ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00

Author	SHA1	Message	Date
martinhsv	b9620c26a0	rx:exit after full match; fix TX population after unused group	2020-06-29 06:13:45 -07:00
martinhsv	a1547eaa32	Regression tests: audit log compare support and test cases	2020-03-31 15:01:26 -03:00
Felipe Zimmerle	7a48245aed	Creates RuleUnconditional Makes RuleScript child of RuleWithActions instead of Operator	2020-03-31 14:44:19 -03:00
Felipe Zimmerle	43f8aee6b6	Splits Rule class into: Rule, RuleBase, RuleMarker	2020-03-30 20:21:36 -03:00
Felipe Zimmerle	9d158611cf	Makes Rule a shared pointer	2020-03-25 16:11:23 -03:00
Felipe Zimmerle	1e26bf2078	Revert "Creates the RulesSetPhases clas" This reverts commit 072e4edc53e388fdf64a5eb9d4317544a1c8ada6.	2020-03-11 08:17:56 -03:00
Felipe Zimmerle	072e4edc53	Creates the RulesSetPhases clas	2020-03-05 07:13:02 -03:00
martinhsv	f57265a3e2	Support configurable limit on number of arguments processed	2020-02-14 11:00:01 -03:00
martinhsv	136db3e582	Multipart Content-Disposition should allow filename* field	2020-02-11 10:29:38 -03:00
martinhsv	1b1fdc055b	Fix rule-update-target exclusions for plain (non-regex) variables	2020-02-11 09:42:37 -03:00
martinhsv	0470168056	Fix: audit log data omitted when nolog,auditlog	2020-01-07 11:16:07 -03:00
martinhsv	b8160cce6b	Fix Cookie header parsing issues	2019-11-20 08:51:06 -03:00
Ervin Hegedus	7ba77631f9	Replace Cookie parsing method	2019-11-20 08:51:05 -03:00
martinhsv	9cac167faf	Fix argument key-value pair parsing cases	2019-11-05 13:06:29 -03:00
felipe	c41ab312f3	Updates test cases	2019-10-24 09:59:57 -03:00
Felipe Zimmerle	beedddd6c6	Fix @pm lookup for possible matches on offset zero	2019-10-02 08:05:14 -07:00
Felipe Zimmerle	2bdc5f9d0a	Adds test case to cover issue #2005	2019-06-18 15:10:43 -03:00
Felipe Zimmerle	6ab464ab78	negative lookup on the key name instead of COLLECTION:key	2019-06-17 13:04:25 -03:00
Ervin Hegedus	c0142cf326	Changed compared variables of range id intervall in ruleRemoveById ctl action. #2111 * changed the variables in clause * added test case (@theMiddle) * fixes #2111	2019-06-04 10:28:30 -03:00
Felipe Zimmerle	9ebebfc838	Fix test case 1960	2019-06-04 08:38:45 -03:00
Felipe Zimmerle	50abc072c4	Make block action execution dependent of the SecEngine status	2019-06-03 19:55:02 -03:00
Felipe Zimmerle	a4e8484115	Having body limits to respect the rule engine state	2019-06-03 14:05:10 -03:00
Felipe Zimmerle	20b90364fa	Adds test case for #1872	2019-05-31 11:50:47 -03:00
Felipe Zimmerle	1b8d69da02	Fix dict element regular expression selection on SecRuleUpdateTargetByTag	2019-05-31 01:42:51 -03:00
Felipe Zimmerle	5472362313	Fix SecRuleUpdateTargetByTag with regular expressions	2019-05-31 01:42:47 -03:00
Ervin Hegedus	7a93bea8f7	Added some test cases related to #2099	2019-05-30 09:52:27 -03:00
Rufus125	86ce479b59	Adds new operator to check for data leakage of Austrian social security number	2019-05-29 20:57:08 -03:00
Felipe Zimmerle	b574418386	regression: Using github instead of modsecurity.org for SecRemoteRules	2019-04-05 12:59:34 -03:00
Ervin Hegedus	a6e6bc2b5f	Allow empty anchored variable to use	2019-02-12 09:31:19 -03:00
Ervin Hegedus	2d3fbbc56a	Modified affected test cases, which checked wrong variables	2019-02-12 09:16:07 -03:00
Ervin Hegedus	17d79ed7ba	Fixed data collecting in multipart parsing	2019-02-12 09:16:07 -03:00
Ervin Hegedus	4b3e6328e3	Fixed validateByteRange parsing method	2019-02-12 09:10:36 -03:00
Felipe Zimmerle	145f2f35b7	tests: Updates secrules-language-tests	2019-02-05 11:26:03 -03:00
Felipe Zimmerle	d00ea5111d	Adds initial support to drop action	2018-12-24 16:35:41 -03:00
Felipe Zimmerle	25bb1f1bcc	Changes ENV test case to read the default MODSECURTIY env var	2018-11-29 15:21:28 -03:00
Felipe Zimmerle	d2b14de268	Allow 0 length JSON requests As discussed at: #1822	2018-11-29 10:39:46 -03:00
Felipe Zimmerle	ce3abf2626	Adds support to multiple ranges in ctl:ruleRemoveById Issue #1956	2018-11-26 20:48:18 -03:00
Victor Hora	cbf2fe9703	Adjust boundary test cases for the less strict parsing	2018-11-20 22:17:53 -03:00
Victor Hora	b638e523af	Make the boundary check less strict as per RFC2046	2018-11-20 22:17:22 -03:00
Felipe Zimmerle	9d80983e55	Fix on top of #1943 + adding test cases	2018-11-01 16:11:39 -03:00
Victor Hora	e3b9f7c913	Fix SecUnicodeMapFile support Makes SecUnicodeMapFile read the file and adjust transformation to use the right variable.	2018-10-31 22:57:39 -03:00
Victor Hora	84ece3edcb	Add test case for SecUnicodeMap	2018-10-31 22:19:27 -03:00
Felipe Zimmerle	065c2e67b6	Adds test case for #1850	2018-10-30 18:25:46 -03:00
Felipe Zimmerle	e1e8a01ed2	Override the default status code if not suitable to redirect action Issue #1850	2018-10-30 18:20:23 -03:00
Felipe Zimmerle	3f0ea90970	Test case skeleton for #1941	2018-10-29 11:14:31 -03:00
Felipe Zimmerle	973c1f1028	Fix rule line number Issue #1844	2018-10-24 21:02:35 -03:00
Felipe Zimmerle	ef7f65db90	Changes debuglogs schema to avoid unecessary str allocation	2018-10-23 17:00:16 -03:00
Felipe Zimmerle	69cd61439d	Changes the timing to save the rule message	2018-10-23 16:58:42 -03:00
Felipe Zimmerle	120108fd33	Adds support for /32 in @ipMatch cidr notation. /32 is the representation of the ip itself. Not sure if it is needed, but there is a complaint for that: #849	2018-10-23 16:37:53 -03:00
Felipe Zimmerle	7c50fa7c00	Small fix on @detectXSS test case	2018-10-23 16:26:11 -03:00

1 2 3 4 5 ...

314 Commits