github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 11:16:33 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,639 Commits 55 Branches 109 Tags
8285a97460ba898329b3767f46b25abee5de4b24
Commit Graph

211 Commits

Author SHA1 Message Date
Felipe Zimmerle
8d0f51beda Change release version to v3.0.2 2018-04-03 10:47:48 -03:00
Felipe Zimmerle
f67ff0aa67 Change release version to v3.0.1 2018-04-01 21:23:25 -03:00
Felipe Zimmerle
0ca5994744 Adds support for ctl:ruleRemoveByTag action 2018-03-26 17:01:53 -03:00
Felipe Zimmerle
9537cfceed Fix SecUploadDir configuration merge 2018-03-23 11:32:46 -03:00
Felipe Zimmerle
450c966da0 Fix a set of compilation warnings 2018-03-01 11:36:31 -03:00
Andrei Belov
ebc068b8ce Fix msc_who_am_i() to return pointer to a valid C string 
Previously this function was unusable as it returned pointer
to some garbage data.
 2018-02-23 18:42:33 -03:00
Felipe Zimmerle
eeec7efb68 Renames collection::Variable to VariableValue 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
de7c5c89bb Using shared var for variables names 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
6f7fdd9493 Using direct variable access instead m_collections 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
a299997e02 Using run time string on the operators 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
2d892a3176 Adds support for multipart vars on the parser 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
cd30509f3a Fix the debuglogs for the regression tests 2018-02-20 13:39:59 -03:00
Felipe Zimmerle
c1cd668acb Change release version to v3.0.0 2017-12-13 19:09:08 -03:00
Felipe Zimmerle
3fb71f32d8 Coding style fixes 2017-11-13 22:32:11 -03:00
Felipe Zimmerle
082a3e3287 Adds support to SecWebAppID 2017-11-08 09:33:14 -03:00
Felipe Zimmerle
ec667a4609 Adds support for SecRuleRemoveByTag 2017-11-07 14:52:50 -03:00
Felipe Zimmerle
4d7fd5c30a Adds support for update target by message 2017-11-06 23:29:25 -03:00
Felipe Zimmerle
e52bd7d635 Adds support to SecRuleScript directive 2017-11-05 23:31:16 -03:00
Felipe Zimmerle
34e8b140e5 Setting http response code on the auditlog 2017-10-19 23:27:30 -03:00
Felipe Zimmerle
274f9e5aa1 Refactoring on RuleMessage class, now accepting http code as parameter 2017-10-19 23:00:47 -03:00
Felipe Zimmerle
39fb75c34d Having disruptive msgs as disruptive [instead of warnings] on audit log 
Issue #1592
 2017-10-17 14:58:04 -03:00
Felipe Zimmerle
1ad95254cd Avoids unicode initialization on every rules block 
ModSecurity-nginx/#67
ModSecurity/#1563
 2017-10-11 12:40:48 -03:00
Victor Hora
d285bc02b8 Add missing statements 2017-10-09 09:02:32 -03:00
Victor Hora
63bef3d142 Support to JSON stuff on serial logging 2017-10-09 09:02:31 -03:00
Dávid Major
a5266d6d1c Store the connection and url parameters in std::string 2017-09-29 17:18:30 +00:00
Dávid Major
495b47d8a2 Eliminate some reorder and sign warnings 2017-09-29 17:16:09 +00:00
Felipe Zimmerle
cca3642530 Changes release tag to -rc1 2017-08-27 22:06:20 -03:00
Felipe Zimmerle
7ac6bf7241 Fix memory issues while resolving variables 2017-08-27 22:06:20 -03:00
Felipe Zimmerle
003a8e8e5f Uses shared_ptr on variable names 2017-08-27 22:06:20 -03:00
Felipe Zimmerle
9069a453e5 Revert "Treating ARGS_NAMES as an array instead of scalar" 
This reverts commit 1d3c4c670d.
 2017-08-24 00:10:42 -03:00
Felipe Zimmerle
1d3c4c670d Treating ARGS_NAMES as an array instead of scalar 
Both value and key are the same.
 2017-08-22 18:26:56 -03:00
Felipe Zimmerle
81879cd131 parser: SecRequestBodyInMemoryLimit is now returning an error msg 2017-08-22 10:44:35 -03:00
Felipe Zimmerle
c22658ec80 Adds `msc_update_status_code' method to the libmodsec api 2017-08-20 18:52:50 -03:00
Felipe Zimmerle
d7eab6b7a3 Adds support to SecRuleRemoveByMsg 2017-08-16 23:42:13 -03:00
Felipe Zimmerle
b4051246b1 Adds support to SecResponseBodyMimeTypesClear 2017-08-16 22:21:03 -03:00
Felipe Zimmerle
48f1470269 Adds support to SecArgumentSeparator 2017-08-16 18:27:51 -03:00
Victor Hora
53ff0e1a57 Adds initial support to SecHttpBlKey 2017-07-29 00:12:14 -03:00
Lasse Karstensen
bce5ef7704 Add the missing g in Transaction::GetReponseBodyLenth() 
This commit fixes a typo in the method name for retrieving
the body length.
 2017-07-28 22:30:25 -03:00
Felipe Zimmerle
4bec6b0019 Adds support to ctl:ruleEngine 2017-07-27 22:05:10 -03:00
Felipe Zimmerle
15ca5ceab4 Yet another change on the audit log permissions 
The default values are set to 0640 and 0750. That is the real
value in version 2.
 2017-07-25 23:08:59 -03:00
Felipe Zimmerle
b58c8fe7ed Changes the default file creation permission to 1600 
Somewhat related to #1497.
 2017-07-25 15:11:27 -03:00
Felipe Zimmerle
27a8abc052 Changes the auditlog new derectories permission to 1872 
As well noticed on #1497 [by @met3or] we had an inconsistence in the
default permission value for new directories between version 2 and 3.
 2017-07-25 15:06:47 -03:00
Felipe Zimmerle
e14dc602e5 Adds support to SecRuleUpdateTargetById 2017-07-04 13:13:13 -07:00
Felipe Zimmerle
fba9c20ea1 Adds initial support to SecRuleUpdateTargetByTag 2017-07-03 17:42:34 -07:00
Felipe Zimmerle
6421ff087a Forces disruptive to be first-rule-only 
ModSecurity version 3 is capable to handle disruptive actions in different
rules from the chain. However, lets get it working in the same fashion that
we have in version 2.
 2017-04-24 21:06:35 -03:00
Felipe Zimmerle
5f60bb5224 Yet another fix on the debuglogs merge 2017-03-28 18:11:31 -03:00
Felipe Zimmerle
80cfca6fa3 Fix the debug log level merge function 2017-03-27 14:09:42 -03:00
Felipe Zimmerle
2a54bf23e5 Fix the debug log merge function 2017-03-27 11:30:26 -03:00
Felipe Zimmerle
dbcf5a7198 API CHANGE: Rules::merge signature was change to includes error msg 2017-03-23 09:52:39 -03:00
Felipe Zimmerle
e79712095b Minor fix in the decision on whenever the log callback should be called 2017-03-06 15:02:04 -03:00