github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,479 Commits 55 Branches 109 Tags
Commit Graph

705 Commits

Author SHA1 Message Date
Felipe Zimmerle
81879cd131
parser: SecRequestBodyInMemoryLimit is now returning an error msg 2017-08-22 10:44:35 -03:00
Felipe Zimmerle
2cf636cf76
parser: Adds generated parser files after 0xfce65 2017-08-21 23:41:37 -03:00
asterite
0be821ded7
change parsing of SetVar actions 
Change tokenization of SetVar expressions and use syntax
analyzer (seclang-parser) to process them. More precisely:
 1 SetVar expression is tokenized in two modes, quoted and
   not quoted, depending on whether it started with single
   quote (')
 2 Variable name and value can consist of multiple tokens,
   which are assembled back in syntax analyzer.
This allows to support escapes (escape single/double quote,
spaces etc.) and correctly detect where the expression ends.
Fixes #1529
 2017-08-21 23:39:12 -03:00
Felipe Zimmerle
e0ebf28540
Adds `$' as a valid character in ruleRemoveTargetById 
Issue #1533
 2017-08-21 22:59:12 -03:00
Felipe Zimmerle
4b9bd499eb
Fix to_hex_if_need function on string utils 
This fix issue #1535. Solution was the same suggested on #1523.
 2017-08-21 22:47:49 -03:00
asterite
86e74fac58
validateByteRange: correctly handle bytes > 127 
ValidateByteRange::evaluate compared bytes with values in
range [0-255], but acquired bytes by indexing std::string,
which gave type char, which is signed. So bytes with values
more than 127 were treated as negative, resulting in being
incorrectly classified as out-of-range. This commit adds
casting byte values to unsigned char before validating range.
 2017-08-20 20:07:48 -03:00
asterite
039bd2cc84
fix negated implicit @rx operator 
When an operator starts with '!' and no explicit operator
is specified, a negated @rx operator should be created.
Due to a bug, a regular @rx operator with regex starting
with '!' was created. This commit fixes it
 2017-08-20 19:39:05 -03:00
Victor Hora
ca9cbf4ddc
Fix for @rbl operator to correctly recognize known supported RBL providers 2017-08-20 19:36:53 -03:00
Felipe Zimmerle
c22658ec80
Adds `msc_update_status_code' method to the libmodsec api 2017-08-20 18:52:50 -03:00
Felipe Zimmerle
fff5a57656
Changes auditlog type to serial by default 2017-08-20 17:32:44 -03:00
Felipe Zimmerle
bf281eb4df
Relaxing the audit log sanity checks to allow empty relevant status 2017-08-20 15:52:07 -03:00
Lasse Karstensen
09ee471498
Handle zero byte rule files correctly. 
This corrects the stalling behaviour seen when trying to parse an empty
rule file.

Fixes: #1521
 2017-08-20 09:37:10 -03:00
Felipe Zimmerle
945ee27a85 parser: Adds SecRuleUpdateActionById is not yet supported 2017-08-17 15:08:38 -03:00
Felipe Zimmerle
d7eab6b7a3 Adds support to SecRuleRemoveByMsg 2017-08-16 23:42:13 -03:00
Felipe Zimmerle
562c2b2f5a parser: Adds support to tag action without quotes 2017-08-16 22:29:42 -03:00
Felipe Zimmerle
b4051246b1 Adds support to SecResponseBodyMimeTypesClear 2017-08-16 22:21:03 -03:00
Felipe Zimmerle
48f1470269 Adds support to SecArgumentSeparator 2017-08-16 18:27:51 -03:00
Felipe Zimmerle
a302538521 parser: Adds SecWebAppId not supported note 2017-08-16 17:31:59 -03:00
Felipe Zimmerle
2c4e65f7ee parser: Adds support to quoted paramenter in SecDataDir 2017-08-16 17:17:39 -03:00
Felipe Zimmerle
bb2fe0e039 parser: Adds note saying that SecServerSignature is not supported 2017-08-16 17:14:42 -03:00
Felipe Zimmerle
e6cfd5379d parser: Adds SecRuleScript not implemented note 2017-08-16 17:00:36 -03:00
Felipe Zimmerle
cd533e00e7 parser: Adds support to quoted arguments on SecUploadDir 2017-08-16 10:17:51 -03:00
Felipe Zimmerle
b5d0dc2409 paser: Adds support for quoted argument on SecTmpDir 2017-08-16 09:51:56 -03:00
Felipe Zimmerle
5ffc5c1633 parser: Adds support to quoted arguments in asorted configurations 2017-08-16 09:37:34 -03:00
Felipe Zimmerle
9abc37157d parser: Adds msg: ContentInjection is not yet supported 2017-08-16 09:21:23 -03:00
Felipe Zimmerle
06447ea3d4 parser: Adds support to double quotes on adit logs file 2017-08-16 00:18:06 -03:00
Felipe Zimmerle
c525cbfb20 parser: Adds ability to inform auditlog status without quotes 2017-08-16 00:17:58 -03:00
Felipe Zimmerle
9ee412735d parser: Improves the reading for the url in the redirect action 2017-08-15 15:18:52 -03:00
Felipe Zimmerle
8c66a1b4c2 Adds support to double quotes on debug logs conf 2017-08-15 14:20:39 -03:00
Felipe Zimmerle
0508395f8d
Forces REQBODY_ERROR to zero whenever there is a valid XML 2017-07-31 14:12:18 -03:00
Felipe Zimmerle
b36c4260c1
Adds a graceful error if there is no memory for request body inspection 
Issue #1517
 2017-07-31 13:09:09 -03:00
Felipe Zimmerle
9a41942ce1
Optimization on the macro expansion function 2017-07-31 09:26:06 -03:00
Victor Hora
53ff0e1a57
Adds initial support to SecHttpBlKey 2017-07-29 00:12:14 -03:00
Lasse Karstensen
515e073503
Rename FromNowOneAllowType to FromNowOnAllowType. 
This misspelling is confusing (is it allow one more rule, or all of
them?) and since v3 isn't released yet, use the major version bump
opportunity to rectify it.
 2017-07-28 22:46:55 -03:00
Lasse Karstensen
bce5ef7704
Add the missing g in Transaction::GetReponseBodyLenth() 
This commit fixes a typo in the method name for retrieving
the body length.
 2017-07-28 22:30:25 -03:00
Lasse Karstensen
5e06a67fbe
Demote log lines to improve debug log SNR. 
The debug logging is verbose and sometimes hard to read.

Demote some of the boilerplate output to log level 9, to make it easier
to see the important parts on lower verbosity levels.
 2017-07-28 22:11:06 -03:00
Lasse Karstensen
5c7892ce89
Reduce use of underscores in log output. 
The use of underscores in log lines makes them harder to read,
without contributing/adding extra information.
 2017-07-28 22:11:06 -03:00
Felipe Zimmerle
4bec6b0019
Adds support to ctl:ruleEngine 2017-07-27 22:05:10 -03:00
Felipe Zimmerle
1f1e8324b1
Includes HTTP version and response code on auditlogs/F 2017-07-25 23:24:36 -03:00
Felipe Zimmerle
43cb8ed652
Adds support to C section on auditlogs 2017-07-25 23:13:23 -03:00
Felipe Zimmerle
337216fd87
fix: remove target by {id,tag} are now considering collections 
Fix issue #1409
 2017-07-25 09:19:21 -03:00
Felipe Zimmerle
7c2dbf48cf
Typo in the debuglogs for rules::getFinalVars 2017-07-24 22:18:00 -03:00
Felipe Zimmerle
e14dc602e5 Adds support to SecRuleUpdateTargetById 2017-07-04 13:13:13 -07:00
Felipe Zimmerle
fba9c20ea1 Adds initial support to SecRuleUpdateTargetByTag 2017-07-03 17:42:34 -07:00
Felipe Zimmerle
25175dd800 Adds support to verify CPF operator 2017-06-28 00:44:42 -03:00
Felipe Zimmerle
ad8182e2a8 Adds support to the verify ssn operator 2017-06-27 23:55:47 -03:00
David Buckle
d465c2f1a3 Removes the beauty of the JSON logging 
The beautify options makes the JSON easy to be read by human eyes.
No need to have pretty print JSON for production, as beautify the JSON
is not a hard task. Atop of that there are some disvantages to use the
JSON in pretty format, as described on the issue: #1472
 2017-06-27 08:39:58 -03:00
Felipe Zimmerle
1edd3570e1 Adds a set of sanity checks to validate API inputs (2 of 2) 2017-06-21 19:11:25 -07:00
Felipe Zimmerle
508a2b5a4a Adds sanity check on SecRemoteRules directive input 2017-06-21 19:08:12 -07:00
Felipe Zimmerle
49b7ea99e6 Adds a set of sanity checks to validate API inputs (1 of 2) 2017-06-21 12:59:19 -07:00