ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00

Author	SHA1	Message	Date
brectanus	648037fdb5	Added TX_SEVERITY variable. See #60 .	2007-08-08 22:11:02 +00:00
brectanus	d2fd881c00	Fix typo in CHANGES.	2007-08-08 20:53:00 +00:00
brectanus	f41c27a28c	Added ARGS_GET, ARGS_POST, ARGS_GET_NAME, ARGS_POST_NAMES variables. See #136 .	2007-08-08 20:49:51 +00:00
brectanus	fe8c564ed0	Added MODSEC_BUILD variable. See #38 .	2007-08-08 18:25:03 +00:00
brectanus	2ec596e83a	Fix error message in validateByteRange to include the target variable name. See #157 .	2007-08-08 15:16:26 +00:00
brectanus	5a6ce01429	Added logging of target variable expansion. See #62 .	2007-08-08 14:48:49 +00:00
brectanus	820ba5f1d2	Add debug message when not buffering response body due to MIME type not configured. See trac #63 .	2007-08-06 20:51:21 +00:00
ivanr	892938dee4	Enhanced multipart parsing to support quotted boundaries and LF line terminators (RFC demands CRLF but some applications use only LF).	2007-08-06 14:55:18 +00:00
brectanus	9695f2b816	Improvements in transformation cache (add options, document). Update CHANGES.	2007-08-03 20:25:30 +00:00
brectanus	43f7fa72f5	Remove non-ASCII characters.	2007-08-02 21:20:32 +00:00
brectanus	b761c1c01c	Merge in some doc changes. Fix some doc formatting issues. Update the CHANGES file.	2007-08-02 20:40:37 +00:00
brectanus	72832c1b32	Working on cache enhancements. See trac #14 .	2007-08-02 20:25:06 +00:00
brectanus	3e5e2a06b7	Stricter validation for @validateUtf8Encoding. Capture the match in TX:0 when using "capture" action w/@pm operators.	2007-07-31 19:04:07 +00:00
brectanus	5a38dde99b	Disable XML parsing by default in the included core rules.	2007-07-30 15:34:46 +00:00
ivanr	bafe8ad773	Remove old comment.	2007-07-27 13:31:31 +00:00
ivanr	31f119664f	Updated README files to refer to GPLv2.	2007-07-27 12:45:09 +00:00
ivanr	3facacf92a	Emphasize the need to check REQBODY_PROCESSOR_ERROR in configuration example.	2007-07-27 12:38:54 +00:00
ivanr	73706c8bc6	Update documentation to emphasize the importance of REQBODY_PROCESSOR_ERROR handling.	2007-07-27 12:31:19 +00:00
brectanus	8b9d914ed0	Merge in code fixes to create msr context on request failure.	2007-07-23 22:14:09 +00:00
brectanus	4d03b029f1	Remove the error message on a failed request so we can handle it in a pater phase.	2007-07-19 14:45:43 +00:00
brectanus	9be72c39d1	Update to core rules 1.4.3	2007-07-19 14:18:42 +00:00
brectanus	e251a9bd57	Add back code to send an alert on request failure.	2007-07-19 13:33:46 +00:00
ivanr	656021c20e	Fix typo.	2007-07-17 09:01:13 +00:00
ivanr	bff23e3eba	Updated the rule IDs documentation (reserved ranges).	2007-07-17 08:58:35 +00:00
ivanr	96edb02fe8	Updated documentation to specify libxml is no longer optional.	2007-07-09 15:40:07 +00:00
ivanr	881e8e66c2	Update LICENSE removing part that is not the licence (but can cause confusion).	2007-07-02 15:22:37 +00:00
brectanus	7fbf664ec8	Added cygwin to list of compilers that do not support hidden visibility attribute.	2007-07-02 14:49:56 +00:00
ivanr	8cd8f42d24	Clarified which variables are URL-decoded and which aren't.	2007-07-02 13:56:13 +00:00
ivanr	f19622b04b	Clarified that we are a GPLv2-only project.	2007-06-29 23:23:00 +00:00
ivanr	129a5ab252	Reserved a rule ID range for ScallyWack.	2007-06-29 08:24:33 +00:00
brectanus	698955aae1	Update changes to reflect the 2.2 -> 2.5 change.	2007-06-21 15:45:21 +00:00
brectanus	8dea31635c	Update @within docs according to Ofer's comments. See #134 .	2007-06-21 14:09:13 +00:00
brectanus	19887f9cc6	Added @within string comparison operator with support for macro expansion. See #134 .	2007-06-21 02:21:06 +00:00
brectanus	b58efb3466	Update CHANGES. Reversion from 2.2. to 2.5. Update @pmFromFile to base relative filenames off of rule file path.	2007-06-20 19:58:01 +00:00
ivanr	de739c60c0	Updated documentation for RESPONSE_CONTENT_TYPE and RESPONSE_CONTENT_LENGTH.	2007-06-20 11:17:07 +00:00
ivanr	8de8e44e09	Removed RESPONSE_CONTENT_ENCODING, which never worked as intended.	2007-06-20 11:10:47 +00:00
ivanr	5cb4823c4b	Documented that we do not support atomic updates of persistent variables at this time.	2007-06-20 10:59:37 +00:00
ivanr	1c639cf7dd	Added two payload examples for XPath expression examples.	2007-06-20 10:10:05 +00:00
brectanus	efe52d4e77	Initialize rules tmp pool properly. Update to latest core rules.	2007-06-14 18:48:35 +00:00
brectanus	a4835b73ff	Fix bad merge of mem pool fix from trunk. Update to latest core rules.	2007-06-14 18:46:58 +00:00
brectanus	6569c444d8	Make rules/README UNIX style EOL. Merge another branch/2.1.x change.	2007-06-14 16:42:04 +00:00
brectanus	d55e023bf7	Revert msr_log as macro (still work-in-progress)	2007-06-14 16:13:53 +00:00
brectanus	81d0f84ad3	Update copyright text to Breach Security, Inc. Merge in changes from branches/2.1.x	2007-06-14 16:05:45 +00:00
ivanr	c39723c3aa	Document SecPdfProtectMethod.	2007-06-14 15:48:53 +00:00
ivanr	74738b29b0	Added new directive (SecPdfProtectMethod) to enable the user to choose between using token redirection (falling back on forced download in some cases) and forced download (in all cases).	2007-06-14 15:26:08 +00:00
ivanr	8b843127ba	Revert incorrect change to GET/HEAD detection code. This will teach me to always compile before I commit.	2007-06-14 14:59:48 +00:00
ivanr	c7f5dc3355	Configure PDF protection by token redirection to only work on GET and HEAD requests. If we attempted to work on other request methods we would probably break something as there is no way to preserve request bodies. The default was previously been to work on all requests. This behavious can still be changed using the SecPdfProtectInterceptGETOnly directive but I am going to leave it undocumented.	2007-06-14 14:54:23 +00:00
ivanr	eec279c8d9	Cleanup code.	2007-06-14 14:43:35 +00:00
brectanus	6350e2badc	Do not log alert message for subrequests. See #124 . Cleanup CHANGES.	2007-06-11 21:28:03 +00:00
brectanus	23bd6b4331	Do not pause if we are not the main request. See #124 .	2007-06-11 21:20:07 +00:00

1 2 3

140 Commits