github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
130 Commits 55 Branches 109 Tags
Commit Graph

130 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
brectanus
b761c1c01c Merge in some doc changes. 
Fix some doc formatting issues.
Update the CHANGES file.
 2007-08-02 20:40:37 +00:00
brectanus
72832c1b32 Working on cache enhancements. See trac #14. 2007-08-02 20:25:06 +00:00
brectanus
3e5e2a06b7 Stricter validation for @validateUtf8Encoding. 
Capture the match in TX:0 when using "capture" action w/@pm operators.
 2007-07-31 19:04:07 +00:00
brectanus
5a38dde99b Disable XML parsing by default in the included core rules. 2007-07-30 15:34:46 +00:00
ivanr
bafe8ad773 Remove old comment. 2007-07-27 13:31:31 +00:00
ivanr
31f119664f Updated README files to refer to GPLv2. 2007-07-27 12:45:09 +00:00
ivanr
3facacf92a Emphasize the need to check REQBODY_PROCESSOR_ERROR in configuration example. 2007-07-27 12:38:54 +00:00
ivanr
73706c8bc6 Update documentation to emphasize the importance of REQBODY_PROCESSOR_ERROR handling. 2007-07-27 12:31:19 +00:00
brectanus
8b9d914ed0 Merge in code fixes to create msr context on request failure. 2007-07-23 22:14:09 +00:00
brectanus
4d03b029f1 Remove the error message on a failed request so we can handle it in a pater phase. 2007-07-19 14:45:43 +00:00
brectanus
9be72c39d1 Update to core rules 1.4.3 2007-07-19 14:18:42 +00:00
brectanus
e251a9bd57 Add back code to send an alert on request failure. 2007-07-19 13:33:46 +00:00
ivanr
656021c20e Fix typo. 2007-07-17 09:01:13 +00:00
ivanr
bff23e3eba Updated the rule IDs documentation (reserved ranges). 2007-07-17 08:58:35 +00:00
ivanr
96edb02fe8 Updated documentation to specify libxml is no longer optional. 2007-07-09 15:40:07 +00:00
ivanr
881e8e66c2 Update LICENSE removing part that is not the licence (but can cause confusion). 2007-07-02 15:22:37 +00:00
brectanus
7fbf664ec8 Added cygwin to list of compilers that do not support hidden visibility attribute. 2007-07-02 14:49:56 +00:00
ivanr
8cd8f42d24 Clarified which variables are URL-decoded and which aren't. 2007-07-02 13:56:13 +00:00
ivanr
f19622b04b Clarified that we are a GPLv2-only project. 2007-06-29 23:23:00 +00:00
ivanr
129a5ab252 Reserved a rule ID range for ScallyWack. 2007-06-29 08:24:33 +00:00
brectanus
698955aae1 Update changes to reflect the 2.2 -> 2.5 change. 2007-06-21 15:45:21 +00:00
brectanus
8dea31635c Update @within docs according to Ofer's comments. See #134. 2007-06-21 14:09:13 +00:00
brectanus
19887f9cc6 Added @within string comparison operator with support for macro expansion. See #134. 2007-06-21 02:21:06 +00:00
brectanus
b58efb3466 Update CHANGES. 
Reversion from 2.2. to 2.5.
Update @pmFromFile to base relative filenames off of rule file path.
 2007-06-20 19:58:01 +00:00
ivanr
de739c60c0 Updated documentation for RESPONSE_CONTENT_TYPE and RESPONSE_CONTENT_LENGTH. 2007-06-20 11:17:07 +00:00
ivanr
8de8e44e09 Removed RESPONSE_CONTENT_ENCODING, which never worked as intended. 2007-06-20 11:10:47 +00:00
ivanr
5cb4823c4b Documented that we do not support atomic updates of persistent variables at this time. 2007-06-20 10:59:37 +00:00
ivanr
1c639cf7dd Added two payload examples for XPath expression examples. 2007-06-20 10:10:05 +00:00
brectanus
efe52d4e77 Initialize rules tmp pool properly. 
Update to latest core rules.
 2007-06-14 18:48:35 +00:00
brectanus
a4835b73ff Fix bad merge of mem pool fix from trunk. 
Update to latest core rules.
 2007-06-14 18:46:58 +00:00
brectanus
6569c444d8 Make rules/README UNIX style EOL. 
Merge another branch/2.1.x change.
 2007-06-14 16:42:04 +00:00
brectanus
d55e023bf7 Revert msr_log as macro (still work-in-progress) 2007-06-14 16:13:53 +00:00
brectanus
81d0f84ad3 Update copyright text to Breach Security, Inc. 
Merge in changes from branches/2.1.x
 2007-06-14 16:05:45 +00:00
ivanr
c39723c3aa Document SecPdfProtectMethod. 2007-06-14 15:48:53 +00:00
ivanr
74738b29b0 Added new directive (SecPdfProtectMethod) to enable the user to choose between 
using token redirection (falling back on forced download in some cases) and
forced download (in all cases).
 2007-06-14 15:26:08 +00:00
ivanr
8b843127ba Revert incorrect change to GET/HEAD detection code. This will teach me to always compile before I commit. 2007-06-14 14:59:48 +00:00
ivanr
c7f5dc3355 Configure PDF protection by token redirection to only work on GET and HEAD requests. If we attempted to work on other request methods we would probably break something as there is no way to preserve request bodies. The default was previously been to work on all requests. This behavious can still be changed using the SecPdfProtectInterceptGETOnly directive but I am going to leave it undocumented. 2007-06-14 14:54:23 +00:00
ivanr
eec279c8d9 Cleanup code. 2007-06-14 14:43:35 +00:00
brectanus
6350e2badc Do not log alert message for subrequests. See #124. 
Cleanup CHANGES.
 2007-06-11 21:28:03 +00:00
brectanus
23bd6b4331 Do not pause if we are not the main request. See #124. 2007-06-11 21:20:07 +00:00
brectanus
46d7a5ec6f Move transformation cache rec def re.h from modsecurity.h 2007-06-11 21:15:14 +00:00
ivanr
71eb6e17a4 Added XPath references. 2007-06-08 15:48:02 +00:00
brectanus
dd6755985c Move the transformation cache recort into re.h. See #14. 2007-06-05 18:20:44 +00:00
brectanus
11456dd87a Use pmFromFile instead of pmfile and p=phrase instead of parallel in docs. See #16. 2007-06-04 20:16:48 +00:00
brectanus
e5c00d156a Added rule file/line to audit log messages. See #49. 2007-06-01 15:32:08 +00:00
brectanus
f1607d007b Cleanup message output. See #16. 2007-06-01 15:21:04 +00:00
brectanus
86f648d267 Remove extraneous debug log message. 2007-06-01 13:04:13 +00:00
brectanus
84c0ca303e Fixed patch for subrequests to be more complete. See #124. 2007-05-31 15:42:42 +00:00
brectanus
e887faac2b Add @pm/@pmfile operators (parallel patch). See #16. 2007-05-30 22:02:35 +00:00
brectanus
f53c4241fd Add entry to CHANGES. 2007-05-30 16:13:22 +00:00