github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,543 Commits 55 Branches 109 Tags
Commit Graph

68 Commits

Author SHA1 Message Date
Felipe Zimmerle
9b836b652a Initial support to load rules from a remote server 
New directive `SecRemoteRules' was added. It allows the user to load a
set of rules from a given HTTP server.
 2014-11-14 11:53:40 -08:00
Felipe Zimmerle
8d4c3e4f5c Makes the build system to look for yajl using a macro file 
Now searching for yajl using find_yajl.m4 macro file instead
of using pkg-config directly. If YAJL was not found or if it
was disabled in the configure phase, the code will be compiled
without JSON support.
 2014-03-31 16:22:09 -07:00
Ulisses Albuquerque
c23097ce18 Added support for JSON body processor 2014-03-31 16:22:09 -07:00
Felipe Zimmerle
d93ce9ceee Adds REQUEST_FULL and REQUEST_FULL_LENGTH variables 
This variable is a combination from REQUEST_LINE, REQUEST_HEADERS and
REQUEST_BODY (if any). Expects for \n\n in between each of those values.
 2014-03-31 07:14:55 -07:00
Breno Silva
f8d441cd25 Fix Chunked string case sensitive issue - CVE-2013-5705 2013-09-04 08:57:07 -03:00
Breno Silva
3901128f17 Revert "Fix Chuncked string case sensitive issue" 
This reverts commit 16a815a3c2735f62238ef99af26090a2b8430d3d.
 2013-09-04 08:53:40 -03:00
Breno Silva
16a815a3c2 Fix Chuncked string case sensitive issue 2013-09-04 08:43:34 -03:00
Breno Silva
eb95384577 Fixed: SecPerfRuleTimes storing unwanted rules 2013-04-23 18:52:20 -04:00
Breno Silva
aa18ec7f45 Updated copyright dates 2013-04-19 03:20:46 -04:00
Breno Silva
213cd1e840 Fixed: detect comma plus white space as a cookie separator - change variable names 2013-01-05 12:11:18 -04:00
Breno Silva
80146b2c74 Fixed: detect comma plus white space as a cookie separator 2013-01-05 09:48:49 -04:00
brenosilva
dc83528526 MODSEC-261 2012-10-04 15:53:40 +00:00
brenosilva
919e3f5e29 Reverted SecCookiev0Separator 2012-10-03 17:33:37 +00:00
brenosilva
aee22ea461 MODSEC-261 2012-10-03 13:49:00 +00:00
brenosilva
592ec392d1 Remove ctl:ruleUpdateTarget* and add ctl:ruleRemovetarget* 2012-08-02 18:04:53 +00:00
brenosilva
f0fab2a803 Fix apache 2.4 compilation issue during make test 2012-05-14 23:08:11 +00:00
brenosilva
866cb6d6b4 Update trunk for 2.7 2012-05-10 23:18:39 +00:00
brenosilva
d4079971c6 MODSEC-160 2011-10-14 13:32:30 +00:00
brenosilva
3d69126de0 Build and code fixes 2011-06-14 18:16:55 +00:00
brenosilva
e1025d0f0c Change apr version macro by apache one 2011-05-18 18:33:20 +00:00
brenosilva
104f0de46e New License 2011-03-30 14:12:44 +00:00
brenosilva
1a2d377e34 MODSEC-178 2011-03-28 18:47:58 +00:00
brenosilva
49732256f6 Improvements, fixes and new features 2011-03-25 13:51:13 +00:00
brenosilva
c04a4edb4b MODSEC-144 2011-03-11 18:48:58 +00:00
brenosilva
7f52d86e4b Include data edition, sanitizematched and few fixes 2011-02-14 12:49:55 +00:00
brenosilva
549f059480 move 2.5.13 into trunk 2010-12-08 18:58:18 +00:00
b1v1r
058283fb5a Add the ability to build custom request body parser extensions. 
Add an example for a request body parser extension.
 2010-05-05 23:01:11 +00:00
b1v1r
08edc0c26f Merge 2.5.x (2.5.12) changes into trunk. 2010-02-05 19:05:20 +00:00
ivanr
ed11e27e0f Moving performance logging from level 3 to level 4 to prevent it from polluting the error log 2010-02-04 08:39:26 +00:00
ivanr
e0f1608408 Move writing to collections and GC earlier so that the results can be logged. 2010-02-03 08:59:33 +00:00
ivanr
0ecfe86c3c Add PERF_GC. 2010-02-03 08:46:42 +00:00
ivanr
5448b3fc26 Log the duration of garbage collection at level 3. 2010-02-03 07:29:54 +00:00
ivanr
bc35ab7e0b Implement variables for access to performance measurements. 2010-02-01 11:44:32 +00:00
ivanr
7b56982f26 Implemented a new time-measuring mechanism. Added Stopwatch2. 2010-02-01 09:42:23 +00:00
ivanr
6d5e752cb3 Added URLENCODED_ERROR, which is raised when invalid URL encoding is encountered 2009-12-12 14:21:17 +00:00
b1v1r
b01f8190e4 Merged 2.5.x changes for 2.5.11 into trunk. 2009-11-06 18:38:15 +00:00
ivanr
8fe278e845 Change 'sanitise' to 'sanitize' everywhere, preserving the 'sanitise' action variants for backward compatibility. 2009-10-29 17:57:18 +00:00
b1v1r
73fb8eae5d Merge latest 2.5.x changes to trunk. 2009-07-24 05:11:45 +00:00
b1v1r
dc0a2161ac Merge 2.5.9 changes into trunk. 2009-03-12 15:31:10 +00:00
(no author)
4a336dadf2 Removed an invalid "Internal error" message forcing auditing of a request (MODSEC-29). 
Cleaned up error messages prior to using send_error_bucket().
 2008-10-21 17:45:18 +00:00
brectanus
34798e9abe Allow ability to force request body buffering to memory. Fixes MODSEC-2. 2008-09-03 20:42:28 +00:00
brectanus
20cc395510 Added mlogc source. 2008-09-02 23:10:36 +00:00
brectanus
10713fbd37 Sync up branches/2.5.x and trunk. 2008-07-31 22:36:24 +00:00
brectanus
0b1e2d674a Fix a minor typo in a comment. 2008-06-05 17:01:42 +00:00
ivanr
e1e200c005 Disabled phase 5 after interception by mistake. Fixed 2008-06-05 14:57:05 +00:00
ivanr
c3fd0231d0 Prevent phases from being processed more than once. 2008-06-05 14:52:48 +00:00
brectanus
6241dfe961 Fixed XML multithreading crash. See #501. 2008-05-30 20:01:44 +00:00
brectanus
f394c6faa2 Add atomic updates for persistent counters. See #20. 2008-05-13 00:05:02 +00:00
brectanus
5f09dbb3ee Sync up trunk with changes from 2.5.x. 2008-03-28 17:06:44 +00:00
brectanus
f428d37680 Cleanup - remove extraneous whitespace and tabs. 2008-02-07 21:45:05 +00:00