ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-17 06:36:13 +03:00

Author	SHA1	Message	Date
Felipe Zimmerle	7d06c32b0d	Adds error messages while failed to init a collection	2016-06-24 13:48:57 -03:00
Felipe Zimmerle	0fdde52532	Fix setvar action to accept equals nothing	2016-06-23 15:48:23 -03:00
Felipe Zimmerle	56d084a7f4	Adds support the variable rule Issue #1016	2016-06-20 14:03:45 -03:00
Felipe Zimmerle	6052d2628b	Adds support to URLENCODED_ERROR variable	2016-06-20 11:34:43 -03:00
Felipe Zimmerle	7bd6e9a2bd	Makes XML request body processor to be selected only by ctl:equestBodyProcessor	2016-06-16 17:20:47 -03:00
Felipe Zimmerle	f833a61089	Fix memory leak on html dentity decode transformation	2016-06-16 10:32:44 -03:00
Felipe Zimmerle	e6c542c5b5	Fix invalid read on sql hex decode transformation	2016-06-16 10:31:15 -03:00
Alexey Zelkin	32f22d1a79	Use explicit variable size for copying char. For some reason plain call to "ret.append(&b)" copy 32 bit of data. This change unbreaks CmdLine unit tests for FreeBSD 10, CentOS 7, RHEL 7 and Debian 8.	2016-06-15 23:10:27 -03:00
Alexey Zelkin	57ad70bb2b	Add missing 'retrun's for functions declared return value. This change fixes SIGILLs on executable built with clang 3.4. Tested against FreeBSD 10.3.	2016-06-15 23:10:27 -03:00
Felipe Zimmerle	967c8c90f2	Fixed minor behavior on the trasnformations and added sha1-mbedtls	2016-05-30 16:54:13 -03:00
Felipe Zimmerle	8d49903279	Adds support to the transformations parity[even\|odd\|zero]7bit Issues: #968, #969, #967	2016-05-27 10:45:05 -03:00
Felipe Zimmerle	1fe0e34201	Adds support to sqlHexDecode transformation Issue #973	2016-05-25 20:19:54 -03:00
Felipe Zimmerle	bd2e95953c	Adds support to the hexDecode transformation Issue: #973	2016-05-25 18:49:34 -03:00
Felipe Zimmerle	2b056485d0	Adds support to Utf8ToUnicode transformation Issue #974	2016-05-25 18:21:26 -03:00
Felipe Zimmerle	b7e82261ce	Adds support to removeComments transformation on libmodsec Issue #970	2016-05-25 11:17:32 -03:00
Felipe Zimmerle	7ccf54d330	Adds md5 transformation Replaced the old md5 implementation by the mbetls one.	2016-05-24 21:28:19 -03:00
Felipe Zimmerle	bf4a9d7633	Adds support to base64DecodeExt transformation More info on #964	2016-05-24 21:28:19 -03:00
Felipe Zimmerle	056753d57a	Adds support to base64 encode transformation	2016-05-24 21:28:14 -03:00
Felipe Zimmerle	e48f468cbc	Adds support to base64 decode transformation	2016-05-24 10:04:06 -03:00
Felipe Zimmerle	f989ecd5cb	Adds support to SecXMLExternalEntity	2016-05-18 17:02:15 -03:00
Felipe Zimmerle	6a7b970fe3	Adds support to ctl:requestBodyProcessor=XML	2016-05-18 10:30:25 -03:00
Felipe Zimmerle	1f45d6cea8	Adds full support to the libxml action Issue #1148	2016-05-18 09:47:30 -03:00
Felipe Zimmerle	8c714af8e1	Actions refactoring: now there is a clear definiation on the action name	2016-05-17 14:36:59 -03:00
Felipe Zimmerle	1b88947d9b	Adds support 'xmlns' action to the libmodsec parser	2016-05-16 18:24:54 -03:00
Felipe Zimmerle	758ecb5d6d	Adds support to USER collection, setuid action and USERID variable More details on: #1026, #1024, #1048	2016-05-09 20:27:08 -03:00
Felipe Zimmerle	ff9aa5c7cf	Adds support to the variable SESSIONID	2016-05-06 14:38:38 -03:00
Felipe Zimmerle	a2a47798e9	Adds support to the collection SESSION and setsid action	2016-05-06 14:38:04 -03:00
Felipe Zimmerle	c85529158e	Adds support to the cmd_line transformation Details on #965	2016-05-05 15:47:21 -03:00
Felipe Zimmerle	1539a8c3ef	Fix the coding style of the pull request #1115	2016-04-05 09:56:08 -03:00
bjh7242	8b3b014062	updated transformation file to include removeWhitespace transformation	2016-04-05 09:04:54 -03:00
bjh7242	883b804d90	adding removeWhitespace transformation	2016-04-05 09:04:49 -03:00
Felipe Zimmerle	0a60924c8f	Reduces the amount of warnings Trimming the pull request #1098	2016-04-04 15:31:19 -03:00
Felipe Zimmerle	6f93563fc2	Fix in parser: now understanding the removeCommentsChar transformation SpiderLabs/ModSecurity#1098	2016-04-04 15:25:34 -03:00
bjh7242	a5a21ea192	added remove_comments_char to address issue #971	2016-04-04 13:45:08 -03:00
Felipe Zimmerle	e5acc95de8	First version of `global' and` ip' collections	2016-03-30 18:22:00 -03:00
Felipe Zimmerle	214cc15785	Cosmetics: Reduce the coding style warnings	2016-03-21 17:59:31 -03:00
Felipe Zimmerle	c43391072c	Fix some issues reported by the static analysis	2016-03-18 19:37:51 -03:00
Felipe Zimmerle	ed8b0c85d7	Fix `capture' memory management The capture action was implemented before the transaction concept. While partially ported to use the transaction, some of the elements were not freed correctly. Now it is fully ported to use the class Transaction.	2016-02-16 23:24:15 -03:00
Felipe Zimmerle	8143f8ea89	Adds support to the action `maturity'	2016-02-10 13:55:12 -03:00
Felipe Zimmerle	714df8db20	Adds support to the action `accuracy'	2016-02-10 13:35:02 -03:00
Felipe Zimmerle	5a2a81a568	Adds support to the action `ver'	2016-02-10 12:53:22 -03:00
Felipe Zimmerle	77900ed4e2	Fix rules `messages' on the auditlog	2016-02-10 12:03:52 -03:00
Felipe Zimmerle	9474373264	General improvements on audit logs information Making actions: msg, logdata, tag and others to work in the same fashion that they work on ModSecurity v2.x	2016-02-05 15:19:53 -03:00
Felipe Zimmerle	b46dc34573	Temporarily disable the HTML ENTITY DECODE transformation	2016-01-18 13:48:00 -03:00
Felipe Zimmerle	4db5cc7d26	Refactoring on Transaction class: adding comments and renaming variables	2016-01-14 12:02:59 -03:00
Felipe Zimmerle	a51e707517	Renames class Assay to Transaction	2016-01-13 15:57:00 -03:00
Felipe Zimmerle	3acc013e49	Improves the secrules parser	2016-01-11 17:50:35 -03:00
Felipe Zimmerle	dd35b47764	Removes initcol debug messages	2016-01-06 17:00:43 -03:00
Felipe Zimmerle	913e22a77d	Adds initial support to initcol action	2015-12-22 12:10:15 -03:00
Felipe Zimmerle	fb3696ac04	Fix a few things to provide an easy interface for script bindings	2015-12-22 11:53:36 -03:00

1 2 3

125 Commits