github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,401 Commits 55 Branches 109 Tags
Commit Graph

1152 Commits

Author SHA1 Message Date
Felipe Zimmerle
6367e6d5e9
Having a class Rules 2020-03-24 17:20:10 -03:00
Felipe Zimmerle
fb7714f202
Creates class RulesSetPhases 2020-03-24 14:00:28 -03:00
Felipe Zimmerle
88789a577f
parser: Using bison 3.5.2 2020-03-11 14:21:11 -03:00
Felipe Zimmerle
1e26bf2078
Revert "Creates the RulesSetPhases clas" 
This reverts commit 072e4edc53e388fdf64a5eb9d4317544a1c8ada6.
 2020-03-11 08:17:56 -03:00
Felipe Zimmerle
072e4edc53
Creates the RulesSetPhases clas 2020-03-05 07:13:02 -03:00
Felipe Zimmerle
6a742cdf76
Refactoring: Renames RulesProperties to RulesSetProperties 2020-02-17 13:17:03 -03:00
martinhsv
f57265a3e2
Support configurable limit on number of arguments processed 2020-02-14 11:00:01 -03:00
Felipe Zimmerle
4e9ba44d03
build: Keep the installation of rules.h 2020-02-13 09:16:35 -03:00
Felipe Zimmerle
22ec307739
Fix 7495675d540b3b3ccce681773205a4fe34daeb64 2020-02-12 08:56:03 -03:00
Felipe Zimmerle
7495675d54
Refactoring: Renames Rules to RulesSet 
RulesSet does not only contain rules but alse properties
 2020-02-11 14:26:47 -03:00
Felipe Zimmerle
0c3e8b6b59
parser: cosmetics: makes it easy to read 2020-02-11 13:10:49 -03:00
Felipe Zimmerle
6a0df8ca5c
parser: new bison version 2020-02-11 11:15:09 -03:00
martinhsv
136db3e582
Multipart Content-Disposition should allow filename* field 2020-02-11 10:29:38 -03:00
martinhsv
1b1fdc055b
Fix rule-update-target exclusions for plain (non-regex) variables 2020-02-11 09:42:37 -03:00
Felipe Zimmerle
357c140003
Changens copyright year 2020-01-31 10:32:37 -03:00
Felipe Zimmerle
fe98ce4c7d
Cosmetics: address cppcheck warnings 2020-01-30 18:19:34 -03:00
Felipe Zimmerle
68ef2dece3
Cosmetics: address cppcheck warnings on src/variables 2020-01-27 09:08:31 -03:00
Felipe Zimmerle
ff9152ed74
Cosmetics: address cppcheck warnings on src/utils 2020-01-23 08:51:45 -03:00
Felipe Zimmerle
ff590174da
Cosmetics: address cppcheck warnings on src/operators 2020-01-23 08:10:05 -03:00
Felipe Zimmerle
9101a8ab15
Cosmetics: address cppcheck warnings on src/actions 2020-01-22 10:37:51 -03:00
Felipe Zimmerle
4f13fecbaf
cppcheck: make static analysis more pedantic 2020-01-22 09:16:10 -03:00
Felipe Zimmerle
86a5f471a9
Cosmetics: fixed static analysis issues. 2020-01-15 20:35:59 -03:00
martinhsv
0470168056 Fix: audit log data omitted when nolog,auditlog 2020-01-07 11:16:07 -03:00
root
6624a18a4e
Fixed inspectFile operator does not pass FILES_TMPNAMES 
pass FILES_TMPNAMES variable to lua engine Fixed Lua engine
should also be aware of the variable and pass it to the target
lua script main function
 2019-11-26 08:40:53 -03:00
Felipe Zimmerle
05e9e7cf31
XML: Remove error messages from stderr 2019-11-25 09:27:11 -03:00
toubley
7b1b00b5e1
filter comment or blank line for pmFromFile operator 2019-11-22 14:49:41 -03:00
martinhsv
ea7cacf289
Additional adjustment to Cookie header parsing 2019-11-21 16:50:27 -03:00
martinhsv
6395fe07ce
Restore chained rule logging to be more like 2.9 2019-11-21 08:21:59 -03:00
Ervin Hegedus
038522ad9b
Small fixes in log messages to help debugging 2019-11-20 15:24:30 -03:00
martinhsv
b8160cce6b Fix Cookie header parsing issues 2019-11-20 08:51:06 -03:00
Ervin Hegedus
7ba77631f9 Replace Cookie parsing method 2019-11-20 08:51:05 -03:00
martinhsv
199a9db3e2
Fix nolog rules logging to part H 2019-11-11 13:50:44 -03:00
martinhsv
9cac167faf Fix argument key-value pair parsing cases 2019-11-05 13:06:29 -03:00
martinhsv
68c995ca98 Fix: audit log part for response body for JSON format to be E 2019-10-25 09:51:26 -03:00
martinhsv
01c7a2689b
Fix test issue-1974 2019-10-24 09:57:49 -03:00
Victor Hora
d4dc3dbf2a
Make sure m_rulesMessages is filled after successfull match 2019-10-16 09:40:04 -03:00
Andrei Belov
5929277938
Avoid using NULL string (match) in Pm::evaluate 
Closes #2178.
 2019-10-07 08:37:05 -03:00
Felipe Zimmerle
beedddd6c6 Fix @pm lookup for possible matches on offset zero 2019-10-02 08:05:14 -07:00
marduone
96d36afeca
Add Missing throw in Operator::instantiate 2019-06-17 14:56:03 -03:00
Felipe Zimmerle
6ab464ab78
negative lookup on the key name instead of COLLECTION:key 2019-06-17 13:04:25 -03:00
Felipe Zimmerle
47dd9c5df4
Refactoring on the VariableValue class 2019-06-14 10:13:54 -03:00
Ervin Hegedus
c0142cf326
Changed compared variables of range id intervall in ruleRemoveById ctl action. #2111 
* changed the variables in clause
* added test case (@theMiddle)
* fixes #2111
 2019-06-04 10:28:30 -03:00
Felipe Zimmerle
50abc072c4
Make block action execution dependent of the SecEngine status 2019-06-03 19:55:02 -03:00
Felipe Zimmerle
a4e8484115
Having body limits to respect the rule engine state 2019-06-03 14:05:10 -03:00
Felipe Zimmerle
1b8d69da02
Fix dict element regular expression selection on SecRuleUpdateTargetByTag 2019-05-31 01:42:51 -03:00
Felipe Zimmerle
5472362313
Fix SecRuleUpdateTargetByTag with regular expressions 2019-05-31 01:42:47 -03:00
Ervin Hegedus
db298696fa Adds missing check for runtime ctl:ruleRemoveByTag 2019-05-30 09:50:56 -03:00
Rufus125
86ce479b59
Adds new operator to check for data leakage of Austrian social security number 2019-05-29 20:57:08 -03:00
Julien Leproust
49900eec97
Fix variables output in debug logs 2019-05-27 17:39:04 -03:00
Tim Herren
75a5c8d334
correct typo validade in log output 2019-05-27 17:13:29 -03:00