github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,664 Commits 55 Branches 109 Tags
Commit Graph

2664 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Felipe Zimmerle
8750ee5d33
CHANGES: Adds info about: #1759 and #1733 2018-05-03 14:44:35 -03:00
Victor Hora
5e40850697
Fix setvar parsing of quoted data 2018-05-03 14:40:48 -03:00
Felipe Zimmerle
e47125c55e
CHANGES: Adds info about: #1758 2018-05-03 13:46:02 -03:00
Scott Leggett
98b4e75465
Fix LDFLAGS for unit tests. 2018-05-03 13:44:59 -03:00
Felipe Zimmerle
e48fa2f817
HANGES: Adds info about: #1761 2018-05-03 13:42:52 -03:00
Robert Paprocki
cd1a058c33
Code cosmetics: Clean up MD5 hexdigest 
The null terminator is not necessary when using this form of the
std::string constructor, and its use was confusing given the extra
indent.
 2018-05-03 13:41:49 -03:00
Felipe Zimmerle
d0b423fdd7
Adds time stamp back to the audit logs 
Fix issue #1762
 2018-05-03 13:37:01 -03:00
Felipe Zimmerle
6f92c8914a
Disables skip counter if debug log is disabled 2018-04-24 14:17:01 -03:00
Felipe Zimmerle
a1b6cceb65
CHANGES: Adds info about: #1737 2018-04-24 12:00:49 -03:00
Robert Paprocki
d0a63aac03
Define m_secmarker_skipped as an integer type 
There's no reason to treat this this as a double, since it
represents a human-readable data value that is only meaningful
as an integer. In doing so we write cleaner audit logs and save
a small amount of space.
 2018-04-24 11:49:13 -03:00
Victor Hora
bb2ecdf4db
Add missing escapeSeqDecode, urlEncode and trimLeft/Right tfns to parser 2018-04-24 09:26:30 -03:00
Felipe Zimmerle
a939d19fad
CHANGES: Adds info about: #1738 2018-04-24 09:17:53 -03:00
Felipe Zimmerle
6d5bb42bd8
Normalizes Bison version 2018-04-24 09:15:39 -03:00
Victor Hora
2037a08b34
Fix STATUS var parsing and accept STATUS_LINE var for v2 backward compatibility 2018-04-24 09:06:39 -03:00
Felipe Zimmerle
a806f26be1
CHANGES: Adds info about: #1750 2018-04-23 22:55:51 -03:00
Andrei Belov
268f34bbcc
Fix memory leak in modsecurity::utils::expandEnv() 
Found by ASAN.
 2018-04-23 22:54:13 -03:00
Felipe Zimmerle
f888f4e5e4
CHANGES: Adds info about: #1751 2018-04-23 22:46:21 -03:00
Ervin Hegedus
e7ea5433d5
Initialize m_dtd member in ValidateDTD class as NULL 2018-04-23 22:43:36 -03:00
Felipe Zimmerle
3ee65a31c5
CHANGES: Adds info about: #1739 2018-04-23 22:12:58 -03:00
Robert Paprocki
f7beb17570
Fix broken @detectxss operator regression test 2018-04-23 22:11:00 -03:00
Felipe Zimmerle
6a710b3a4c
CHANGES: Adds info about: #1743, #1744 2018-04-23 22:09:15 -03:00
Andrei Belov
3d06e1b8b6
Fix github_issue reference in regression test 2018-04-23 22:09:03 -03:00
Andrei Belov
5e65d560f8
Fix utils::string::ssplit() to handle delimiter in the end of string 
This closes #1743.
 2018-04-22 11:37:30 -03:00
Victor Hora
5018358371
Fix variable FILES_TMPNAMES 2018-04-22 11:11:46 -03:00
Felipe Zimmerle
077b18252f
CHANGES: Adds info about: #1729, #1730 2018-04-05 09:51:49 -03:00
Andrei Belov
8285a97460
Fix memory leak in Collections 
This closes #1729.
 2018-04-05 09:48:51 -03:00
Felipe Zimmerle
ea7d1ff54b
CHANGES: Adds to be released marking 2018-04-05 09:46:56 -03:00
Felipe Zimmerle
8d0f51beda
Change release version to v3.0.2 v3.0.2 2018-04-03 10:47:48 -03:00
Felipe Zimmerle
871a131864
CHANGES: Adds info about version issue 2018-04-03 10:42:29 -03:00
Felipe Zimmerle
2e87c4e751
Fix version number on libtool 2018-04-03 01:51:46 -03:00
Felipe Zimmerle
f67ff0aa67
Change release version to v3.0.1 v3.0.1 2018-04-01 21:23:25 -03:00
Felipe Zimmerle
01625bbb38
CHANGES: The correct is: ruleRemoveByTag not ruleRemoveById 2018-03-29 18:03:15 -03:00
Felipe Zimmerle
ff0d451a5c
Fix maxmind test case 2018-03-29 17:24:32 -03:00
Felipe Zimmerle
0ca5994744
Adds support for ctl:ruleRemoveByTag action 2018-03-26 17:01:53 -03:00
Felipe Zimmerle
9537cfceed
Fix SecUploadDir configuration merge 2018-03-23 11:32:46 -03:00
Felipe Zimmerle
ab3afb2ed2
CHANGES: Adds info about: #1716 2018-03-22 23:10:49 -03:00
Andrei Belov
dcbb06be43
Include all prerequisites for "make check" into dist archive 2018-03-22 23:09:44 -03:00
Felipe Zimmerle
9505ca7e66
CHANGES: Adds info about: #1715 2018-03-22 23:07:47 -03:00
Andrei Belov
601e0d7040
Adjust tests for @inspectFile operator 2018-03-22 23:06:42 -03:00
Andrei Belov
138e301695
Reverse logic of checking output in @inspectFile 
This change makes @inspectFile in ModSecurity 3.x to operate in exact
the same way as it operates in ModSecurity 2.x, so existing helper scripts
like runav.pl [1] will work without any changes.

[1] https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/v3.0/master/util/av-scanning/runav.pl
 2018-03-22 23:06:30 -03:00
Felipe Zimmerle
c61155424e
Adds support to libMaxMind 2018-03-22 23:03:44 -03:00
Felipe Zimmerle
15b38fbe5d
Travis: adds --without-maxmind option 2018-03-22 19:12:09 -03:00
Felipe Zimmerle
df169ea108
Adds support for libMaxMind 2018-03-22 19:11:42 -03:00
Felipe Zimmerle
7bff76d794
Parser: Updates the generated parser files 2018-03-21 18:18:58 -03:00
Victor Hora
480a2f89d7
Disable SecCollectionTimeout parser error 2018-03-12 22:28:07 -03:00
Victor Hora
22334c9bb6
Adds capture action to detectXSS 2018-03-12 22:10:56 -03:00
Felipe Zimmerle
b59d19e95a
CHANGES: Adds info about #1701 2018-03-12 20:22:17 -03:00
Victor Hora
e50c317b7a
Temporarily accept invalid MULTIPART_SEMICOLON_MISSING operator 2018-03-12 20:09:17 -03:00
Felipe Zimmerle
70ace0faa4
Adds capture action to detectSQLi 2018-03-09 12:58:00 -03:00
Felipe Zimmerle
0f361b7065
Adds capture action to RBL 2018-03-09 12:49:12 -03:00