github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,913 Commits 55 Branches 109 Tags
Commit Graph

84 Commits

Author SHA1 Message Date
Felipe Zimmerle
776502e021 Refactoring: changes ModSecurityStringVar to transaction::Variable 
Having the variables and collection in place before start to implement
persistent storage.
 2015-10-28 13:53:07 -03:00
Felipe Zimmerle
7afc07914f Cosmetics: Fix static analysis warnings 2015-10-27 13:58:32 -03:00
Felipe Zimmerle
0285c944f9 Fix collections resolution 2015-10-16 15:34:17 -03:00
Felipe Zimmerle
b497091017 Cosmetics: Fix coding style 2015-09-28 16:32:59 -03:00
Felipe Zimmerle
076a02951c Huge performance improvement: passing variables as pointers avoiding copies 2015-09-18 20:21:12 -03:00
Felipe Zimmerle
ed86c24df6 Adds checks for the NO_LOGS definition and improved the vars resolution time 2015-09-17 17:41:38 -03:00
Felipe Zimmerle
3e067e7409 Core is now ready to deal with SecRulesEngine set to Off 2015-09-17 10:59:56 -03:00
Felipe Zimmerle
11e1a67d58 Fix disruptive action flow while RuleEngine is in DetectionOnly 2015-09-17 10:51:44 -03:00
Felipe Zimmerle
d0c215d78b Adds support for the server log integration 2015-09-17 09:01:52 -03:00
Felipe Zimmerle
5228b685bf Fix disruptive actions execution 2015-09-16 19:43:31 -03:00
Felipe Zimmerle
5b18db779e Makes multipart debug messages goes over modsec debug log not stdout 2015-09-16 15:24:42 -03:00
Felipe Zimmerle
a0a2d2c77e Adds support to read request body from a file 2015-09-15 16:04:27 -03:00
Felipe Zimmerle
5c3a4b608d Adds support to SecMarker and skipAfter 2015-09-08 10:06:37 -03:00
Felipe Zimmerle
aae8036c0c Cosmetics: Fix debug log message 2015-09-02 10:55:35 -03:00
Felipe Zimmerle
fa4f72d90d Adds support to ctl:auditLogParts variation 2015-09-02 10:55:29 -03:00
Felipe Zimmerle
d5fe21ce3c Code cosmetics: reduce the amount of cppcheck warnings 2015-08-12 22:40:26 -03:00
Felipe Zimmerle
9231f507bf Fill PATH_INFO with decoded value 2015-08-10 12:40:46 -03:00
Felipe Zimmerle
317c71e815 Using raw uri value to feed QUERY_STRING variable 2015-08-10 11:18:15 -03:00
Felipe Zimmerle
ce0d81c0da Adds sanity check for inputs 2015-08-10 00:08:02 -03:00
Felipe Zimmerle
f519717bdf Adds support to the msg action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
5fdb5b7d2e Adds support to macro expansion in setvar action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
e12d95b10d Adds support to the TX collection and setvar action 2015-08-07 14:27:43 -03:00
Felipe Zimmerle
be4a0cb41c Adds REQUEST_COOKIES and REQUEST_COOKIES_NAMES variables 2015-08-04 17:57:09 -03:00
Felipe Zimmerle
a4cf218a3e Removes chrono references to make it compile with gcc 4.8.x 2015-08-02 22:14:32 -03:00
Felipe Zimmerle
e016b72a8e Handles better the memory utilization 
- Added reference counts to Rule and AuditLog;
- Some memory leaks were removed, including GeoLookup;
- Deal better with parser errors;
- Overriding the AutlogLogWritter destructor.
 2015-07-26 22:51:57 -03:00
Felipe Zimmerle
b8f7fb441d Adds support to SecRemoteRules and Include directives 
This commit includes a refactoring on important pieces of the parser
to allow it work in a stack fashion. Driver and Rules classes were
simplified and the RulesProperties class was created.
 2015-07-24 22:57:29 -03:00
Felipe Zimmerle
b2bbe24e29 Process the request body even if there is nothing to be done 2015-07-24 18:49:30 -03:00
Felipe Zimmerle
dc0b13ad74 Cosmetic: fix copyright header 2015-07-22 23:03:09 -03:00
Felipe Zimmerle
261ee9f115 Adds support to BodyLimitAction and support for parser errors 2015-07-22 21:31:58 -03:00
Felipe Zimmerle
667586c42e Adds UNIQUE_ID variable 2015-07-22 21:24:21 -03:00
Felipe Zimmerle
d20a47fb03 Adds support to the variables: REMOTE_HOST, SERVER_{ADDR,PORT} 2015-07-22 21:24:18 -03:00
Felipe Zimmerle
ae81bb1433 Adds support to the variables: RESPONSE{BODY,CONTENT_LENGTH,CONTENT_TYPE} 2015-07-22 21:24:14 -03:00
Felipe Zimmerle
ec34f676c6 Adds support to variables: REQUEST_{METHOD,PROTOCOL,URI,URI_RAW} 2015-07-22 21:23:48 -03:00
Felipe Zimmerle
bc925e01e6 Adds support to the REQUEST_LINE variable 2015-07-22 21:23:43 -03:00
Felipe Zimmerle
cb722c74b9 Adds support to REQUEST_HEADERS{_NAMES} and RESPONSE_HEADERS{_NAMES} vars 2015-07-22 21:22:32 -03:00
Felipe Zimmerle
97c0d561f6 Adds suppor to the REQUEST_FILENAME variable 2015-07-22 21:19:36 -03:00
Felipe Zimmerle
94eddfcf48 Adds support to the REQUEST_BODY_LENGTH variable 2015-07-22 21:19:30 -03:00
Felipe Zimmerle
b6221c9811 Adds support to REQUEST_BODY and REQUEST_BASENAME variables 2015-07-22 21:19:15 -03:00
Felipe Zimmerle
dbbb2c526e Adds support to REMOTE_PORT variable 2015-07-21 23:21:15 -03:00
Felipe Zimmerle
e8476771e6 Adds support to REMOTE_HOST variable 2015-07-21 23:14:56 -03:00
Felipe Zimmerle
6af9e8e42a Fix QUERY_STRING variable 
QUERY_STRING should be populated using the raw string.
 2015-07-21 23:02:55 -03:00
Felipe Zimmerle
7f76bb6df1 Adds PATH_INFO variable 2015-07-21 22:29:52 -03:00
Felipe Zimmerle
62fece7823 Adds support to SecResponseBodyLimit directive and OUTBOUND_DATA_ERROR var 2015-07-21 19:46:15 -03:00
Felipe Zimmerle
8e59b1822c Adds support to variable MULTIPART_UNMATCHED_BOUNDARY 2015-07-21 19:33:58 -03:00
Felipe Zimmerle
a9147b76ad Adds support to the MULTIPART_STRICT_ERROR variable 
Still missing to check:
  - MULTIPART_FILE_LIMIT_EXCEEDED
  - REQBODY_PROCESSOR_ERROR
  - MULTIPART_HEADER_FOLDING
  - MULTIPART_INVALID_HEADER_FOLDING
 2015-07-21 17:47:00 -03:00
Felipe Zimmerle
abec93263b Adds support to MULTIPART_CRLF_LF_LINES variable 2015-07-21 15:29:13 -03:00
Felipe Zimmerle
09867791c7 Adds support to MATCHED_VARS variable 2015-07-21 14:21:49 -03:00
Felipe Zimmerle
9d69501961 Adds support to MATCHED_VAR variable 2015-07-21 12:02:14 -03:00
Felipe Zimmerle
9c066e3198 Adds support to the INBOUND_DATA_ERROR variable and SecRequestBodyLimit direc. 2015-07-21 10:02:33 -03:00
Felipe Zimmerle
95c2fed89c Adds support to severity action and HIGHEST_SEVERITY variable 2015-07-21 01:09:13 -03:00