04-05 17:43:22 +00:00
brectanus
51a5418b4b Update changes to reflect merges into 2.1.x branch 2007-04-05 15:13:22 +00:00
brectanus
eab433187f Add PCRE_DOLLAR_ENDONLY to doc 2007-04-05 14:59:44 +00:00
brectanus
00dcb2714f Add the PCRE_DOLLAR_ENDONLY option when compiling regular expression for the @rx operator and variables. (trac #57) 2007-04-05 01:54:03 +00:00
brectanus
a93c77e9a2 Updated line/num/id debug output with a format that is easier to parse. (trac #47) 2007-03-27 18:00:04 +00:00
brectanus
9e669fcc78 Better CHANGES entry. (trac #43) 2007-03-27 17:47:15 +00:00
brectanus
383119a147 Really set PCRE_DOTALL option when compiling the regular expression for the @rx operator as the docs state. (trac #51) 2007-03-27 17:22:35 +00:00
brectanus
f6de76b053 Removed CGI style HTTP_* variables in favor of REQUEST_HEADERS:Header-Name. (trac #23) 2007-03-27 17:18:21 +00:00
brectanus
485c664a42 Enhance debug log output for capturing to detect all regex/capture mismatches (trac #21). 2007-03-27 17:13:42 +00:00
brectanus
891859f9c5 Revert back to using captured regex execution as it seems to be more effecient as the ovector can be used for working space even if it is not used for captures. 
Warn when captures are used in the regex, but "capture" not specified.
 2007-03-27 15:32:53 +00:00
brectanus
59928bfe60 This was not meant to be checked in yet (trac #42) 2007-03-27 15:28:47 +00:00
brectanus
4676132ed4 Add the file/line to the rule so we can use it in the debug log and eventually in the alerts. 2007-03-21 21:20:35 +00:00
brectanus
58afede3f3 Do not log 'allow' action as intercepted in the debug log. 2007-03-21 14:38:57 +00:00
brectanus
d1ada359dd Optimize regex execution to not capture unless 'capture' action used. 2007-03-21 14:06:36 +00:00
brectanus
09b704f114 Recycle the mptmp pool (trac #43). 2007-03-20 22:15:19 +00:00
brectanus
8876a03ab1 Recycle the mptmp pool (trac #43). 2007-03-20 22:09:04 +00:00
brectanus
f508c0a331 Fix a compile warning. 2007-03-20 22:01:30 +00:00
brectanus
473a471bba Oops, forgot my parens. 2007-03-20 18:27:51 +00:00
brectanus
bce096216e Fixed collection variable name printing in debug log (trac #45) 2007-03-20 18:23:48 +00:00
brectanus
ab55a8716e Fix potential memory corruption in msre_create_var_ex allocating per-request data out of global pool. 2007-03-08 16:15:45 +00:00
brectanus
8898759c47 Add back the check for overflow on length 2007-03-07 16:54:41 +00:00
brectanus
9b56d63145 More generic Makefile 2007-03-07 16:02:20 +00:00
brectanus
4370819f7b Fixed potential DIV0 when a collection var was fetched in the same second as creation 2007-03-07 15:56:22 +00:00
brectanus
4e02be6219 Fixed parsing of ASCIIZ for application/x-www-form-urlencoded forms 2007-03-06 16:14:54 +00:00
brectanus
cf024ded05 Fix segfault when logging NULL text during request reading errors and upcoming fix for sending alerts on such errors. 2007-03-05 22:12:34 +00:00
brectanus
ebdd0400dd Generate an alerts for error log entries for requests we did not process *if* it has a UNIQUE_ID available. 2007-03-02 21:47:13 +00:00
ivanr
8aeff06fc2 Fixed faulty REQUEST_FILENAME. 2007-03-01 12:17:17 +00:00
brectanus
f4fb4ed4f6 Updates to quiet some compiler warnings. 2007-03-01 11:49:56 +00:00
brectanus
79d232ccff Fixed some casting issues for compiling on NetWare (Guenter Knauf). 2007-03-01 11:34:13 +00:00
ivanr
3e95d3c347 Changed version number to 2.1.0. 2007-02-22 13:20:17 +00:00
ivanr
98188bd9b5 Document was not valid DocBook. Fixed. 2007-02-22 13:17:49 +00:00
ivanr
6ebecdb3e5 Small fixes. 2007-02-22 12:49:35 +00:00
ivanr
f9999c440c Downgraded 'Connection reset by peer' from ERROR to NOTICE, as it has nothing to do with us. 2007-02-22 12:14:10 +00:00
ivanr
b57a1f0246 Fixed an invalid conversion specifier. 2007-02-22 11:45:06 +00:00
ivanr
6c5d19ed84 Removed the (harmless) message mentioning LAST_UPDATE_TIME missing. 2007-02-22 11:40:48 +00:00
ivanr
8eb0aa7e4a Updated fix message. 2007-02-22 10:52:49 +00:00
ivanr
f807697e3d SecRuleRemoveById was unable to remove a phase 4 rule. 2007-02-22 10:44:01 +00:00
brectanus
08c231a6b3 Fix some spelling, grammer and formatting issues. 2007-02-13 20:42:07 +00:00
ivanr
c482774094 Branched 2.1.0-rc7 2007-02-06 12:32:03 +00:00
ivanr
3f80fdac3b Import ModSecurity 2.1.0-rc7 2007-02-06 12:29:22 +00:00