github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,582 Commits 55 Branches 109 Tags
Commit Graph

3582 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
brectanus
e887faac2b Add @pm/@pmfile operators (parallel patch). See #16. 2007-05-30 22:02:35 +00:00
brectanus
f53c4241fd Add entry to CHANGES. 2007-05-30 16:13:22 +00:00
brectanus
db04c64420 Cleanup 2007-05-30 16:10:17 +00:00
brectanus
af6160b9c4 Fixed problem with subrequests not being intercepted. See #124. 2007-05-30 14:14:00 +00:00
brectanus
c594c205c3 Fix new string operators to all resolve macros. 
Rename startsWith operator in code to match docs.
See #54.
 2007-05-29 14:58:05 +00:00
brectanus
6cc0173cfa Add caching for transformations. See #14. 2007-05-25 21:14:59 +00:00
brectanus
61238ca22f Argh! That last one was not meant to be checked in - reverting 281. 2007-05-25 21:01:11 +00:00
brectanus
e11ff85421 Fixed log_escape_raw when length was <= 0 2007-05-25 20:56:03 +00:00
brectanus
220abd3444 Quiet uninitialized warning. 2007-05-24 21:56:34 +00:00
brectanus
a1a0c24b88 Do not compile on Solaris with visibility attributes. 2007-05-23 16:04:25 +00:00
brectanus
3fbf2b93c9 Modify docs for t:urlDecodeUni. (See #122) 2007-05-21 17:25:47 +00:00
brectanus
a627e96c75 Lessen "capture" debug log messages. 2007-05-17 12:02:59 +00:00
brectanus
eaa8e444dd Fixed decoding full-width unicode in t:urlDecodeUni for ASCII range 0xFF01-0xFF5E. Probably need more work/testing. (See #122) 2007-05-16 20:09:28 +00:00
brectanus
97a1718d39 Only calculate debug data when we are debugging. 
NOTE: Last commit message was wrong.
 2007-05-16 19:55:13 +00:00
brectanus
e03ea11f9a Only calculate debug data when we are debugging. 2007-05-16 19:48:21 +00:00
brectanus
b60f206976 Remove use of GNU extention strnlen(). 
Fix CHANGES.
 2007-05-16 19:37:27 +00:00
brectanus
a68eb04884 Add geo lookup support. See #22. 2007-05-11 16:14:11 +00:00
ivanr
d8abb48ad9 Fixed a problem with content injection that resulted in content being injected twice. 2007-05-11 11:04:34 +00:00
brectanus
2733cc739a Do not try to intercept a request after a failed rule. (See #53) 2007-05-10 04:28:37 +00:00
ivanr
dfde8169e6 Documented the PDF XSS protection functionality. It's not much but it will do for now. 2007-05-03 17:02:37 +00:00
ivanr
f1d4e0e2ff Documented RESPONSE_CONTENT_LENGTH and RESPONSE_CONTENT_TYPE. 2007-05-03 16:47:34 +00:00
ivanr
d8418c3aa3 Documented SecContentInjection, append, and prepend. 2007-05-03 16:41:12 +00:00
brectanus
c0c5d8d894 Removed extraneous symbols from dso via DSOLOCAL. 2007-05-03 16:17:42 +00:00
ivanr
fca9eabafe Merged the PDF XSS protection functionality into ModSecurity. 2007-05-03 12:09:24 +00:00
brectanus
c559f3ee21 Change @eq to @streq. See #54. 2007-05-03 03:41:29 +00:00
brectanus
2aa6e61605 Exported API for registering custom variables. See #120. 
Simple example in api/mod_var_remote_host_port.c
 2007-05-03 03:26:30 +00:00
brectanus
b47059a5b3 Remove docs for HTTP_* vars. See #23. 2007-05-03 01:52:47 +00:00
brectanus
cd62f20022 Add docs for new transformations and operators. See #54, #55 and #117. 2007-05-02 17:00:13 +00:00
brectanus
0c234c115e Cleanup debug log output: add rev to 'Invoking rule' line, remove clearing mem pool line. 2007-05-02 16:00:20 +00:00
ivanr
fa13b02f7f Updated the CHANGES file with the RESPONSE_* variable changes. 2007-05-02 11:23:21 +00:00
ivanr
e0a8602929 Added experiemental support for content injection. 2007-05-02 11:22:09 +00:00
ivanr
20c0b11dd9 Added experimental RESPONSE_CONTENT_LENGTH, RESPONSE_CONTENT_TYPE. 2007-05-02 10:02:20 +00:00
ivanr
3661a294a4 Added experimental RESPONSE_CONTENT_ENCODING. 2007-05-02 09:06:39 +00:00
brectanus
3f7fc7c758 Added string comparison operators: @contains, @is, @beginsWith and @endsWith with support for macro expansion. See #54. 2007-05-01 22:00:34 +00:00
brectanus
0a1610f850 More debug log enhancements - quote values to easier see whitespace. 2007-05-01 21:52:47 +00:00
brectanus
a3c3f25ae0 Fix macro expansion. See #118. 
Fix some debug log output to escape NULs properly in preparation for #54.
Up version to prepare for 2.2.0 pre-releases.
 2007-05-01 21:36:24 +00:00
brectanus
b93eef9db3 Added t:length to transform a value to its character length. See #55. 2007-05-01 15:59:52 +00:00
brectanus
5482606c37 Added t:trimLeft, t:trimRight, t:trim to remove whitespace from a value on the left, right or both. (see trac #117) 2007-05-01 15:55:35 +00:00
brectanus
d9a26780ab Add SecAuditLog2 directive (trac #102) 2007-04-25 20:46:23 +00:00
brectanus
e556a914f9 Remove tabs 2007-04-25 17:53:02 +00:00
rbarnett
f2c96bae2a I added notes about accessing response headers in phase:3 and phase:5. 2007-04-12 18:46:12 +00:00
rbarnett
e72540b0a0 I added the XML and HTML files for the Migration Matrix doc. 2007-04-10 20:23:36 +00:00
brectanus
82fdc7cf3f Format CHANGES to add space before '*' 2007-04-05 17:43:22 +00:00
brectanus
51a5418b4b Update changes to reflect merges into 2.1.x branch 2007-04-05 15:13:22 +00:00
brectanus
eab433187f Add PCRE_DOLLAR_ENDONLY to doc 2007-04-05 14:59:44 +00:00
brectanus
00dcb2714f Add the PCRE_DOLLAR_ENDONLY option when compiling regular expression for the @rx operator and variables. (trac #57) 2007-04-05 01:54:03 +00:00
brectanus
a93c77e9a2 Updated line/num/id debug output with a format that is easier to parse. (trac #47) 2007-03-27 18:00:04 +00:00
brectanus
9e669fcc78 Better CHANGES entry. (trac #43) 2007-03-27 17:47:15 +00:00
brectanus
383119a147 Really set PCRE_DOTALL option when compiling the regular expression for the @rx operator as the docs state. (trac #51) 2007-03-27 17:22:35 +00:00
brectanus
f6de76b053 Removed CGI style HTTP_* variables in favor of REQUEST_HEADERS:Header-Name. (trac #23) 2007-03-27 17:18:21 +00:00