github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-09-29 11:16:33 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,665 Commits 55 Branches 109 Tags
cc72035034d40cf36fb13880925f4682a3295c20
Commit Graph

2665 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Robert Paprocki
cc72035034 Remove an unused variable 2018-05-03 15:10:00 -03:00
Felipe Zimmerle
8750ee5d33 CHANGES: Adds info about: #1759 and #1733 2018-05-03 14:44:35 -03:00
Victor Hora
5e40850697 Fix setvar parsing of quoted data 2018-05-03 14:40:48 -03:00
Felipe Zimmerle
e47125c55e CHANGES: Adds info about: #1758 2018-05-03 13:46:02 -03:00
Scott Leggett
98b4e75465 Fix LDFLAGS for unit tests. 2018-05-03 13:44:59 -03:00
Felipe Zimmerle
e48fa2f817 HANGES: Adds info about: #1761 2018-05-03 13:42:52 -03:00
Robert Paprocki
cd1a058c33 Code cosmetics: Clean up MD5 hexdigest 
The null terminator is not necessary when using this form of the
std::string constructor, and its use was confusing given the extra
indent.
 2018-05-03 13:41:49 -03:00
Felipe Zimmerle
d0b423fdd7 Adds time stamp back to the audit logs 
Fix issue #1762
 2018-05-03 13:37:01 -03:00
Felipe Zimmerle
6f92c8914a Disables skip counter if debug log is disabled 2018-04-24 14:17:01 -03:00
Felipe Zimmerle
a1b6cceb65 CHANGES: Adds info about: #1737 2018-04-24 12:00:49 -03:00
Robert Paprocki
d0a63aac03 Define m_secmarker_skipped as an integer type 
There's no reason to treat this this as a double, since it
represents a human-readable data value that is only meaningful
as an integer. In doing so we write cleaner audit logs and save
a small amount of space.
 2018-04-24 11:49:13 -03:00
Victor Hora
bb2ecdf4db Add missing escapeSeqDecode, urlEncode and trimLeft/Right tfns to parser 2018-04-24 09:26:30 -03:00
Felipe Zimmerle
a939d19fad CHANGES: Adds info about: #1738 2018-04-24 09:17:53 -03:00
Felipe Zimmerle
6d5bb42bd8 Normalizes Bison version 2018-04-24 09:15:39 -03:00
Victor Hora
2037a08b34 Fix STATUS var parsing and accept STATUS_LINE var for v2 backward compatibility 2018-04-24 09:06:39 -03:00
Felipe Zimmerle
a806f26be1 CHANGES: Adds info about: #1750 2018-04-23 22:55:51 -03:00
Andrei Belov
268f34bbcc Fix memory leak in modsecurity::utils::expandEnv() 
Found by ASAN.
 2018-04-23 22:54:13 -03:00
Felipe Zimmerle
f888f4e5e4 CHANGES: Adds info about: #1751 2018-04-23 22:46:21 -03:00
Ervin Hegedus
e7ea5433d5 Initialize m_dtd member in ValidateDTD class as NULL 2018-04-23 22:43:36 -03:00
Felipe Zimmerle
3ee65a31c5 CHANGES: Adds info about: #1739 2018-04-23 22:12:58 -03:00
Robert Paprocki
f7beb17570 Fix broken @detectxss operator regression test 2018-04-23 22:11:00 -03:00
Felipe Zimmerle
6a710b3a4c CHANGES: Adds info about: #1743, #1744 2018-04-23 22:09:15 -03:00
Andrei Belov
3d06e1b8b6 Fix github_issue reference in regression test 2018-04-23 22:09:03 -03:00
Andrei Belov
5e65d560f8 Fix utils::string::ssplit() to handle delimiter in the end of string 
This closes #1743.
 2018-04-22 11:37:30 -03:00
Victor Hora
5018358371 Fix variable FILES_TMPNAMES 2018-04-22 11:11:46 -03:00
Felipe Zimmerle
077b18252f CHANGES: Adds info about: #1729, #1730 2018-04-05 09:51:49 -03:00
Andrei Belov
8285a97460 Fix memory leak in Collections 
This closes #1729.
 2018-04-05 09:48:51 -03:00
Felipe Zimmerle
ea7d1ff54b CHANGES: Adds to be released marking 2018-04-05 09:46:56 -03:00
Felipe Zimmerle
8d0f51beda Change release version to v3.0.2 v3.0.2 2018-04-03 10:47:48 -03:00
Felipe Zimmerle
871a131864 CHANGES: Adds info about version issue 2018-04-03 10:42:29 -03:00
Felipe Zimmerle
2e87c4e751 Fix version number on libtool 2018-04-03 01:51:46 -03:00
Felipe Zimmerle
f67ff0aa67 Change release version to v3.0.1 v3.0.1 2018-04-01 21:23:25 -03:00
Felipe Zimmerle
01625bbb38 CHANGES: The correct is: ruleRemoveByTag not ruleRemoveById 2018-03-29 18:03:15 -03:00
Felipe Zimmerle
ff0d451a5c Fix maxmind test case 2018-03-29 17:24:32 -03:00
Felipe Zimmerle
0ca5994744 Adds support for ctl:ruleRemoveByTag action 2018-03-26 17:01:53 -03:00
Felipe Zimmerle
9537cfceed Fix SecUploadDir configuration merge 2018-03-23 11:32:46 -03:00
Felipe Zimmerle
ab3afb2ed2 CHANGES: Adds info about: #1716 2018-03-22 23:10:49 -03:00
Andrei Belov
dcbb06be43 Include all prerequisites for "make check" into dist archive 2018-03-22 23:09:44 -03:00
Felipe Zimmerle
9505ca7e66 CHANGES: Adds info about: #1715 2018-03-22 23:07:47 -03:00
Andrei Belov
601e0d7040 Adjust tests for @inspectFile operator 2018-03-22 23:06:42 -03:00
Andrei Belov
138e301695 Reverse logic of checking output in @inspectFile 
This change makes @inspectFile in ModSecurity 3.x to operate in exact
the same way as it operates in ModSecurity 2.x, so existing helper scripts
like runav.pl [1] will work without any changes.

[1] https://github.com/SpiderLabs/owasp-modsecurity-crs/blob/v3.0/master/util/av-scanning/runav.pl
 2018-03-22 23:06:30 -03:00
Felipe Zimmerle
c61155424e Adds support to libMaxMind 2018-03-22 23:03:44 -03:00
Felipe Zimmerle
15b38fbe5d Travis: adds --without-maxmind option 2018-03-22 19:12:09 -03:00
Felipe Zimmerle
df169ea108 Adds support for libMaxMind 2018-03-22 19:11:42 -03:00
Felipe Zimmerle
7bff76d794 Parser: Updates the generated parser files 2018-03-21 18:18:58 -03:00
Victor Hora
480a2f89d7 Disable SecCollectionTimeout parser error 2018-03-12 22:28:07 -03:00
Victor Hora
22334c9bb6 Adds capture action to detectXSS 2018-03-12 22:10:56 -03:00
Felipe Zimmerle
b59d19e95a CHANGES: Adds info about #1701 2018-03-12 20:22:17 -03:00
Victor Hora
e50c317b7a Temporarily accept invalid MULTIPART_SEMICOLON_MISSING operator 2018-03-12 20:09:17 -03:00
Felipe Zimmerle
70ace0faa4 Adds capture action to detectSQLi 2018-03-09 12:58:00 -03:00