ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00

Author	SHA1	Message	Date
Felipe Zimmerle	8fbb9e8128	Using pthreads to avoid concurrent access to the collection	2017-06-03 16:07:35 -03:00
Victor Hora	37868d1534	Add missing feature: t:uppercase transformation	2017-06-02 21:47:54 -03:00
Victor Hora	9d70345d3d	Add missing hexDecode transformation to seclang parser	2017-05-29 22:48:23 -03:00
Felipe Zimmerle	a90b2a3ff7	Code cosmetics: init a vector.	2017-05-28 22:27:10 -03:00
Felipe Zimmerle	e1d3abc8e7	Removes memory leak on the counter variable modificator	2017-05-28 22:10:30 -03:00
Felipe Zimmerle	c49688fd7d	Verify if a certain resource exists before do any other sanity check	2017-05-28 22:10:15 -03:00
Felipe Zimmerle	6143eb99e3	Removes LMDB from the default configuration options	2017-05-10 12:50:38 -03:00
Felipe Zimmerle	37619bae77	Removes local cache for transformations	2017-05-10 09:29:08 -03:00
Felipe Zimmerle	0e05b7bb8a	Avoids to load a directory structure as a rules file	2017-05-02 16:42:22 -03:00
Felipe Zimmerle	c97db2f361	Adds verbose message when a resource is not found. Fix #1309	2017-05-02 13:39:37 -03:00
Felipe Zimmerle	77a658c7cd	Updates libinjection version	2017-04-27 18:35:01 -03:00
Felipe Zimmerle	6421ff087a	Forces disruptive to be first-rule-only ModSecurity version 3 is capable to handle disruptive actions in different rules from the chain. However, lets get it working in the same fashion that we have in version 2.	2017-04-24 21:06:35 -03:00
Michael Simpson	7e59250068	Fix JSON parsing error message	2017-04-24 16:37:35 -03:00
Chaim Sanders	b58f713fe9	add support for soap+xml As was talked about by @emphazer in https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/721, RFC 3902 adds support for the application/soap+xml header used by SOAP 1.2.	2017-04-06 09:49:45 -03:00
Felipe Zimmerle	e2bbe9858f	XML Parser: removes unnecessary message from debug logs Fix #44	2017-04-05 09:40:05 -03:00
Felipe Zimmerle	ba070c9eaa	Speeds up utils::string::toupper function	2017-03-31 14:35:26 -03:00
Felipe Zimmerle	b3c8e97ff7	Parse fix: accepting variables in between quotes	2017-03-30 10:02:36 -03:00
Felipe Zimmerle	c7053e572f	Postponing the decision to whenever save or not a log message to the last rule Whenever there is a chained rule, the decision of saving a message on the webserver's log will be taken after the execution of all actions on the chain, including the default actions.	2017-03-29 14:51:32 -03:00
Felipe Zimmerle	4d03ef512e	Fix TX dictionary element name on logs Before this patch the element name was not being shown.	2017-03-29 14:49:57 -03:00
Felipe Zimmerle	5f60bb5224	Yet another fix on the debuglogs merge	2017-03-28 18:11:31 -03:00
Felipe Zimmerle	cf4deaa3a0	Using uint64_t instead of u_int64_t	2017-03-28 12:55:40 -03:00
Felipe Zimmerle	d15b57895b	Fix the Multipart parser error for unknown content type	2017-03-28 09:38:10 -03:00
Felipe Zimmerle	80cfca6fa3	Fix the debug log level merge function	2017-03-27 14:09:42 -03:00
Felipe Zimmerle	2a54bf23e5	Fix the debug log merge function	2017-03-27 11:30:26 -03:00
Felipe Zimmerle	eb12b15146	Flush [shared-] file after write it	2017-03-24 18:08:13 -03:00
Felipe Zimmerle	dbcf5a7198	API CHANGE: Rules::merge signature was change to includes error msg	2017-03-23 09:52:39 -03:00
Felipe Zimmerle	5e59d19121	Improves macro expansion speed and variable set attribution	2017-03-23 08:53:51 -03:00
Felipe Zimmerle	f17da09fc0	Avoids call `toupper' twice while resolving a variable	2017-03-23 08:53:51 -03:00
Andrei Belov	85f98c8a66	Fix "make dist" after recent changes to parser In particular, it is now possible to either build ModSecurity with pre-generated parser, or use "--enable-parser-generation" configure option to rebuild parser from sources.	2017-03-09 18:18:00 -03:00
Felipe Zimmerle	c290c73f9b	Updates travis' badge	2017-03-08 09:44:17 -03:00
Felipe Zimmerle	53485c7f74	Fix pcre_exec offset values	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	e79712095b	Minor fix in the decision on whenever the log callback should be called	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	e2af60e765	Expands log_cb to share ruleMessage structure instead text Text version still available and it is the default options	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	9ea5b475b2	Fix missing initialization on rules-check utility	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	6d61bd6b57	Adds rules-check utility	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	d2c5b31b17	Uses FILE instead of _IO_FILE	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	e2bd87d07d	Fix minor parser errors	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	c3cb23f47d	Removes the ';' from the x-www-form-urlencoded body-processor comparison	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	d6363607aa	Accept quoted regexp in the collection selection	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	39761ce7b8	Discards the `charset' from the C-T while checking for body processors Issue #1330	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	7ab192e90f	Using method instead of procol in the audit logs. Issue #1331	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	fcad290152	Having the DebugLogs using the SharedFile schema	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	7f9cd76619	Improvements on the SharedFiles class examples/multiprocess_c/multi	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	01c13da510	Fix segfault due to invalid memory access on SharedFiles class Issue #1318	2017-03-06 15:02:03 -03:00
David Testé	87f6b478fb	Fix typo in returned string	2017-03-06 15:02:03 -03:00
David Testé	cc25390dc9	Fix copy/paste typo	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	027d50b76b	Adds first version of `processContentOffset' This commit also includes an example application on how to use the `processContentOffset' method.	2017-03-06 15:02:02 -03:00
Felipe Zimmerle	7aae5dc183	Fix Regex::searchAll to behave like global modifier	2017-03-06 15:02:02 -03:00
Felipe Zimmerle	4d66481bfa	travis: Installs cppcheck on MacOS X	2017-03-06 15:02:02 -03:00
Felipe Zimmerle	616cf84c31	Adds check-static to travis.yaml	2017-03-06 15:02:02 -03:00

... 2 3 4 5 6 ...

2541 Commits