github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,461 Commits 55 Branches 109 Tags
Commit Graph

388 Commits

Author SHA1 Message Date
Felipe Zimmerle
a299997e02
Using run time string on the operators 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
6a97dbee7a
Using stack to save parser state 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
b5e996602c
Removes useless state 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
2d892a3176
Adds support for multipart vars on the parser 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
6fe8655ed9
Adds support for RunTimeString 
Using RunTimeStrings instead of runtime parser for
macro expansion.
 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
768a76a61e
perf. improvement/rx: Only compute dynamic regex in case of macro 
On #1528 was added the support for macro expansion on @rx operator.
The performance improvement suggested on the pull request was not
thread safe, therefore removed. This patch adds a performance
improvement on top of #1528. The benchmarks points to 10x faster
results on OWASP CRS.
 2018-02-20 13:39:59 -03:00
Felipe Zimmerle
eaa4770c5d
Fix issue related to Lua script load 2017-12-13 16:20:18 -03:00
Felipe Zimmerle
23cf656f93
Adds support to WEBAPPID variable 2017-11-08 10:28:56 -03:00
Felipe Zimmerle
082a3e3287
Adds support to SecWebAppID 2017-11-08 09:33:14 -03:00
Felipe Zimmerle
ec667a4609
Adds support for SecRuleRemoveByTag 2017-11-07 14:52:50 -03:00
Felipe Zimmerle
4d7fd5c30a
Adds support for update target by message 2017-11-06 23:29:25 -03:00
Felipe Zimmerle
e52bd7d635
Adds support to SecRuleScript directive 2017-11-05 23:31:16 -03:00
Felipe Zimmerle
cb3363c7d5
Adds support for the exec action 2017-11-05 23:31:07 -03:00
Felipe Zimmerle
a676f313c3
Initial support for Lua script engine 2017-11-05 23:30:50 -03:00
Felipe Zimmerle
1866a3a9eb
Adds support for the @inspectFile operator 2017-10-31 09:59:17 -03:00
Felipe Zimmerle
9369efcb90
Adds support to the collection RESOURCE 2017-10-30 09:07:49 -03:00
Felipe Zimmerle
7622866f97
Adds support for @fuzzyHash 
Issue #997
 2017-10-26 17:44:17 -03:00
Felipe Zimmerle
93e18ca5ea
Support pipes inside quoted variable selection 
As of #1591 the pipe support was disable in the general selection which
was also affecting the quoted selection. This pactch adds the support
for pipes inside the quoted selection only.
 2017-10-20 11:02:42 -03:00
Felipe Zimmerle
30797a458b
Parser: Pipes are no longer welcomed inside regex dict element selection. 
Issue #1591
 2017-10-17 11:46:44 -03:00
Victor Hora
63bef3d142
Support to JSON stuff on serial logging 2017-10-09 09:02:31 -03:00
Felipe Zimmerle
210e72aa21
Consideres under quote variable while loading the rules 2017-10-06 20:25:20 +00:00
Mirko Dziadzka
5c737c2c06
Treat _NAMES variables as collections (#5) 
* Treat _NAMES variables as collections

* Fix an issue with the offset of ARGS_NAMES.

* Fix regression tests for the new behaviour.

* Add generated seclang files.
 2017-08-24 00:39:21 -03:00
Felipe Zimmerle
9069a453e5
Revert "Treating ARGS_NAMES as an array instead of scalar" 
This reverts commit 1d3c4c670db1bb475c83cd2f24455bb5bd6ee6a4.
 2017-08-24 00:10:42 -03:00
Felipe Zimmerle
1d3c4c670d
Treating ARGS_NAMES as an array instead of scalar 
Both value and key are the same.
 2017-08-22 18:26:56 -03:00
Felipe Zimmerle
81879cd131
parser: SecRequestBodyInMemoryLimit is now returning an error msg 2017-08-22 10:44:35 -03:00
Felipe Zimmerle
2cf636cf76
parser: Adds generated parser files after 0xfce65 2017-08-21 23:41:37 -03:00
asterite
0be821ded7
change parsing of SetVar actions 
Change tokenization of SetVar expressions and use syntax
analyzer (seclang-parser) to process them. More precisely:
 1 SetVar expression is tokenized in two modes, quoted and
   not quoted, depending on whether it started with single
   quote (')
 2 Variable name and value can consist of multiple tokens,
   which are assembled back in syntax analyzer.
This allows to support escapes (escape single/double quote,
spaces etc.) and correctly detect where the expression ends.
Fixes #1529
 2017-08-21 23:39:12 -03:00
Felipe Zimmerle
e0ebf28540
Adds `$' as a valid character in ruleRemoveTargetById 
Issue #1533
 2017-08-21 22:59:12 -03:00
asterite
039bd2cc84
fix negated implicit @rx operator 
When an operator starts with '!' and no explicit operator
is specified, a negated @rx operator should be created.
Due to a bug, a regular @rx operator with regex starting
with '!' was created. This commit fixes it
 2017-08-20 19:39:05 -03:00
Lasse Karstensen
09ee471498
Handle zero byte rule files correctly. 
This corrects the stalling behaviour seen when trying to parse an empty
rule file.

Fixes: #1521
 2017-08-20 09:37:10 -03:00
Felipe Zimmerle
945ee27a85 parser: Adds SecRuleUpdateActionById is not yet supported 2017-08-17 15:08:38 -03:00
Felipe Zimmerle
d7eab6b7a3 Adds support to SecRuleRemoveByMsg 2017-08-16 23:42:13 -03:00
Felipe Zimmerle
562c2b2f5a parser: Adds support to tag action without quotes 2017-08-16 22:29:42 -03:00
Felipe Zimmerle
b4051246b1 Adds support to SecResponseBodyMimeTypesClear 2017-08-16 22:21:03 -03:00
Felipe Zimmerle
48f1470269 Adds support to SecArgumentSeparator 2017-08-16 18:27:51 -03:00
Felipe Zimmerle
a302538521 parser: Adds SecWebAppId not supported note 2017-08-16 17:31:59 -03:00
Felipe Zimmerle
2c4e65f7ee parser: Adds support to quoted paramenter in SecDataDir 2017-08-16 17:17:39 -03:00
Felipe Zimmerle
bb2fe0e039 parser: Adds note saying that SecServerSignature is not supported 2017-08-16 17:14:42 -03:00
Felipe Zimmerle
e6cfd5379d parser: Adds SecRuleScript not implemented note 2017-08-16 17:00:36 -03:00
Felipe Zimmerle
cd533e00e7 parser: Adds support to quoted arguments on SecUploadDir 2017-08-16 10:17:51 -03:00
Felipe Zimmerle
b5d0dc2409 paser: Adds support for quoted argument on SecTmpDir 2017-08-16 09:51:56 -03:00
Felipe Zimmerle
5ffc5c1633 parser: Adds support to quoted arguments in asorted configurations 2017-08-16 09:37:34 -03:00
Felipe Zimmerle
9abc37157d parser: Adds msg: ContentInjection is not yet supported 2017-08-16 09:21:23 -03:00
Felipe Zimmerle
06447ea3d4 parser: Adds support to double quotes on adit logs file 2017-08-16 00:18:06 -03:00
Felipe Zimmerle
c525cbfb20 parser: Adds ability to inform auditlog status without quotes 2017-08-16 00:17:58 -03:00
Felipe Zimmerle
9ee412735d parser: Improves the reading for the url in the redirect action 2017-08-15 15:18:52 -03:00
Felipe Zimmerle
8c66a1b4c2 Adds support to double quotes on debug logs conf 2017-08-15 14:20:39 -03:00
Victor Hora
53ff0e1a57
Adds initial support to SecHttpBlKey 2017-07-29 00:12:14 -03:00
Felipe Zimmerle
4bec6b0019
Adds support to ctl:ruleEngine 2017-07-27 22:05:10 -03:00
Felipe Zimmerle
e14dc602e5 Adds support to SecRuleUpdateTargetById 2017-07-04 13:13:13 -07:00