github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,214 Commits 55 Branches 109 Tags
Commit Graph

3214 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Brandon Payton
6ad665f6bb Add editorconfig to help OSS contributors 
When switching between many different open source code bases, it can be
cumbersome to constantly change editor settings in order to respect a
given project's basic style preferences. EditorConfig is a popular
format for representing those preferences so editors can automatically
respect them.

Many editors support EditorConfig out of the box, and many others have
EditorConfig plugins:
https://editorconfig.org/#pre-installed

This commit adds an EditorConfig to the ModSecurity project. It is most
likely not perfect because the chosen indentation varies a bit
throughout the project, but hopefully it provides a good basis for most
ModSecurity editing.
 2023-05-05 09:18:03 -04:00
Martin Vierula
1078a7cfab
Change some parms from pass-by-value to reference-to-const 2023-04-29 13:21:00 -07:00
Martin Vierula
8d91a5084f
github workflow: toggle pcre2 instead of ssdeep in Ubuntu tests 2023-04-29 09:26:09 -07:00
Martin Vierula
4fac8d72f4
Address some constParameter complaints from cppcheck 2023-04-28 08:20:37 -07:00
Martin Vierula
e9277e199a
CHANGES entry for previous PR 2023-04-28 06:18:05 -07:00
martinhsv
4050c840f5
Merge pull request #2868 from grnet/v3/fix-multimatch-chain 
Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule
 2023-04-27 14:13:28 -07:00
Marios Levogiannis
12add9aef0
Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule 
Meta-actions can only be used in non-chained rules or in the chain starter
rule of a rule chain. The m_chainedRuleParent member of the RuleWithActions
class is NULL only if the rule is not chained or if it is the chain starter
rule of a rule chain.

Fixes #2867.
 2023-04-27 19:43:01 +03:00
Martin Vierula
808148ce02
CHANGES entry and cppcheck suppression adjustment for prev PR 2023-04-25 15:17:13 -07:00
martinhsv
5b709d9da7
Merge pull request #2866 from grnet/v3/fix-multimatch-tags 
Fix tags not being populated in audit log when multiMatch is enabled
 2023-04-25 07:45:41 -07:00
Martin Vierula
7ca5719526
CHANGES entry for previous PR 2023-04-24 11:33:37 -07:00
martinhsv
7cf0445ad4
Merge pull request #2870 from airween/v3/multipartpartheaderfix 
Set correct line end in case of `MULTIPART_PART_HEADER` variable
 2023-04-24 06:59:16 -07:00
Ervin Hegedüs
6623c0ae29 Changed strip methodology to MULTIPART_PART_HEADERS 2023-04-23 17:32:26 +02:00
Ervin Hegedüs
6fbdee9ff0 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-04-23 17:17:29 +02:00
martinhsv
a830ef634f
Merge pull request #2894 from martinhsv/v3/master 
Configure: use AS_ECHO_N instead echo -n
 2023-04-20 11:55:46 -07:00
Martin Vierula
8d62ac4b04
Configure: use AS_ECHO_N instead echo -n 2023-04-20 07:28:21 -07:00
martinhsv
6fc270e225
Merge pull request #2891 from martinhsv/v3/master 
Adjust position of memset from 2890
 2023-04-19 14:20:32 -07:00
Martin Vierula
b9eb39af83
Adjust position of memset from 2890 2023-04-19 08:13:48 -07:00
Martin Vierula
09568351d9
CHANGES entry for previous PR 2023-04-18 10:59:57 -07:00
martinhsv
5365a17c5e
Merge pull request #2846 from tomsommer/patch-1 
Also test empty lines
 2023-04-18 06:14:10 -07:00
Martin Vierula
f8db5fc85e
Remove no-longer-needed cppcheck suppressions 2023-04-17 19:56:00 -07:00
Martin Vierula
a5320add21
Refactoring: remove two unneeded local vars from multipart parser 2023-04-17 12:29:40 -07:00
Martin Vierula
9ea50a4973 Change arg from pass-by-value (satisify cppcheck) 2023-04-17 07:43:38 -07:00
Martin Vierula
c34bd91a42
CHANGES: Preparing for next version 2023-04-16 16:22:40 -07:00
Martin Vierula
205dac0e8c
Change release version to v3.0.9 v3.0.9 2023-04-12 10:45:09 -07:00
Martin Vierula
49c0561265
CHANGES: wording update 2023-04-12 06:00:20 -07:00
Martin Vierula
dbe107e280
Update some copyright notices 2023-04-11 17:26:09 -07:00
martinhsv
7b1cf0e99e
Merge pull request #2890 from martinhsv/v3/master 
Fix: possible segfault on startup if duplicate ip+CIDR in ip match list
 2023-04-11 10:34:56 -07:00
Martin Vierula
264dd48317 Fix: possible segfault on reload if duplicate ip+CIDR in ip match list 2023-04-11 06:07:47 -07:00
martinhsv
49281b6c0a
Merge pull request #2886 from martinhsv/v3/master 
Add some member variable inits in Transaction class
 2023-04-01 07:44:49 -07:00
Martin Vierula
db84d8cf77 Add some member varialbe inits in Transaction class 2023-03-31 12:41:26 -07:00
Martin Vierula
1feaa7d24b
CHANGES entry for previous PR 2023-03-16 06:22:51 -07:00
martinhsv
ca7040f71b
Merge pull request #2876 from martinhsv/v3/master 
Resolve memory leak (bison-generated position.filename)
 2023-03-15 07:51:58 -07:00
martinhsv
5f632a5ed5
Minor updates to v3 issue template 2023-03-02 10:11:32 -05:00
Ervin Hegedüs
18adbb6fd3 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-02-18 15:24:11 +01:00
Martin Vierula
3311dda0e5
Debug log: enhance message for SecRequestBodyNoFilesLimit 2023-02-17 14:22:27 -08:00
Martin Vierula
55d6aa94e1 Resolve memory leak (bison-generated position.filename) 2023-02-17 09:59:34 -08:00
martinhsv
ea80d31667
Merge pull request #2864 from martinhsv/v3/master 
Support equals sign in XPath expressions
 2023-01-30 06:42:46 -08:00
Ervin Hegedüs
0a296af375 Add regression test case 2023-01-28 21:50:00 +01:00
Ervin Hegedüs
514abeb513 Remove EOL chars from MULTIPART_PART_HEADER variable 2023-01-28 21:48:51 +01:00
Marios Levogiannis
d3a6b6a6fd
Fix tags not being populated in audit log when multiMatch is enabled 
Fixes #2754.
 2023-01-20 13:15:28 +02:00
Martin Vierula
ec1232a69b
Support equals sign in XPath expressions 2023-01-19 08:37:38 -08:00
Martin Vierula
dabf79eec2
CHANGES entry for previous PR 2023-01-19 06:13:08 -08:00
martinhsv
860b1183ac
Merge pull request #2854 from airween/v3/logescape 
Escape log field 'data' value
 2023-01-18 14:36:01 -08:00
Ervin Hegedüs
6dd00be229 Refactorized multiple prototypes 2023-01-18 16:40:52 +01:00
Ervin Hegedüs
d63d8849a8 Remove previously removed fn proto from header 2023-01-18 16:28:47 +01:00
Ervin Hegedüs
cb2df476b6 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/logescape 2023-01-18 08:16:39 +01:00
Ervin Hegedüs
105c5909a1 Add more fields to encode filter: rev, ver and tag 2023-01-17 20:57:51 +01:00
Ervin Hegedüs
c7306d174a Extend utils::string::toHexIfNeeded() to encode '"' and '\' characters optionally 2023-01-17 20:57:03 +01:00
Martin Vierula
62ec4edc42
Regression tests: remove dependency on modsecurity.org 2023-01-17 09:04:46 -08:00
Martin Vierula
69545eade9
Remove some no-longer-used parser definitions 2023-01-13 17:35:08 -08:00