ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00

Author	SHA1	Message	Date
Felipe Zimmerle	ce3abf2626	Adds support to multiple ranges in ctl:ruleRemoveById Issue #1956	2018-11-26 20:48:18 -03:00
Felipe Zimmerle	e712d30c56	Fix setvar to understand Rule variable in collections Issue #1961	2018-11-26 19:49:44 -03:00
Victor Hora	cbf2fe9703	Adjust boundary test cases for the less strict parsing	2018-11-20 22:17:53 -03:00
Victor Hora	b638e523af	Make the boundary check less strict as per RFC2046	2018-11-20 22:17:22 -03:00
Victor Hora	ecad8c6c7e	Fix buffer size for utf8toUnicode transformation	2018-11-16 14:58:40 -05:00
email@example.com	454669ffed	CHANGES: Preparing to 3.0.4	2018-11-13 09:29:44 -03:00
Felipe Zimmerle	4e6e4243a8	Change release version to v3.0.3 v3.0.3	2018-11-01 22:19:44 -03:00
Felipe Zimmerle	e4d6d61cf4	Adds Victor to the AUTHORS file	2018-11-01 22:19:16 -03:00
Felipe Zimmerle	6cbcdd024f	Fix libInjection version on configure summary	2018-11-01 22:15:23 -03:00
Felipe Zimmerle	9ada0a28c8	Changes the default configuration to mimic v2 behavior on multipart Further info on: #1747, #1924	2018-11-01 18:04:23 -03:00
Felipe Zimmerle	31c8d4c520	CHANGES: Adds info about #1943	2018-11-01 16:15:18 -03:00
Felipe Zimmerle	9d80983e55	Fix on top of #1943 + adding test cases	2018-11-01 16:11:39 -03:00
supplient	39f4a5d7d2	Fix double macros bug Macro run strangely if I input double macros like "%{ARGS_COMBINED_SIZE}%{ARGS_COMBINED_SIZE}".	2018-11-01 15:56:54 -03:00
Felipe Zimmerle	18cdffdbca	Encapsulates int[N] in a class to avoid compilation issues Depending on the compiler, there may be a compilation issue with the usage of std::unique_ptr<int[]>. Therefore encapsulating it inside a regular class.	2018-11-01 11:50:15 -03:00
Victor Hora	e3b9f7c913	Fix SecUnicodeMapFile support Makes SecUnicodeMapFile read the file and adjust transformation to use the right variable.	2018-10-31 22:57:39 -03:00
Victor Hora	84ece3edcb	Add test case for SecUnicodeMap	2018-10-31 22:19:27 -03:00
Felipe Zimmerle	065c2e67b6	Adds test case for #1850	2018-10-30 18:25:46 -03:00
Felipe Zimmerle	e1e8a01ed2	Override the default status code if not suitable to redirect action Issue #1850	2018-10-30 18:20:23 -03:00
Felipe Zimmerle	bfe917b6b1	parser: Fix the support for CRLF configuration files	2018-10-30 17:16:44 -03:00
Felipe Zimmerle	3f0ea90970	Test case skeleton for #1941	2018-10-29 11:14:31 -03:00
Victor Hora	662fe63a47	Add unicode.mapping file to v3/master branch	2018-10-26 03:01:03 -04:00
Felipe Zimmerle	b05901e8ae	Changes the regression test client to read the interception msg	2018-10-25 21:51:23 -03:00
Felipe Zimmerle	1e5df5312b	CHANGES: Adds info on 0xb7c36 and 0x5ac20	2018-10-25 18:07:29 -03:00
Felipe Zimmerle	91daeee9f6	Only calling server log if the message is not disruptive The disruptive message is already part of the interception object	2018-10-25 18:04:27 -03:00
Felipe Zimmerle	448897d297	Marking message as disruptive before generate log msg	2018-10-25 18:04:07 -03:00
Felipe Zimmerle	973c1f1028	Fix rule line number Issue #1844	2018-10-24 21:02:35 -03:00
Felipe Zimmerle	fa5f3784f2	Using shared_ptr instead of unique_ptr on rules exceptions	2018-10-23 17:03:18 -03:00
Felipe Zimmerle	e63344c3dc	CHANGES: Adds info on 0xb2840 and 0x3094d	2018-10-23 17:03:07 -03:00
Felipe Zimmerle	ef7f65db90	Changes debuglogs schema to avoid unecessary str allocation	2018-10-23 17:00:16 -03:00
Felipe Zimmerle	23e0d35d2d	Fix the SecUnicodeMapFile and SecUnicodeCodePage	2018-10-23 17:00:11 -03:00
Felipe Zimmerle	3d83ed257f	CHANGES: Adds info on 0xca270	2018-10-23 16:59:53 -03:00
Felipe Zimmerle	69cd61439d	Changes the timing to save the rule message	2018-10-23 16:58:42 -03:00
Victor Hora	8088d6af71	Fix crash in msc_rules_add_file() when using disruptive action in child rule inside of chain	2018-10-23 16:39:21 -03:00
Felipe Zimmerle	466a427ab4	CHANGES: Adds info on #1897	2018-10-23 16:39:17 -03:00
Wenfeng Liu	ec1112c648	Fix memory leak in AuditLog::init()	2018-10-23 16:39:15 -03:00
Felipe Zimmerle	8c549c65c4	CHANGES: Adds info on #1901	2018-10-23 16:39:12 -03:00
Steven	b12a8f5c6f	Fix RulesProperties::appendRules() RulesProperties::appendRules() was not checking for duplicate IDs as well as throwing an error if there were secMarkers in more than one file (when calling any combination of rules->load(), rules->loadFromUri() or rules->loadRemote() more than once). To fix the secMarker issue, the if statement on rules_properties.h:441 just needed to be negated. This function also doesn't accurately check for duplicate IDs. the check can be circumvented by putting the rule in a different phase. To fix this the ruleId list (v) had to be populated completely before checking against the other list.	2018-10-23 16:39:04 -03:00
Felipe Zimmerle	f1da6dd29b	CHANGES: Adds info on 0x3077c	2018-10-23 16:38:59 -03:00
Felipe Zimmerle	8bda7c0a45	Fix RULE lookup in chained rules.	2018-10-23 16:37:54 -03:00
Felipe Zimmerle	120108fd33	Adds support for /32 in @ipMatch cidr notation. /32 is the representation of the ip itself. Not sure if it is needed, but there is a complaint for that: #849	2018-10-23 16:37:53 -03:00
Felipe Zimmerle	a5a40a71a9	Makes matchedvars inline	2018-10-23 16:37:49 -03:00
Felipe Zimmerle	b58018e778	Fix multimatch behavior to match what we have on v2	2018-10-23 16:37:42 -03:00
Felipe Zimmerle	a47738ab04	CHANGES: Adds info about: 0x14316	2018-10-23 16:37:28 -03:00
Felipe Zimmerle	dba73f5367	Using values after transformation at MATCHED_VARS	2018-10-23 16:26:11 -03:00
Felipe Zimmerle	7c50fa7c00	Small fix on @detectXSS test case	2018-10-23 16:26:11 -03:00
Felipe Zimmerle	85ecd190d9	Adds full support to UpdateActionById. Issue #1800	2018-10-23 16:26:11 -03:00
Felipe Zimmerle	3e8e28da48	Refactoring on the RULE variable	2018-10-23 16:26:11 -03:00
Felipe Zimmerle	554251bade	Refactoring on the Rule class	2018-10-23 16:26:10 -03:00
Felipe Zimmerle	74841779f8	Adds partial support to UpdateActionById	2018-10-23 16:26:10 -03:00
Victor Hora	68398a51f3	CHANGES: adds info on #1922	2018-10-13 19:27:08 -04:00

1 2 3 4 5 ...

2798 Commits