github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 13:56:01 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,566 Commits 55 Branches 109 Tags
Commit Graph

140 Commits

Author SHA1 Message Date
brenosilva
b8828ad3f1 Improvements in detection only 2011-04-05 17:22:02 +00:00
brenosilva
13980bd044 Improvements in detection only 2011-04-05 01:53:31 +00:00
brenosilva
ae006f7a81 Improvements in detection only 2011-04-05 01:53:16 +00:00
brenosilva
0f5b0debea Print when request is blocked when it is larger than the configuration 2011-04-04 19:17:29 +00:00
brenosilva
6e3bb889c4 Print when request is blocked when it is larger than the configuration 2011-04-04 19:05:55 +00:00
brenosilva
1e2f836b32 Print when request is blocked when it is larger than the configuration 2011-04-04 18:55:04 +00:00
brenosilva
ed06ed2aec Fix issue in detection only 2011-04-04 16:37:18 +00:00
brenosilva
d696341663 ErrorDocuments and internal redirect hook is available for testing 2011-03-31 13:40:36 +00:00
brenosilva
104f0de46e New License 2011-03-30 14:12:44 +00:00
brenosilva
49732256f6 Improvements, fixes and new features 2011-03-25 13:51:13 +00:00
brenosilva
c04a4edb4b MODSEC-144 2011-03-11 18:48:58 +00:00
brenosilva
74666fe2ca MODSEC-181 2011-03-02 17:41:36 +00:00
brenosilva
7f52d86e4b Include data edition, sanitizematched and few fixes 2011-02-14 12:49:55 +00:00
brenosilva
fdded33831 MODSEC-60 2011-01-12 15:45:46 +00:00
brenosilva
1260d2b097 MODSEC-104 2010-12-23 12:27:57 +00:00
brenosilva
549f059480 move 2.5.13 into trunk 2010-12-08 18:58:18 +00:00
b1v1r
ea34defc0d Added mod_remoteip.c to to postread_beforeme_list (MODSEC-158). 2010-05-12 22:19:04 +00:00
b1v1r
058283fb5a Add the ability to build custom request body parser extensions. 
Add an example for a request body parser extension.
 2010-05-05 23:01:11 +00:00
ivanr
98982e2962 Added the SecDisableBackendCompression directive 2010-03-19 20:00:59 +00:00
b1v1r
08edc0c26f Merge 2.5.x (2.5.12) changes into trunk. 2010-02-05 19:05:20 +00:00
ivanr
b8837bbfb2 Change the format string from m (already taken) to M. 2010-02-02 12:45:28 +00:00
ivanr
9bd9f33594 Run phase 5 prior to mod_log_config. Now for real. 2010-02-01 14:01:33 +00:00
ivanr
a4d5d50be9 Integrate with mod_log_config (MODSEC-108). 2010-02-01 11:01:17 +00:00
ivanr
7b56982f26 Implemented a new time-measuring mechanism. Added Stopwatch2. 2010-02-01 09:42:23 +00:00
ivanr
f740b4f228 Run phase 5 prior to mod_log_config. 2010-01-26 12:12:14 +00:00
ivanr
6a29308202 Remove one missed reference to the PDF UXSS filter 2009-12-09 16:57:10 +00:00
ivanr
7916942fe3 Remove unused variable 2009-12-07 11:45:23 +00:00
ivanr
839b7f81e0 Removed the obsolete PDF UXSS functionality (MODSEC-96). 2009-12-04 23:33:47 +00:00
ivanr
cb8b76f4ef Process phase 1 in the same Apache hook as phase 2 (MODSEC-98) 2009-11-07 10:14:40 +00:00
b1v1r
b01f8190e4 Merged 2.5.x changes for 2.5.11 into trunk. 2009-11-06 18:38:15 +00:00
b1v1r
a16eb9677c Merge 2.5.x changes into trunk. 2009-05-16 10:42:32 +00:00
b1v1r
dc0a2161ac Merge 2.5.9 changes into trunk. 2009-03-12 15:31:10 +00:00
brectanus
67c48bfdfb Added ability to use ctl:requestBodyAccess=off in phase:1 to avoid limit check. 
Added regression tests for this as well.
 2008-09-10 19:45:13 +00:00
brectanus
20cc395510 Added mlogc source. 2008-09-02 23:10:36 +00:00
brectanus
225339525d Allow disabling processing of request body size limit in phase 1. See #518. 2008-08-15 20:21:25 +00:00
brectanus
10713fbd37 Sync up branches/2.5.x and trunk. 2008-07-31 22:36:24 +00:00
ivanr
c3fd0231d0 Prevent phases from being processed more than once. 2008-06-05 14:52:48 +00:00
brectanus
83ff6c4796 Re-enable error output filter with a fix after more testing/tracing of code. See #498. 
Update versions to ready for release of 2.5.5.
 2008-06-03 20:28:05 +00:00
brectanus
0c1f2f2e09 Fixed blocking in phase 3 by reverting changeset:591 (for now). See #65 and #498. 2008-05-30 19:31:22 +00:00
brectanus
8f7b861d94 Added mod_rpaf-2.0 and mod_custom_header to the beforeme list. 2008-05-09 15:50:17 +00:00
brectanus
fa3462f48f Add the MODSEC_2.5 define to 2.6 for compatibility. 2008-04-11 20:06:48 +00:00
brectanus
7a1e2db148 Fixed code according to Ivan's review. 2008-02-20 00:41:43 +00:00
brectanus
f428d37680 Cleanup - remove extraneous whitespace and tabs. 2008-02-07 21:45:05 +00:00
brectanus
e2ad283fdb Fix some sprintf formatters so they do not generate warnings. 2008-02-04 21:50:10 +00:00
brectanus
9fb03d277d Fixing code based on review comments... 
Cleaned up what vars are cacheable.
Added parens around "*foo++" where it clarified the operation to be "*(foo++)".
Added " at VARNAME" to operator matches where needed.
Escaped var->name in the var generation (user-supplied data).
Marked a bunch of TODOs as ENHs instead.
Transformed some C++ style comments to C style.
Removed the %0-9 macros code which was commented out.
Optimized some ctl action code so that multiple ifs are else ifs.
Implemented some error messages marked as ENH.
Make commented out acmp debugging a configure-time option.
Cleanup GEO debug log messages.
Added relative filename support for geo dbs.
Added help text to Sec* directives.
 2008-01-18 00:47:30 +00:00
brectanus
99c41afc3d Added a check that SecServerSignature actually worked (Apache changed some of this code as of 2.2.4 and could potentially change it again and break this). 
Cleaned up some configure code.
Cleaned up some extraneous cache logging.
Cleaned up the output from the test script.
 2008-01-14 22:32:53 +00:00
brectanus
b5033e6e29 It is 2008 now :) 2008-01-11 00:00:31 +00:00
brectanus
61e4623bae Move around some code to make unit tests easier to build. 2007-12-19 20:44:56 +00:00
brectanus
a99357ad5b Add ability to use <IfDefine MODSEC_2.5>. See #436. 2007-12-17 19:06:08 +00:00
ivanr
b9a28882b2 Enhanced allow. 2007-12-17 11:22:47 +00:00