github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 13:26:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
3,671 Commits 55 Branches 109 Tags
Commit Graph

382 Commits

Author SHA1 Message Date
Ervin Hegedus
d8574c8c08
Fix date format pattern in auditlog's regression test 2025-08-01 11:38:39 +02:00
Ervin Hegedus
79d55037c0
Refactoring the cleaning of MATCHED_VAR* variables 2025-07-25 14:33:24 +02:00
Ervin Hegedus
6089b6b06b
Fix @pmFromFile with multiple files issue 2025-06-19 21:49:05 +02:00
Ervin Hegedus
aab47091b1
Merge pull request #3364 from JakubOnderka/json-logging 
Simplify code for JSON audit log
 2025-05-11 10:54:47 +02:00
Ervin Hegedus
89442ede16
Change directives in tests; add multibyte test case 2025-04-28 22:35:22 +02:00
Ervin Hegedus
0b62b7eb85
Align debug messages to fix regression tests 2025-04-27 21:09:49 +02:00
Jakub Onderka
6408bf9237 Test for JSON audit log 2025-04-22 21:09:42 +02:00
Ervin Hegedus
9e41a53760
Finish XMLArgs processing in v3 2025-04-20 18:21:28 +02:00
Ervin Hegedus
c82e831b66
fix: fixed htmlEntityDecode methods 2025-02-24 16:44:17 +01:00
Ervin Hegedus
daf550ef5f
Fix regex for test 2024-11-24 14:06:50 +01:00
Ervin Hegedus
db7e4cb67b
Align TIME_MON variable's behavior 2024-11-23 10:58:35 +01:00
Hiroaki Nakamura
42a401892b
Fix modsecurity-regression-test-secremoterules.txt URL in example 2024-11-06 14:33:28 +09:00
Ervin Hegedus
a4604b66f7 Added new tests to op @pm 2024-08-28 10:45:59 -03:00
Ervin Hegedus
6388d88f38
Check if the MP header contains invalid character 2024-08-13 18:26:18 +02:00
Ervin Hegedus
eb26b7960c
Fix regression test result; Add test to main test-suite list 2024-08-12 18:46:19 +02:00
Eduardo Arias
c802b46b7e Simplify parser error detection in testcase 
- After the GitHub macOS runner images were upgraded to macOS 14.6
  (Sonoma), the test 'Include remote rules - failed download (Abort)'
  started failing because the error message reported by curl/OS is no
  longer 'HTTP response code said error'.
 2024-08-06 14:40:59 -07:00
Ervin Hegedus
937fc5ae59
Provide a function to set 'hostname' field in log 2024-07-29 22:07:26 +02:00
Eduardo Arias
7267c1dc21 Added support to run regression tests without libxml2 
- Annotated regression tests that depend on libxml2 support
- Added Windows build without libxml2
 2024-05-19 18:55:34 +00:00
Eduardo Arias
e6e2989bd5 Configure test fixture using CTest for Windows build 
- Added new test/test_suite.in with list of regression and unit tests
  previously in Makefile.am, to be shared between Unix and Windows
  builds.
- Updated regression.cc & unit.cc to return the number of failed tests
  to indicate to CTest that the test failed. Similarly, a crash or
  unhandled exception terminates the process with a non-zero exit code.
  - This change doesn't affect running the tests with autotest in Unix
    builds because this processes test output from custom-test-driver &
    test-suite.sh, and ignores the exit code of the test runner.
- Removed comment in test/test-cases/regression-offset-variable.json as
  this is not supported by JSON and prevents strict parsers to read and
  process the file.
- Minor change in regression.cc's clearAuditLog to replace std::ifstream
  with std::ofstream as the mode to open the flag applies to an output
  stream.
- Minor change in unit.cc to simplify code that deletes tests.
- Minor changes to test/custom-test-driver to correct usage information.
 2024-05-13 10:22:12 -07:00
Ervin Hegedus
16c899fb3b
Revert "Add new condition to test case" 
This reverts commit 80e244388438b729e7cba4d8a6e48ac81be2b1d8.
 2024-02-12 16:54:48 +01:00
Ervin Hegedus
80e2443884
Add new condition to test case 2024-02-12 11:55:17 +01:00
Ervin Hegedus
ed811f1062
Logical, syntax and cosmetic fixes on test cases 2024-02-11 10:14:40 +01:00
Ervin Hegedus
5f28c2bb21
Change REQUEST_FILENAME behavior 2024-01-30 12:21:45 +01:00
Martin Vierula
34809d8064
Add expirevar support for lmdb 2023-10-10 10:31:52 -07:00
Martin Vierula
118e1b3a44 Support expirevar for in-memory collection 2023-09-29 11:40:03 -07:00
Martin Vierula
af45ccd53f
Fix: lmdb regex match on non-null-terminated string 2023-09-18 08:27:41 -07:00
Martin Vierula
8594cb8a7d
Correct json for one regression test file 2023-09-13 06:59:15 -07:00
martinhsv
fea6e6d60b
Merge pull request #2901 from airween/v3/pcrelimittx 
Set TX:MSC_PCRE_LIMITS_EXCEEDED variable is limits exceeded
 2023-07-07 17:31:20 -04:00
Martin Vierula
b8e1aedef3
Fix: Lua scripts cannot read whole collection at once 2023-06-13 06:41:40 -07:00
Martin Vierula
938707d117
Fix: quoted Include config with wildcard 2023-05-30 09:32:07 -07:00
Ervin Hegedüs
4403a163c4 Set TX:MSC_PCRE_LIMITS_EXCEEDED variable is limits exceeded 2023-05-14 17:26:08 +02:00
martinhsv
09a135baab
Merge pull request #2736 from brandonpayton/add-regex-match-limits-and-error-reporting 
Add isolated PCRE match limits as a layer of ReDoS defense
 2023-05-09 06:09:28 -07:00
Marios Levogiannis
12add9aef0
Fix meta-actions not being applied if multiMatch is enabled in the chain starter rule 
Meta-actions can only be used in non-chained rules or in the chain starter
rule of a rule chain. The m_chainedRuleParent member of the RuleWithActions
class is NULL only if the rule is not chained or if it is the chain starter
rule of a rule chain.

Fixes #2867.
 2023-04-27 19:43:01 +03:00
martinhsv
5b709d9da7
Merge pull request #2866 from grnet/v3/fix-multimatch-tags 
Fix tags not being populated in audit log when multiMatch is enabled
 2023-04-25 07:45:41 -07:00
Ervin Hegedüs
6fbdee9ff0 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-04-23 17:17:29 +02:00
martinhsv
5365a17c5e
Merge pull request #2846 from tomsommer/patch-1 
Also test empty lines
 2023-04-18 06:14:10 -07:00
Brandon Payton
d875738bdb Add PCRE error tests for rx operator 2023-04-11 13:47:04 -04:00
Ervin Hegedüs
18adbb6fd3 Merge branch 'v3/master' of https://github.com/SpiderLabs/ModSecurity into v3/multipartpartheaderfix 2023-02-18 15:24:11 +01:00
Ervin Hegedüs
0a296af375 Add regression test case 2023-01-28 21:50:00 +01:00
Marios Levogiannis
d3a6b6a6fd
Fix tags not being populated in audit log when multiMatch is enabled 
Fixes #2754.
 2023-01-20 13:15:28 +02:00
Martin Vierula
ec1232a69b
Support equals sign in XPath expressions 2023-01-19 08:37:38 -08:00
Martin Vierula
62ec4edc42
Regression tests: remove dependency on modsecurity.org 2023-01-17 09:04:46 -08:00
Tom Sommer
3caac9942c
Also test empty lines 2022-12-19 10:23:40 +01:00
Martin Vierula
af860e2eef
Support comments in ipMatchFromFile file via '#' token 2022-12-01 11:19:26 -08:00
Ervin Hegedüs
aa44c7b726 Fix FILES_TMP_CONTENT collection key naming mechanism 2022-11-14 17:03:50 +01:00
Martin Vierula
47fe75de32
Fix tests to match previous typo fix 2022-09-18 11:28:58 -07:00
Martin Vierula
622eb9e6c8
Adjust parser activation rules in modsecurity.conf-recommended 2022-09-07 08:49:56 -07:00
Martin Vierula
fa6e41857d
Multipart parsing fixes and new MULTIPART_PART_HEADERS collection 2022-09-07 06:29:20 -07:00
Martin Vierula
6e56950cdf
Tolerate other parameters after boundary in multipart C-T 2022-04-26 11:17:46 -07:00
Martin Vierula
1aa7616c18
Add DebugLog message for bad pattern in rx operator 2022-04-21 11:16:01 -07:00