github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,630 Commits 55 Branches 109 Tags
Commit Graph

249 Commits

Author SHA1 Message Date
Felipe Zimmerle
8d052853a8 Adds support to https audit log output 
This functionality was built for test only.
 2016-04-04 13:29:15 -03:00
Felipe Zimmerle
e0926fee37 Fix parser error while dealing with operator negation 
This patch closes the issue #960
 2016-03-17 18:06:46 -03:00
Felipe Zimmerle
77a1dcab9b parser: fix issue with skipAfter action 
Considering \n and/or \r as the end of the token.
 2016-02-11 16:42:39 -03:00
Felipe Zimmerle
d780fd6290 Fix the parse to distinguish between @pm content and a variable 
Before this patch the parser was not understanding @pm content that
contains a variable.
 2016-01-12 13:59:27 -03:00
Felipe Zimmerle
702551ed42 Adds support to action `exec' to sec lang parser 2016-01-12 10:57:06 -03:00
Felipe Zimmerle
923620fbd0 Adds support to the action `allow' in the sec parser 2016-01-12 10:42:36 -03:00
Felipe Zimmerle
7901c2c899 Adds the actions SetSID and SetUID to the seclang parser 2016-01-12 10:34:33 -03:00
Felipe Zimmerle
ab92bed6fa Parser improvement: Supporting variables selection with regex 2016-01-12 09:59:33 -03:00
Felipe Zimmerle
3acc013e49 Improves the secrules parser 2016-01-11 17:50:35 -03:00
Felipe Zimmerle
f23908f145 Improves the secrules parser 2016-01-11 15:14:26 -03:00
Felipe Zimmerle
decf04d264 Adds support to SecResponseBodyMimeType 2015-12-24 11:55:24 -03:00
Felipe Zimmerle
913e22a77d Adds initial support to initcol action 2015-12-22 12:10:15 -03:00
Felipe Zimmerle
215c4d1071 Fix ARGS_POST and ARGS_GET variables order on the parser 2015-12-11 09:26:01 -03:00
Felipe Zimmerle
b5a43871e6 Changes library namespace from ModSecurity to modsecurity 2015-12-01 10:55:59 -03:00
Felipe Zimmerle
09a958544d Makes @geoLookup optional depending on the availability of libGeoIP 2015-11-20 11:09:05 -03:00
Andrew Hutchings
f65b08b066 Fix parser to accept redirect action without single quote 2015-11-17 11:08:39 -03:00
Felipe Zimmerle
e641c3cc17 Huge improve in the variables resolution time 2015-11-03 22:44:59 -03:00
Felipe Zimmerle
3fff343009 Adds missing variables 2015-10-19 23:04:52 -03:00
Felipe Zimmerle
e65f0db13b Fix on the variable parser 2015-10-19 19:31:23 -03:00
Felipe Zimmerle
e57ee8908f Searches for included configuration using the resource policy 2015-10-07 15:26:08 -03:00
Felipe Zimmerle
e54ef72051 Looks for external resources in the same path of the rule 2015-10-06 09:21:30 -03:00
Felipe Zimmerle
df819dc43b Removes SPACE token form the GRAMMAR 2015-10-02 11:30:05 -03:00
Felipe Zimmerle
54c51e2512 Fix parser shift/reduce problem on state 133 2015-10-02 11:03:04 -03:00
Felipe Zimmerle
8255ce86ca Adds reference to filename and line number to lexer errors 2015-09-30 14:36:33 -03:00
Felipe Zimmerle
900af2cd48 Adds possibility to use include with wildcards and env vars 2015-09-29 14:06:13 -07:00
Felipe Zimmerle
cb9524ffd7 Adds support to collection in the parser 2015-09-29 13:14:36 -07:00
Felipe Zimmerle
d084ab5f2d Fix the "line counting" on parser errors 2015-09-29 12:22:23 -03:00
Felipe Zimmerle
70e2a4b379 Adds support to include path between quotes 2015-09-29 10:43:28 -03:00
Felipe Zimmerle
c425b24ffb Extends redirect action to support url without quotes 2015-09-15 18:25:15 -03:00
Felipe Zimmerle
2a8f45b895 Adds transformations removeComments and replaceComments to the seclang parsers 2015-09-11 12:41:09 -03:00
Felipe Zimmerle
3c53869915 Adds transformation normalisePath to seclang parser 2015-09-09 23:02:07 -03:00
Felipe Zimmerle
92563da930 Adds t:utf8toUnicode and variable XML to the seclang parser 2015-09-09 22:51:19 -03:00
Felipe Zimmerle
736183b7f1 Adds ctl:forceRequestBodyVariable to the seclang parser 2015-09-09 22:43:18 -03:00
Felipe Zimmerle
4095ae7b52 Adds action accuracy to the parser 2015-09-09 22:26:35 -03:00
Felipe Zimmerle
1079b5ba54 Adds action maturity to the parser 2015-09-09 22:19:07 -03:00
Felipe Zimmerle
09651baf9a Adds action ver to the seclang parser 2015-09-09 22:10:45 -03:00
Felipe Zimmerle
254b29265e Adds action expirevar to the parser and fix the line counting 2015-09-09 18:31:37 -03:00
Felipe Zimmerle
ee8b886371 Adds parser support to ctl:[auditEngine|ruleEngine] 2015-09-09 17:51:53 -03:00
Felipe Zimmerle
ec6a5a0cd2 Adds support to t:sha1 and t:hexEncode at seclang parser 2015-09-09 17:13:07 -03:00
Felipe Zimmerle
d1fa2cfa7b Parser: Fix redirect action and adds SecRule first line-only comment syle 2015-09-09 15:10:38 -03:00
Felipe Zimmerle
5c3a4b608d Adds support to SecMarker and skipAfter 2015-09-08 10:06:37 -03:00
Felipe Zimmerle
b048794f4e Adds support to unconditional rules 2015-09-04 15:55:53 -03:00
Felipe Zimmerle
010c18f63f Adds support to SecDefaultAction configuration directive 2015-09-04 10:56:04 -03:00
Felipe Zimmerle
f2ed890ea6 Now accept SecRules regardless of the letter case 2015-09-03 11:09:40 -03:00
Felipe Zimmerle
ea4cd53221 Accepts phases with its name instead of a number 2015-09-02 18:31:02 -03:00
Felipe Zimmerle
035040cd13 Adds sanity check to confirm that the rule has an ID and it is not duplicated 2015-09-02 18:30:41 -03:00
Felipe Zimmerle
e89e395a32 Fix various minor issues on the auditlog schema 2015-08-27 17:50:42 -03:00
Felipe Zimmerle
1065e297b2 Fix several minor issues on the seclang grammar 2015-08-22 11:06:28 -03:00
Felipe Zimmerle
e78d7f5b91 Makes the parser understand some missing configuration directives 
Directives:
 - SecPcreMatchLimitRecursion
 - SecPcreMatchLimit
 - SecResponseBodyMimeType
 - SecTmpDir
 - SecDataDir
 - SecArgumentSeparator
 - SecCookieFormat
 - SecStatusEngine

Those are not implemented yet, but the parser is now able to understand it.
 2015-08-20 13:04:54 -03:00
Felipe Zimmerle
a453a656c3 Fix continuation line and VARIABLENOCOLON 2015-08-19 23:12:34 -03:00