github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,509 Commits 55 Branches 109 Tags
Commit Graph

265 Commits

Author SHA1 Message Date
brectanus
3848ff5b36 Worked around mod_jk issue where a 401 response was not including the WWW-Authentication header (MODSEC-16). 2008-09-15 19:51:06 +00:00
brectanus
309510d70b Change from ctl:requestBodyBuffering to ctl:forceRequestBodyVariable. 2008-09-10 17:11:20 +00:00
brectanus
f20059b009 Make sure we fail to validate DTD/schema after a parsing error. Fixes MODSEC-5. 2008-09-03 22:16:42 +00:00
brectanus
34798e9abe Allow ability to force request body buffering to memory. Fixes MODSEC-2. 2008-09-03 20:42:28 +00:00
brectanus
139d651bbf Updated the CHANGES. 2008-09-03 18:06:14 +00:00
brectanus
20cc395510 Added mlogc source. 2008-09-02 23:10:36 +00:00
brectanus
d419a21682 Update CHANGES. 
Sync up docs.
 2008-08-15 20:25:27 +00:00
brectanus
10713fbd37 Sync up branches/2.5.x and trunk. 2008-07-31 22:36:24 +00:00
ivanr
ae40b8c213 Implemented cssDecode. 2008-07-16 13:08:12 +00:00
brectanus
e6e06bff72 Update trunk CHANGES with 2.5.5 release. 2008-07-07 15:47:49 +00:00
brectanus
f072738c82 Remove an extraneous debug statement and update version date. 2008-06-05 17:29:29 +00:00
brectanus
83ff6c4796 Re-enable error output filter with a fix after more testing/tracing of code. See #498. 
Update versions to ready for release of 2.5.5.
 2008-06-03 20:28:05 +00:00
brectanus
16acbe4949 Fixed issue where logging was not occuring unless "auditlog" was enabled. See #497, #4, #451 and #445. 2008-06-02 23:34:31 +00:00
brectanus
f2449c6f35 Enable "auditlog" action by default. See #445 and #451. 2008-06-02 23:31:27 +00:00
brectanus
0c95f9c644 Backport fix to improve request body processing error messages. See #504. 2008-05-30 20:16:34 +00:00
brectanus
4d2fa2741c Backported changeset:1056 to 2.5.x which handles a lacking new line after the final multipart boundary. See #502. 2008-05-30 20:07:47 +00:00
brectanus
6241dfe961 Fixed XML multithreading crash. See #501. 2008-05-30 20:01:44 +00:00
brectanus
0c1f2f2e09 Fixed blocking in phase 3 by reverting changeset:591 (for now). See #65 and #498. 2008-05-30 19:31:22 +00:00
brectanus
f394c6faa2 Add atomic updates for persistent counters. See #20. 2008-05-13 00:05:02 +00:00
brectanus
8f7b861d94 Added mod_rpaf-2.0 and mod_custom_header to the beforeme list. 2008-05-09 15:50:17 +00:00
brectanus
ec19e25171 Update changes with 2.5.4 release. 2008-05-09 15:48:57 +00:00
brectanus
cfeb3b9769 Update CRS to 1.6.1. See #484. 2008-04-24 16:48:08 +00:00
brectanus
06eeb7ef04 Fixed crash if a persistent variable name was more than 126 characters. See #478. 2008-04-24 16:40:14 +00:00
brectanus
5735d5fc63 Fixed issue where the exec action may not be able to execute shell scripts. See #475. 2008-04-24 16:30:58 +00:00
brectanus
b4f473f87f Expand macros in expirevar and deprecatevar. See #477. 
Cleaned up debug logs in actions.
Warn on mismatched curly braces in macro expansion.
 2008-04-24 16:23:35 +00:00
brectanus
070e0bb0c6 Update CHANGES with current releases. 2008-04-11 20:10:27 +00:00
brectanus
563a8e0f0c Fixed issue where the exec action may not be able to execute shell scripts. See #475. 2008-04-11 20:05:44 +00:00
brectanus
c50e5b0b38 Update versions for release. 2008-04-02 16:10:47 +00:00
brectanus
aa6be1614e Make sure all filehandles are closed at the end of a trasaction. See #464 and #465. 
Fixes a few typos in some error messages when we are over the limits.
 2008-03-28 20:00:37 +00:00
brectanus
5f09dbb3ee Sync up trunk with changes from 2.5.x. 2008-03-28 17:06:44 +00:00
brectanus
1fbf0c97f2 Update CHANGES, versions and dates for 2.5.0. 2008-02-15 22:51:01 +00:00
brectanus
8cf74f5c91 Update version dates. 
Fix a small typo in Lua example: nil, not null.
 2008-02-14 22:16:21 +00:00
brectanus
f00e15cc0a More updates for Windows builds suggested by Tom Donovan at apachelounge. 2008-02-13 18:10:04 +00:00
brectanus
cc2110b187 Updates to build on Windows with MS VC++ 8. 2008-02-13 07:10:54 +00:00
brectanus
20bc34a53f Update core rules to 1.6.0-rc3. 2008-02-11 22:57:54 +00:00
brectanus
731ac3321b Update version date for 2.5.0-rc3. 2008-02-11 22:49:08 +00:00
brectanus
94f617ae1c Update CHANGES and release dates. 2008-02-09 01:22:01 +00:00
brectanus
45e85e4c89 Update CHANGES and version dates. 2008-02-08 01:24:46 +00:00
brectanus
fd8f4e319f Update CHANGES and versions for 2.5.0-rc3. 2008-02-05 00:55:16 +00:00
brectanus
4535b2e67b Cleanup CHANGES and set release dates for 2.5.0-rc2. 2008-01-29 16:36:36 +00:00
brectanus
52ccced72b Cleanup building actionsets and use minimal default. See #445. 
Fully resolve all rules before logging.
 2008-01-25 04:52:49 +00:00
brectanus
946a350043 Fixed removing cained rules with ctl action. 2008-01-24 22:39:13 +00:00
brectanus
f8adea949c Implemented SecUploadFileMode. See #448. 2008-01-24 22:10:37 +00:00
brectanus
a3584993f5 Implement "block" pseudo-action. See #441. 2008-01-24 05:16:35 +00:00
brectanus
9dbc7807d9 Remove query string from error log. See #447. 2008-01-23 18:12:59 +00:00
brectanus
c72057bc57 Cleanup CHANGES. 2008-01-22 06:59:06 +00:00
brectanus
18e9ef0808 Remove default transformations. See #445. 2008-01-22 05:50:42 +00:00
brectanus
0d24a08f33 Implemented SecRuleUpdateActionById. See #442. 2008-01-19 02:23:41 +00:00
brectanus
9fb03d277d Fixing code based on review comments... 
Cleaned up what vars are cacheable.
Added parens around "*foo++" where it clarified the operation to be "*(foo++)".
Added " at VARNAME" to operator matches where needed.
Escaped var->name in the var generation (user-supplied data).
Marked a bunch of TODOs as ENHs instead.
Transformed some C++ style comments to C style.
Removed the %0-9 macros code which was commented out.
Optimized some ctl action code so that multiple ifs are else ifs.
Implemented some error messages marked as ENH.
Make commented out acmp debugging a configure-time option.
Cleanup GEO debug log messages.
Added relative filename support for geo dbs.
Added help text to Sec* directives.
 2008-01-18 00:47:30 +00:00
brectanus
31e3ada844 Fixed phase 5 rules not being excludable. 2008-01-08 20:45:54 +00:00