github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,266 Commits 55 Branches 109 Tags
Commit Graph

3266 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Gleydson Soares
b052adf0b8 tweak loadFromUri: zap duplicate words in comment 2022-01-20 10:47:21 -03:00
Martin Vierula
3ee6e108d6
Fix multiMatch msg, etc, population in audit log 2022-01-14 09:25:07 -08:00
Martin Vierula
cb80837e6a
Remove old commented-out re: audit log, relevant 2022-01-08 09:08:25 -08:00
martinhsv
ef1b8d8d98
Merge pull request #2667 from martinhsv/v3/master 
Fix some name handling for ARGS_*NAMES: regex SecRuleUpdateTargetById…
 2022-01-04 15:41:46 -05:00
Martin Vierula
1a965a49ad
Fix some name handling for ARGS_*NAMES: regex SecRuleUpdateTargetById, etc. 2022-01-04 11:47:18 -08:00
Martin Vierula
76ce6739bf
Correct previous CHANGES update 2021-12-30 09:55:44 -08:00
Martin Vierula
630b1e0a46
CHANGES: Adds info about #2635 2021-12-30 09:47:53 -08:00
martinhsv
2de14cb000
Merge pull request #2635 from Mesar-Ali/patch-1 
Adjust confusing variable name in setRequestBody method
 2021-12-30 11:29:37 -05:00
Mesar ali
f82b98c04d
Confusing variable name in setRequestBody method 2021-12-30 08:55:51 +05:30
martinhsv
52958fa73c
Merge pull request #2661 from martinhsv/v3/master 
Multipart names may include single quote if double-quote enclosed
 2021-12-23 12:37:11 -05:00
Martin Vierula
f34b49f666
Multipart names may include single quote if double-quote enclosed 2021-12-23 08:02:43 -08:00
martinhsv
c072ac29eb
Merge pull request #2656 from martinhsv/v3/master 
Add SecRequestBodyJsonDepthLimit to modsecurity.conf-recommended
 2021-12-22 10:54:24 -05:00
Martin Vierula
0275c8847b
Add SecRequestBodyJsonDepthLimit to modsecurity.conf-recommended 2021-12-21 06:18:53 -08:00
Martin Vierula
19d50f4da4
Add a const to satisfy cppcheck 2021-12-20 09:41:38 -08:00
Martin Vierula
13e8be83c5
CHANGES: Preparing for next version 2021-12-20 06:38:45 -08:00
Martin Vierula
c3d7f4b560
Change release version to v3.0.6 v3.0.6 2021-11-19 11:23:27 -08:00
Martin Vierula
d16c3250a9
Add a few cppcheck suppressions 2021-11-16 11:26:16 -08:00
martinhsv
d8afc4029b
Merge pull request #2642 from martinhsv/v3/master 
Support configurable limit on depth of JSON parsing
 2021-11-15 22:28:49 -05:00
Martin Vierula
ac79c1c29b
Support configurable limit on depth of JSON parsing 2021-11-15 18:51:25 -08:00
Mesar ali
5aec781d39
Confusing variable name in setRequestBody method 2021-11-02 12:35:29 +05:30
EarlRoth
ec86b242e1
Update README.md 2021-09-13 16:28:54 -06:00
Howard Chu
a6e1074844 Fix #2601 misuses of LMDB API 
Only open DBI once, doesn't need closing.
Never reuse a txn handle after commit.
Use MDB_RDONLY for txns that aren't doing any writes
 2021-08-09 14:28:54 +01:00
Fabrice Fontaine
d2b700d7af build/libmaxmind.m4: fix build with host-pkgconf 
Build with maxminddb is broken since version 3.0.5 and
785958f9b5
because libmaxminddb has been removed from MAXMIND_POSSIBLE_LIB_NAMES

So, as suggested by Arnout in #2131, don't use
MAXMIND_POSSIBLE_LIB_NAMES for pkg-config, because it was never called
anything other than libmaxminddb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 2021-07-25 18:35:59 +02:00
Filip Sandborg-Olsen
465db29b76 docs: correct project name 2021-07-09 10:22:51 -03:00
Felipe Zimmerle
873a94a73f CHANGES: Preparing for a next version 2021-07-09 10:21:10 -03:00
Felipe Zimmerle
bf881a4eda Change release version to v3.0.5 v3.0.5 2021-07-07 10:13:14 -03:00
martinhsv
cd5fba8974 Handle URI received with uri-fragment 2021-07-05 14:51:21 -03:00
martinhsv
faad65d385
Merge pull request #2586 from martinhsv/v3/master 
Add commented-out sample rule to engage JSON Processor for more subtypes
 2021-07-03 13:15:16 -04:00
martinhsv
bffd68e4d1
Add commented-out sample rule to engage JSON Processor for more subtypes 2021-06-30 11:38:52 -07:00
Felipe Zimmerle
5a0ae73ba6
Update README.md 2021-06-21 13:30:52 -03:00
Takaya Saeki
3bfe4b81af build: Fix pcre's JIT support detection was not working 2021-05-24 10:33:11 -03:00
Felipe Zimmerle
662c05f89b build: Adding a new path while searching for liblua. 
Alpine has a different folder to hold concurrent versions of
Lua. This commit address issue #2560.
 2021-05-24 10:33:11 -03:00
Felipe Zimmerle
a589f6b693 Build: using PKG-CONFIG in a new fashion 
Trying to avoid bulid errors if pkg-config is available.
 2021-05-24 10:33:11 -03:00
Kedu SCCL
754daebfb0 Update README.md 
Fixed typo in README
 2021-05-24 08:50:10 -03:00
martinhsv
65e7e474b1
fix missing parentheses in filename* parsing 2021-05-11 13:46:50 -07:00
Felipe Zimmerle
7fccb0d225 Cosmetic: pleasing cppcheck 2021-05-11 10:27:58 -03:00
Felipe Zimmerle
6fdba42c02 Cosmetics: Having cppcheck pleased 
(...) remove_comments.cc,62,style,knownConditionTrueFalse,Condition 'incomment==0' is always true
(...) remove_comments.cc,66,style,knownConditionTrueFalse,Condition 'incomment==0' is always true
(...) remove_comments.cc,69,style,knownConditionTrueFalse,Condition 'incomment==0' is always true
 2021-05-10 12:32:09 -03:00
Felipe Zimmerle
66ba7b065a Cosmetic: fix static warning 2021-05-04 21:04:21 -03:00
Felipe Zimmerle
1e2ccc1578 test: Fix optimization test 2021-05-04 12:57:09 -03:00
Neil Craig
1376882f7d Fix typo 2021-04-29 14:28:28 -03:00
Felipe Zimmerle
4127c1bf52
README: States the sponsor note 2021-03-08 09:36:02 -03:00
Felipe Zimmerle
a18d18a28f
Revert "Adds hyperscan to the build matrix" 
This reverts commit a496865e9606cc3a159dc7d4269f33589f4ef32c.
 2021-02-26 11:33:18 -03:00
Felipe Zimmerle
4cdcc15334
Revert "Adds suppor for HyperScan in the bulid system" 
This reverts commit 912704b6d4e45aa601b87c5a4cf4b6061d1bbccb.
 2021-02-26 11:33:12 -03:00
Felipe Zimmerle
a496865e96
Adds hyperscan to the build matrix 2021-02-26 11:23:29 -03:00
Felipe Zimmerle
912704b6d4
Adds suppor for HyperScan in the bulid system 2021-02-26 11:15:02 -03:00
Felipe Zimmerle
2e69ce6ccf
build: Fix curl include path 
Issue #2519
 2021-02-24 13:20:24 -03:00
Felipe Zimmerle
50fc347ed4
Fix rules dump 
The unique pointer for file name was being used multiple times
on SecMarker.
 2021-02-04 11:07:22 -03:00
martinhsv
6ca028b6f5
Fix memory leak in rx operator when pattern includes macro 2021-01-25 19:39:10 -03:00
Felipe Zimmerle
9764b1fb3b
CHANGES: Fix entry for ARGS_NAMES 2021-01-25 14:59:17 -03:00
Felipe Zimmerle
53d36ab63a
Updates libInjection 
* Updates libInjection repository to libinjection.github.io
 * Update libInjection to version 3.9.2, plus:
   - Pass the correct pointer to memmem()
     In parse_money(), if there is a "$foobar$", it calls memmem() to
     find it again. Wrong pointer can cause itself to backtrack in a
     dead loop and hang the entire process.
   - Addresses some issues reported by cppcheck, including an overflow
     on parse_slash.
 2021-01-25 14:16:22 -03:00