github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-16 07:56:12 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,272 Commits 55 Branches 109 Tags
Commit Graph

27 Commits

Author SHA1 Message Date
Ervin Hegedus
63af83080c
Fix pmfromfile external tests - temporary suspended all tests 2025-07-28 16:22:29 +02:00
Ervin Hegedus
780304caf4
Fix ipmatchfromfile external tests - temporary suspended all tests 2025-07-28 16:19:26 +02:00
Ervin Hegedus
1362a30e93
Fix SecRemoteRules test - that's need anymore 2025-07-28 16:18:14 +02:00
Ervin Hegedus
bc01714ca1
Fix status engine tests 2025-07-28 16:11:24 +02:00
Ervin Hegedus
33791eb14a
Fix multipart tests 2025-07-28 16:09:10 +02:00
Martin Vierula
afb48b2c97
Adjust one automated test 2023-01-04 08:00:49 -08:00
Martin Vierula
7a489bd07c
Multipart parsing fixes and new MULTIPART_PART_HEADERS collection 2022-09-07 11:09:47 -07:00
Martin Vierula
159cb4e93c
Fix a failing test. 2022-08-20 15:24:37 -07:00
Martin Vierula
065dbe7e76
Multipart names may include single quote if double-quote enclosed 2021-12-22 10:37:03 -08:00
Felipe Zimmerle
9f92321afb
Fix test case to match new version of curl. 
Error message was changed
 2017-07-14 10:37:58 -03:00
Felipe Zimmerle
462308be74 Improves the accuracy of version identification on status calls 
Trying to differentiate among IIS, Apache, NGINX, and Standalone builds.
 2015-02-11 18:37:01 -08:00
Felipe Zimmerle
ce4cf24f6e Refactoring external resources download warn messages 
Holding the message to be displayed when Apache is ready to write on the
error_log instead of the default output. Regression tests were added.
 2014-12-11 12:42:49 -08:00
Felipe Zimmerle
b019f6056f fix typo 
- Adds a missing "s" while informing the amount of remote loaded rules.
- Renames text file that was wrongly named as .py
 2014-11-17 19:32:43 -08:00
Felipe Zimmerle
723336f1fb Adds regression test for FILE_TMP_CONTENT 2014-11-14 11:53:40 -08:00
Felipe Zimmerle
86787f2af9 Adds SecRemoteRules regression tests. 
Added two test cases for SecRemoteRules. Contents are loaded from
https://www.modsecurity.org
 2014-11-14 11:53:40 -08:00
Felipe Zimmerle
b5398abaf2 Forces downloads using https-only for resources or rules 
This commit makes ModSecurity to refuse to download or install rules
(SecRemoteRules) from sites that are not running HTTPS with a valid and
trusted certificate.
 2014-11-14 11:53:40 -08:00
Felipe Zimmerle
899ee0c365 Adds support to load remote resources to pmFromFile and ipMatchFromFile 
Initially those directives were only able to load content from a
local file. This commit extends this functionality allowing the user to
provide an HTTP URI that can be downloaded and loaded by ModSecurity.
Initially the download is associated with a server restart. For next
versions we expect to load such resources as it become outdated (Without
need to resetart the server).
 2014-11-14 11:53:40 -08:00
Felipe Zimmerle
cee205b109 Adds Status test case with the SecServerSignature being used 
If SecServerSignature is used ModSecurity should send the real data, not the
one informed to SecServerSignature.
Originally reported by: Linas
 2014-11-14 11:53:39 -08:00
Felipe Zimmerle
a45fe95ed5 FuzzyHash: if disable giving an run time error instead of config 
FuzzyHash operator is optional and only installed if the headers for libfuzzy
was found in the system. Otherwise, the FuzzyHash operator is disable during
the compilation. After this commit, if some rules tries to use it, ModSecurity
will produce an runtime error not a config time error, allowing the web server
to procede normal with its operations.
 2014-11-14 11:53:39 -08:00
Felipe Zimmerle
fa0c97ea7b Adds regression test to cover the @fuzzeHash operator 
Added 30-fuzzyHash.t and the ssdeep hash files. Hash files was generated using
files from ModSecurity repository.
 2014-11-14 11:53:39 -08:00
Felipe Zimmerle
66939d059b Adds initial support to @detectXSS 
Libinject was recently updated to support XSS detection. This commit adds
initial support to it.
 2014-03-31 16:22:11 -07:00
Felipe Zimmerle
d75e443b9b Adds regression test to SecStatusEngine 
Just checking the error log while have SecStatusEngine set to On in a first
test and Off in a second.
 2014-03-31 07:14:55 -07:00
Felipe Zimmerle
9bf1f6a2b3 test: removes uncessary ifDefine at 10-tfn-cache.t 
IfDefines such as: <IfDefine MODSEC_2.5> are just compatible with Apache a
solution to check if some resource is available or not have to be developed
to be used in situations like that. This commit just removes the IfDefine.
 2014-01-13 08:11:42 -08:00
Felipe Zimmerle
6325ed8d41 Tests: fixes regression/misc/10-tfn-cache.t 
Tests were failing because they were writing wrong/outdated.
 2014-01-01 11:49:08 -08:00
Felipe Zimmerle
11287a6b95 test: fixes regression/misc/00-multipart-parser.t 
Tests were failing because they were writing wrong/outdated.
 2014-01-01 10:29:21 -08:00
Breno Silva
d93be48049 Fixed: Regression tests with no ID present 2013-03-24 03:08:03 -04:00
b1v1r
eb6b9274af Redo build system to properly use autotools and avoid compilation with apxs util. 2010-04-25 23:24:09 +00:00