83 Commits

Author SHA1 Message Date
brectanus
da1399f0b8 Added TX:LAST_MATCHED_VAR_NAME. See #123. 2007-10-01 22:35:52 +00:00
brectanus
9d4965b29e Fix macro expansion in setvar. See #126. 2007-10-01 17:24:10 +00:00
brectanus
fe1021e369 More cleanup of error messages and marking as relevant. See #4. 2007-09-28 20:02:02 +00:00
brectanus
f3a8854fe9 Mark any error conditions/alerts as 'relevant'.
Clean up/add error messages where this can happen.
2007-09-27 21:18:23 +00:00
brectanus
5022ddcadf Cleanup more subrequest code.
Do not run with subrequests in phase 3-4.
Still need to look at phase 5 to see what I can cleanup there.
See #135.
2007-09-26 21:46:06 +00:00
brectanus
86c9a9bf1f Cleanup CHANGES. 2007-09-26 21:39:45 +00:00
brectanus
72f8149338 Do not process subrequests in phase 2. See #135. 2007-09-26 18:03:08 +00:00
brectanus
426ce1aea7 Fixed deprecatevar. See #59. 2007-09-25 21:40:04 +00:00
ivanr
9ed3cf9e5a Added support for partial response body processing. 2007-09-21 23:23:11 +00:00
ivanr
59333a6a81 Update CHANGES. 2007-09-21 22:15:12 +00:00
brectanus
eb6b456f5b Fix potential buffer overrun by 1 byte in base64Decode caused by bad docs from APR-Util. See #255. 2007-09-21 00:20:31 +00:00
brectanus
ad940d1ff9 Partially corrected the filter error code. See #3. 2007-09-14 23:01:58 +00:00
brectanus
53011819d4 Cleanup some doc formatting.
Prepare trunk for use as 2.5.0-devN tree.
2007-09-14 21:41:34 +00:00
brectanus
1e603d8a3e Detect and use new API calls to get the server version/banner when available. 2007-09-11 18:01:28 +00:00
brectanus
70e8246ae4 Update CHANGES. 2007-08-21 23:47:06 +00:00
brectanus
e275162463 Quiet "warning: int format, pid_t arg" type warnings. 2007-08-13 17:49:37 +00:00
brectanus
32905f9d46 Add ability to compile without API support (-DNO_MODSEC_API). See #198. 2007-08-10 00:46:04 +00:00
brectanus
f4389c9a55 Update docs and CHANGES for logdata action. 2007-08-10 00:44:20 +00:00
brectanus
648037fdb5 Added TX_SEVERITY variable. See #60. 2007-08-08 22:11:02 +00:00
brectanus
d2fd881c00 Fix typo in CHANGES. 2007-08-08 20:53:00 +00:00
brectanus
f41c27a28c Added ARGS_GET, ARGS_POST, ARGS_GET_NAME, ARGS_POST_NAMES variables. See #136. 2007-08-08 20:49:51 +00:00
brectanus
fe8c564ed0 Added MODSEC_BUILD variable. See #38. 2007-08-08 18:25:03 +00:00
brectanus
5a6ce01429 Added logging of target variable expansion. See #62. 2007-08-08 14:48:49 +00:00
brectanus
9695f2b816 Improvements in transformation cache (add options, document).
Update CHANGES.
2007-08-03 20:25:30 +00:00
brectanus
b761c1c01c Merge in some doc changes.
Fix some doc formatting issues.
Update the CHANGES file.
2007-08-02 20:40:37 +00:00
brectanus
3e5e2a06b7 Stricter validation for @validateUtf8Encoding.
Capture the match in TX:0 when using "capture" action w/@pm operators.
2007-07-31 19:04:07 +00:00
brectanus
7fbf664ec8 Added cygwin to list of compilers that do not support hidden visibility attribute. 2007-07-02 14:49:56 +00:00
brectanus
698955aae1 Update changes to reflect the 2.2 -> 2.5 change. 2007-06-21 15:45:21 +00:00
brectanus
19887f9cc6 Added @within string comparison operator with support for macro expansion. See #134. 2007-06-21 02:21:06 +00:00
brectanus
b58efb3466 Update CHANGES.
Reversion from 2.2. to 2.5.
Update @pmFromFile to base relative filenames off of rule file path.
2007-06-20 19:58:01 +00:00
brectanus
efe52d4e77 Initialize rules tmp pool properly.
Update to latest core rules.
2007-06-14 18:48:35 +00:00
brectanus
81d0f84ad3 Update copyright text to Breach Security, Inc.
Merge in changes from branches/2.1.x
2007-06-14 16:05:45 +00:00
brectanus
6350e2badc Do not log alert message for subrequests. See #124.
Cleanup CHANGES.
2007-06-11 21:28:03 +00:00
brectanus
11456dd87a Use pmFromFile instead of pmfile and p=phrase instead of parallel in docs. See #16. 2007-06-04 20:16:48 +00:00
brectanus
e5c00d156a Added rule file/line to audit log messages. See #49. 2007-06-01 15:32:08 +00:00
brectanus
84c0ca303e Fixed patch for subrequests to be more complete. See #124. 2007-05-31 15:42:42 +00:00
brectanus
e887faac2b Add @pm/@pmfile operators (parallel patch). See #16. 2007-05-30 22:02:35 +00:00
brectanus
f53c4241fd Add entry to CHANGES. 2007-05-30 16:13:22 +00:00
brectanus
af6160b9c4 Fixed problem with subrequests not being intercepted. See #124. 2007-05-30 14:14:00 +00:00
brectanus
a1a0c24b88 Do not compile on Solaris with visibility attributes. 2007-05-23 16:04:25 +00:00
brectanus
a627e96c75 Lessen "capture" debug log messages. 2007-05-17 12:02:59 +00:00
brectanus
eaa8e444dd Fixed decoding full-width unicode in t:urlDecodeUni for ASCII range 0xFF01-0xFF5E. Probably need more work/testing. (See #122) 2007-05-16 20:09:28 +00:00
brectanus
e03ea11f9a Only calculate debug data when we are debugging. 2007-05-16 19:48:21 +00:00
brectanus
b60f206976 Remove use of GNU extention strnlen().
Fix CHANGES.
2007-05-16 19:37:27 +00:00
brectanus
a68eb04884 Add geo lookup support. See #22. 2007-05-11 16:14:11 +00:00
brectanus
2733cc739a Do not try to intercept a request after a failed rule. (See #53) 2007-05-10 04:28:37 +00:00
brectanus
c0c5d8d894 Removed extraneous symbols from dso via DSOLOCAL. 2007-05-03 16:17:42 +00:00
ivanr
fca9eabafe Merged the PDF XSS protection functionality into ModSecurity. 2007-05-03 12:09:24 +00:00
brectanus
c559f3ee21 Change @eq to @streq. See #54. 2007-05-03 03:41:29 +00:00
brectanus
2aa6e61605 Exported API for registering custom variables. See #120.
Simple example in api/mod_var_remote_host_port.c
2007-05-03 03:26:30 +00:00