github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,686 Commits 55 Branches 109 Tags
Commit Graph

384 Commits

Author SHA1 Message Date
Felipe Zimmerle
42a472adbd
Check if response body inspection is enabled before process it 2018-05-08 10:59:30 -03:00
Scott Leggett
98b4e75465
Fix LDFLAGS for unit tests. 2018-05-03 13:44:59 -03:00
Robert Paprocki
d0a63aac03
Define m_secmarker_skipped as an integer type 
There's no reason to treat this this as a double, since it
represents a human-readable data value that is only meaningful
as an integer. In doing so we write cleaner audit logs and save
a small amount of space.
 2018-04-24 11:49:13 -03:00
Robert Paprocki
f7beb17570
Fix broken @detectxss operator regression test 2018-04-23 22:11:00 -03:00
Andrei Belov
3d06e1b8b6
Fix github_issue reference in regression test 2018-04-23 22:09:03 -03:00
Andrei Belov
5e65d560f8
Fix utils::string::ssplit() to handle delimiter in the end of string 
This closes #1743.
 2018-04-22 11:37:30 -03:00
Felipe Zimmerle
ff0d451a5c
Fix maxmind test case 2018-03-29 17:24:32 -03:00
Felipe Zimmerle
0ca5994744
Adds support for ctl:ruleRemoveByTag action 2018-03-26 17:01:53 -03:00
Andrei Belov
dcbb06be43
Include all prerequisites for "make check" into dist archive 2018-03-22 23:09:44 -03:00
Andrei Belov
601e0d7040
Adjust tests for @inspectFile operator 2018-03-22 23:06:42 -03:00
Felipe Zimmerle
df169ea108
Adds support for libMaxMind 2018-03-22 19:11:42 -03:00
Victor Hora
22334c9bb6
Adds capture action to detectXSS 2018-03-12 22:10:56 -03:00
Felipe Zimmerle
70ace0faa4
Adds capture action to detectSQLi 2018-03-09 12:58:00 -03:00
Felipe Zimmerle
df25c48f53
Adds capture action to verifyCC 2018-03-09 11:26:24 -03:00
Felipe Zimmerle
77a885da5f
Adds capture action to verifySSN 2018-03-09 09:42:05 -03:00
Felipe Zimmerle
0b494c4cdc
Adds capture action to verifyCPF 2018-03-08 19:05:31 -03:00
Felipe Zimmerle
c8666fae31
Check for disruptive action on SecDefaultAction 2018-02-28 14:02:47 -03:00
Felipe Zimmerle
854a661a2a
Fix gcc compilation issue 2018-02-27 13:22:50 -03:00
Felipe Zimmerle
dca642369e
Fix on top of #1677 2018-02-26 17:53:18 -03:00
Felipe Zimmerle
3539c59a67
Adds regression for base64 transformation 2018-02-23 10:46:28 -03:00
Felipe Zimmerle
e3b6b4ccff
Fix resource load on ip match from file 2018-02-22 21:23:20 -03:00
Felipe Zimmerle
ff782ddfa4
Having LDADD and LDFLAGS organized on Makefile.am 2018-02-21 14:26:47 -03:00
Felipe Zimmerle
de7c5c89bb
Using shared var for variables names 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
a299997e02
Using run time string on the operators 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
cd30509f3a
Fix the debuglogs for the regression tests 2018-02-20 13:39:59 -03:00
Felipe Zimmerle
768a76a61e
perf. improvement/rx: Only compute dynamic regex in case of macro 
On #1528 was added the support for macro expansion on @rx operator.
The performance improvement suggested on the pull request was not
thread safe, therefore removed. This patch adds a performance
improvement on top of #1528. The benchmarks points to 10x faster
results on OWASP CRS.
 2018-02-20 13:39:59 -03:00
Felipe Zimmerle
d162d4e20b
Fix uri on the benchmark utility 2018-02-20 13:39:59 -03:00
michaelgranzow-avi
8bcef41878
Improve benchmark tool 
Benchmark tool: proper initialization of intervention,
get number of iterations from cmd-line, add help message.
 2017-11-17 09:57:31 -03:00
Felipe Zimmerle
9c0ed6109d
Fix assorted minor memory management issues 2017-11-14 09:36:32 -03:00
Felipe Zimmerle
68152d8d29
Adds test case for issue #1576 2017-11-13 22:32:55 -03:00
Felipe Zimmerle
3fb71f32d8
Coding style fixes 2017-11-13 22:32:11 -03:00
Felipe Zimmerle
023e7acbad
Refactoring on the JSON parser 
It also address the issue #1576 and #1577
 2017-11-10 17:26:23 -03:00
Felipe Zimmerle
23cf656f93
Adds support to WEBAPPID variable 2017-11-08 10:28:56 -03:00
Felipe Zimmerle
082a3e3287
Adds support to SecWebAppID 2017-11-08 09:33:14 -03:00
Felipe Zimmerle
37c34f3e65
Adds missing cflags for LUA and SSDEEP 2017-11-07 23:30:48 -03:00
Felipe Zimmerle
ec667a4609
Adds support for SecRuleRemoveByTag 2017-11-07 14:52:50 -03:00
Felipe Zimmerle
4d7fd5c30a
Adds support for update target by message 2017-11-06 23:29:25 -03:00
Felipe Zimmerle
7d7c0c03c5
Adds missing SecRuleScript test case 2017-11-06 23:27:00 -03:00
Felipe Zimmerle
7fa5ca9ba0
Makes lua optional 2017-11-06 00:44:54 -03:00
Felipe Zimmerle
cb3363c7d5
Adds support for the exec action 2017-11-05 23:31:07 -03:00
Felipe Zimmerle
7bec78a5a5
Adds support for transformations inside Lua engine 2017-11-05 23:31:07 -03:00
Felipe Zimmerle
a676f313c3
Initial support for Lua script engine 2017-11-05 23:30:50 -03:00
Felipe Zimmerle
1866a3a9eb
Adds support for the @inspectFile operator 2017-10-31 09:59:17 -03:00
Felipe Zimmerle
1189e9b0ef
Adds support to LUA in configure scripts 2017-10-31 09:59:12 -03:00
Felipe Zimmerle
9369efcb90
Adds support to the collection RESOURCE 2017-10-30 09:07:49 -03:00
Felipe Zimmerle
e6106ae0eb
Fix regression tests for fuzzyHash 2017-10-27 14:47:04 -03:00
Felipe Zimmerle
7622866f97
Adds support for @fuzzyHash 
Issue #997
 2017-10-26 17:44:17 -03:00
Felipe Zimmerle
93e18ca5ea
Support pipes inside quoted variable selection 
As of #1591 the pipe support was disable in the general selection which
was also affecting the quoted selection. This pactch adds the support
for pipes inside the quoted selection only.
 2017-10-20 11:02:42 -03:00
Felipe Zimmerle
30797a458b
Parser: Pipes are no longer welcomed inside regex dict element selection. 
Issue #1591
 2017-10-17 11:46:44 -03:00
Felipe Zimmerle
1518c43d61
Adds test case for issue #1565 2017-10-11 23:19:20 -03:00