github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,616 Commits 55 Branches 109 Tags
Commit Graph

372 Commits

Author SHA1 Message Date
Felipe Zimmerle
70ace0faa4
Adds capture action to detectSQLi 2018-03-09 12:58:00 -03:00
Felipe Zimmerle
df25c48f53
Adds capture action to verifyCC 2018-03-09 11:26:24 -03:00
Felipe Zimmerle
77a885da5f
Adds capture action to verifySSN 2018-03-09 09:42:05 -03:00
Felipe Zimmerle
0b494c4cdc
Adds capture action to verifyCPF 2018-03-08 19:05:31 -03:00
Felipe Zimmerle
c8666fae31
Check for disruptive action on SecDefaultAction 2018-02-28 14:02:47 -03:00
Felipe Zimmerle
854a661a2a
Fix gcc compilation issue 2018-02-27 13:22:50 -03:00
Felipe Zimmerle
dca642369e
Fix on top of #1677 2018-02-26 17:53:18 -03:00
Felipe Zimmerle
3539c59a67
Adds regression for base64 transformation 2018-02-23 10:46:28 -03:00
Felipe Zimmerle
e3b6b4ccff
Fix resource load on ip match from file 2018-02-22 21:23:20 -03:00
Felipe Zimmerle
ff782ddfa4
Having LDADD and LDFLAGS organized on Makefile.am 2018-02-21 14:26:47 -03:00
Felipe Zimmerle
de7c5c89bb
Using shared var for variables names 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
a299997e02
Using run time string on the operators 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
cd30509f3a
Fix the debuglogs for the regression tests 2018-02-20 13:39:59 -03:00
Felipe Zimmerle
768a76a61e
perf. improvement/rx: Only compute dynamic regex in case of macro 
On #1528 was added the support for macro expansion on @rx operator.
The performance improvement suggested on the pull request was not
thread safe, therefore removed. This patch adds a performance
improvement on top of #1528. The benchmarks points to 10x faster
results on OWASP CRS.
 2018-02-20 13:39:59 -03:00
Felipe Zimmerle
d162d4e20b
Fix uri on the benchmark utility 2018-02-20 13:39:59 -03:00
michaelgranzow-avi
8bcef41878
Improve benchmark tool 
Benchmark tool: proper initialization of intervention,
get number of iterations from cmd-line, add help message.
 2017-11-17 09:57:31 -03:00
Felipe Zimmerle
9c0ed6109d
Fix assorted minor memory management issues 2017-11-14 09:36:32 -03:00
Felipe Zimmerle
68152d8d29
Adds test case for issue #1576 2017-11-13 22:32:55 -03:00
Felipe Zimmerle
3fb71f32d8
Coding style fixes 2017-11-13 22:32:11 -03:00
Felipe Zimmerle
023e7acbad
Refactoring on the JSON parser 
It also address the issue #1576 and #1577
 2017-11-10 17:26:23 -03:00
Felipe Zimmerle
23cf656f93
Adds support to WEBAPPID variable 2017-11-08 10:28:56 -03:00
Felipe Zimmerle
082a3e3287
Adds support to SecWebAppID 2017-11-08 09:33:14 -03:00
Felipe Zimmerle
37c34f3e65
Adds missing cflags for LUA and SSDEEP 2017-11-07 23:30:48 -03:00
Felipe Zimmerle
ec667a4609
Adds support for SecRuleRemoveByTag 2017-11-07 14:52:50 -03:00
Felipe Zimmerle
4d7fd5c30a
Adds support for update target by message 2017-11-06 23:29:25 -03:00
Felipe Zimmerle
7d7c0c03c5
Adds missing SecRuleScript test case 2017-11-06 23:27:00 -03:00
Felipe Zimmerle
7fa5ca9ba0
Makes lua optional 2017-11-06 00:44:54 -03:00
Felipe Zimmerle
cb3363c7d5
Adds support for the exec action 2017-11-05 23:31:07 -03:00
Felipe Zimmerle
7bec78a5a5
Adds support for transformations inside Lua engine 2017-11-05 23:31:07 -03:00
Felipe Zimmerle
a676f313c3
Initial support for Lua script engine 2017-11-05 23:30:50 -03:00
Felipe Zimmerle
1866a3a9eb
Adds support for the @inspectFile operator 2017-10-31 09:59:17 -03:00
Felipe Zimmerle
1189e9b0ef
Adds support to LUA in configure scripts 2017-10-31 09:59:12 -03:00
Felipe Zimmerle
9369efcb90
Adds support to the collection RESOURCE 2017-10-30 09:07:49 -03:00
Felipe Zimmerle
e6106ae0eb
Fix regression tests for fuzzyHash 2017-10-27 14:47:04 -03:00
Felipe Zimmerle
7622866f97
Adds support for @fuzzyHash 
Issue #997
 2017-10-26 17:44:17 -03:00
Felipe Zimmerle
93e18ca5ea
Support pipes inside quoted variable selection 
As of #1591 the pipe support was disable in the general selection which
was also affecting the quoted selection. This pactch adds the support
for pipes inside the quoted selection only.
 2017-10-20 11:02:42 -03:00
Felipe Zimmerle
30797a458b
Parser: Pipes are no longer welcomed inside regex dict element selection. 
Issue #1591
 2017-10-17 11:46:44 -03:00
Felipe Zimmerle
1518c43d61
Adds test case for issue #1565 2017-10-11 23:19:20 -03:00
Victor Hora
63bef3d142
Support to JSON stuff on serial logging 2017-10-09 09:02:31 -03:00
asterite
10c4f9b1b2
add a test for macro expansion in @rx 2017-10-06 20:30:04 +00:00
Felipe Zimmerle
210e72aa21
Consideres under quote variable while loading the rules 2017-10-06 20:25:20 +00:00
Felipe Zimmerle
9069a453e5
Revert "Treating ARGS_NAMES as an array instead of scalar" 
This reverts commit 1d3c4c670db1bb475c83cd2f24455bb5bd6ee6a4.
 2017-08-24 00:10:42 -03:00
Felipe Zimmerle
1d3c4c670d
Treating ARGS_NAMES as an array instead of scalar 
Both value and key are the same.
 2017-08-22 18:26:56 -03:00
Felipe Zimmerle
5e76d85636
Update test cases to include test propesed at #1523 2017-08-20 20:08:17 -03:00
asterite
58872e7eda
adds a test for validateByteRange with bytes > 127 2017-08-20 20:07:54 -03:00
Lasse Karstensen
7665d96a13
Improve action-allow test titles 2017-08-20 20:00:28 -03:00
Lasse Karstensen
fc06915cc6
Extend RESPONSE_BODY test case. 2017-08-20 20:00:07 -03:00
Felipe Zimmerle
31655e2c9b
Updates secrules-language-tests 2017-08-20 19:57:58 -03:00
asterite
b8789ab9f4
add a test for negated implicit @rx operator 2017-08-20 19:39:18 -03:00
Felipe Zimmerle
9d4ed52518
test: Counts the disabled tests as skiped on the test summary 2017-08-20 19:33:53 -03:00