Felipe Zimmerle
77a885da5f
Adds capture action to verifySSN
2018-03-09 09:42:05 -03:00
Felipe Zimmerle
0b494c4cdc
Adds capture action to verifyCPF
2018-03-08 19:05:31 -03:00
Felipe Zimmerle
c8666fae31
Check for disruptive action on SecDefaultAction
2018-02-28 14:02:47 -03:00
Felipe Zimmerle
3539c59a67
Adds regression for base64 transformation
2018-02-23 10:46:28 -03:00
Felipe Zimmerle
e3b6b4ccff
Fix resource load on ip match from file
2018-02-22 21:23:20 -03:00
Felipe Zimmerle
de7c5c89bb
Using shared var for variables names
2018-02-20 13:40:01 -03:00
Felipe Zimmerle
a299997e02
Using run time string on the operators
2018-02-20 13:40:00 -03:00
Felipe Zimmerle
68152d8d29
Adds test case for issue #1576
2017-11-13 22:32:55 -03:00
Felipe Zimmerle
023e7acbad
Refactoring on the JSON parser
...
It also address the issue #1576 and #1577
2017-11-10 17:26:23 -03:00
Felipe Zimmerle
23cf656f93
Adds support to WEBAPPID variable
2017-11-08 10:28:56 -03:00
Felipe Zimmerle
082a3e3287
Adds support to SecWebAppID
2017-11-08 09:33:14 -03:00
Felipe Zimmerle
ec667a4609
Adds support for SecRuleRemoveByTag
2017-11-07 14:52:50 -03:00
Felipe Zimmerle
4d7fd5c30a
Adds support for update target by message
2017-11-06 23:29:25 -03:00
Felipe Zimmerle
7d7c0c03c5
Adds missing SecRuleScript test case
2017-11-06 23:27:00 -03:00
Felipe Zimmerle
7fa5ca9ba0
Makes lua optional
2017-11-06 00:44:54 -03:00
Felipe Zimmerle
cb3363c7d5
Adds support for the exec action
2017-11-05 23:31:07 -03:00
Felipe Zimmerle
7bec78a5a5
Adds support for transformations inside Lua engine
2017-11-05 23:31:07 -03:00
Felipe Zimmerle
a676f313c3
Initial support for Lua script engine
2017-11-05 23:30:50 -03:00
Felipe Zimmerle
1866a3a9eb
Adds support for the @inspectFile operator
2017-10-31 09:59:17 -03:00
Felipe Zimmerle
9369efcb90
Adds support to the collection RESOURCE
2017-10-30 09:07:49 -03:00
Felipe Zimmerle
e6106ae0eb
Fix regression tests for fuzzyHash
2017-10-27 14:47:04 -03:00
Felipe Zimmerle
7622866f97
Adds support for @fuzzyHash
...
Issue #997
2017-10-26 17:44:17 -03:00
Felipe Zimmerle
93e18ca5ea
Support pipes inside quoted variable selection
...
As of #1591 the pipe support was disable in the general selection which
was also affecting the quoted selection. This pactch adds the support
for pipes inside the quoted selection only.
2017-10-20 11:02:42 -03:00
Felipe Zimmerle
30797a458b
Parser: Pipes are no longer welcomed inside regex dict element selection.
...
Issue #1591
2017-10-17 11:46:44 -03:00
Felipe Zimmerle
1518c43d61
Adds test case for issue #1565
2017-10-11 23:19:20 -03:00
asterite
10c4f9b1b2
add a test for macro expansion in @rx
2017-10-06 20:30:04 +00:00
Felipe Zimmerle
210e72aa21
Consideres under quote variable while loading the rules
2017-10-06 20:25:20 +00:00
Felipe Zimmerle
9069a453e5
Revert "Treating ARGS_NAMES as an array instead of scalar"
...
This reverts commit 1d3c4c670db1bb475c83cd2f24455bb5bd6ee6a4.
2017-08-24 00:10:42 -03:00
Felipe Zimmerle
1d3c4c670d
Treating ARGS_NAMES as an array instead of scalar
...
Both value and key are the same.
2017-08-22 18:26:56 -03:00
asterite
58872e7eda
adds a test for validateByteRange with bytes > 127
2017-08-20 20:07:54 -03:00
Lasse Karstensen
7665d96a13
Improve action-allow test titles
2017-08-20 20:00:28 -03:00
Lasse Karstensen
fc06915cc6
Extend RESPONSE_BODY test case.
2017-08-20 20:00:07 -03:00
asterite
b8789ab9f4
add a test for negated implicit @rx operator
2017-08-20 19:39:18 -03:00
Felipe Zimmerle
b4051246b1
Adds support to SecResponseBodyMimeTypesClear
2017-08-16 22:21:03 -03:00
Felipe Zimmerle
56baef5f1f
Fix test case as consequence of the changes at #1514
2017-07-28 22:24:21 -03:00
Felipe Zimmerle
0242646610
Adds test case for the ctl:ruleEngine action
2017-07-27 22:10:58 -03:00
Felipe Zimmerle
337216fd87
fix: remove target by {id,tag} are now considering collections
...
Fix issue #1409
2017-07-25 09:19:21 -03:00
Felipe Zimmerle
e14dc602e5
Adds support to SecRuleUpdateTargetById
2017-07-04 13:13:13 -07:00
Felipe Zimmerle
52c5631ae7
Adds test case to UpdateTargetByTag
2017-07-04 11:00:11 -07:00
Felipe Zimmerle
9cb3f23b50
Adds support to setrsc action
2017-06-09 16:59:04 -03:00
Felipe Zimmerle
c97db2f361
Adds verbose message when a resource is not found.
...
Fix #1309
2017-05-02 13:39:37 -03:00
Felipe Zimmerle
6421ff087a
Forces disruptive to be first-rule-only
...
ModSecurity version 3 is capable to handle disruptive actions in different
rules from the chain. However, lets get it working in the same fashion that
we have in version 2.
2017-04-24 21:06:35 -03:00
Felipe Zimmerle
e2bbe9858f
XML Parser: removes unnecessary message from debug logs
...
Fix #44
2017-04-05 09:40:05 -03:00
Felipe Zimmerle
4ad3574cf2
Adds offset regression tests and assorted fixes on var's offsets
2017-03-06 15:02:02 -03:00
Felipe Zimmerle
c06daba398
Adds support for curl resource on the regression tests
2017-03-06 15:02:01 -03:00
Felipe Zimmerle
f2d149fc5f
Extends the direct access model to other collections
2017-03-06 15:02:00 -03:00
Felipe Zimmerle
6abbb7e91e
Fix regular expression test case and updates the test list
...
Repoted on #1295
2017-03-06 15:01:52 -03:00
Felipe Zimmerle
a6f07f621d
Makes the lexical errors a little bit more verbose
2017-03-06 15:01:51 -03:00
Felipe Zimmerle
59114dd598
Refactoring on the operators parsers (2/2)
...
This is the first step towards remove the memory leaks in the parser
2017-03-06 15:01:50 -03:00
Felipe Zimmerle
a7f465cf3a
Avoids string copy by working with pointers while resolving variables
2016-12-28 20:00:14 -03:00