github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-11-19 18:54:23 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,538 Commits 55 Branches 109 Tags
7d9c80dedee332a469fb8f16be421ce1dfe31253
Commit Graph

285 Commits

Author SHA1 Message Date
Felipe Zimmerle
9cb3f23b50 Adds support to setrsc action 2017-06-09 16:59:04 -03:00
Victor Hora
37868d1534 Add missing feature: t:uppercase transformation 2017-06-02 21:47:54 -03:00
Felipe Zimmerle
37619bae77 Removes local cache for transformations 2017-05-10 09:29:08 -03:00
Felipe Zimmerle
6421ff087a Forces disruptive to be first-rule-only 
ModSecurity version 3 is capable to handle disruptive actions in different
rules from the chain. However, lets get it working in the same fashion that
we have in version 2.
 2017-04-24 21:06:35 -03:00
Felipe Zimmerle
cf4deaa3a0 Using uint64_t instead of u_int64_t 2017-03-28 12:55:40 -03:00
Felipe Zimmerle
e2af60e765 Expands log_cb to share ruleMessage structure instead text 
Text version still available and it is the default options
 2017-03-06 15:02:04 -03:00
Felipe Zimmerle
027d50b76b Adds first version of `processContentOffset' 
This commit also includes an example application on how to use the
`processContentOffset' method.
 2017-03-06 15:02:02 -03:00
Felipe Zimmerle
e95efa05cc Fix assorted memory and static analysis errors 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
f2d149fc5f Extends the direct access model to other collections 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
ca24b6bb06 PoC: Adds support to direct access on ARGS collection 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
c1f11ab4e5 Cosmetics: assorted fixes on the coding style 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
b516cc6de1 Adds operation unset to setVar action 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
e95555132e Contionuation of 1 time variable patch 
Now we have almost 100% of the transaction variables hosted on the
new schema. Variable modifcators (count and exclusion) are not yet
supported on the new schema. Notice that setvar is now using the
parser.
 2017-03-06 15:01:58 -03:00
Felipe Zimmerle
0c37ba336b Fixed utf8ToUnicode bad memory access 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
068a3eb517 Fixed bad memory access in utf8ToUnicode class 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
60402d8b80 Renames defaultActions to m_defaultActions in RulesProperties 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
168fa22e19 Collections cleanup: removes resolveFirstCopy method 2016-12-28 19:56:27 -03:00
Felipe Zimmerle
15b81d09e7 Refactoring on the transformation classes 2016-12-28 19:53:37 -03:00
Felipe Zimmerle
bbb61d560c Changes the saving selection for the audit logs 2016-12-28 17:48:21 -03:00
Felipe Zimmerle
9c7416da97 Refactoring the actions classes 2016-12-28 15:20:06 -03:00
Felipe Zimmerle
cce6179dcc Refactoring: new structure for logging alerts 
Disruptive actions were moved to actions::disruptive namespace
 2016-12-01 14:14:54 -03:00
Felipe Zimmerle
bfc30dad34 Refactoring: how to report to error logs 2016-12-01 01:05:29 -03:00
Felipe Zimmerle
e6b58014db Cosmetics: Fix some static analysis report 2016-11-29 14:31:15 -03:00
Felipe Zimmerle
9bd37ccb63 Refactoring: Rule class 2016-11-28 13:07:25 -03:00
Felipe Zimmerle
a776cce6d7 Changes RULE variable group to be save at transient collection 2016-11-28 13:00:04 -03:00
Felipe Zimmerle
2930d40d57 Changes the actions to affect the ruleMessage instead of transaction 2016-11-28 12:32:31 -03:00
Felipe Zimmerle
8fa0523fe0 Adds initial support to the multiMatch action 2016-11-28 12:20:18 -03:00
Felipe Zimmerle
eecb90cfd0 setvar: needs review 2016-11-28 12:12:04 -03:00
Felipe Zimmerle
3ee7b24928 Adds refCounter to actions 2016-11-08 18:14:34 -03:00
Felipe Zimmerle
2244e874e2 Moves static methods from class String to the namespace string 2016-11-04 16:00:44 -03:00
Felipe Zimmerle
62a0cb468b Renames utils/msc_string.[h|cc] to utils/string.[h|cc] 2016-11-04 16:00:42 -03:00
Felipe Zimmerle
4ced1d18e0 Using full path in the header inclusion 2016-11-04 14:45:01 -03:00
Felipe Zimmerle
768cc74f0e Moves RuleMessage to its own file 2016-11-04 11:58:57 -03:00
Felipe Zimmerle
507ec44cc2 Refactoring on `utils.cc' and adjacents 
Completely removed the `utils.cc' by moving residual functions into
sub-classes of `utils/'
 2016-11-03 20:26:27 -03:00
Felipe Zimmerle
73c4d69174 Moves string related functions from utils' to utils/string' 2016-11-03 10:47:22 -03:00
Felipe Zimmerle
9733cacd4d Refactoring: moves ctl_ actions into ctl namespace 2016-11-01 14:58:51 -03:00
Felipe Zimmerle
721983a05a Adds missing ctl_request_body.* 2016-10-31 13:16:34 -03:00
Felipe Zimmerle
75a5000b16 Cosmetics: coding style 2016-10-28 09:57:59 -03:00
Felipe Zimmerle
fead971558 Cosmetics: Fix typo. Remove not Remote 2016-10-26 11:12:05 -03:00
Felipe Zimmerle
1c21d1aeba Adds support to action CtlRuleRemoveById 2016-10-26 11:00:18 -03:00
Felipe Zimmerle
161cc36acf Adds support to action CtlRuleRemoteTargetById 2016-10-26 10:58:42 -03:00
Felipe Zimmerle
9245369a54 Adds support to action CtlRuleRemoteTargetByTag 2016-10-25 15:43:50 -03:00
Felipe Zimmerle
b48e4b3a37 refactoring: Moves Phases enum to outside ModSecurity class 2016-10-07 19:05:50 -03:00
Felipe Zimmerle
c680ddf2cd Refactoring on rulesProperties class 
Among of other things the merge process was improved to detect if
certain properties were set on the origin rule set.
 2016-10-05 12:01:15 -03:00
Felipe Zimmerle
56cbbeff52 Adjust the phase value between the core and the rules 2016-09-19 21:17:03 -03:00
Felipe Zimmerle
241269eede Adds missing `nog_log' action 2016-09-12 10:34:45 -03:00
Felipe Zimmerle
8d84ff6f4d Accepting both: normalizePath and normalisePath 2016-08-26 16:26:16 -03:00
Felipe Zimmerle
062dd17f14 Cosmetics: reducing the compilation warnings 2016-07-29 18:42:20 -03:00
Felipe Zimmerle
665df04516 Cosmetics: avoid compilation warnings 2016-07-29 11:29:24 -03:00
Felipe Zimmerle
5d64f73817 Makes RULE collection to be resolved inside a macro expansion 2016-07-21 13:09:22 -03:00