github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
68 Commits 55 Branches 109 Tags
Commit Graph

68 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
brectanus
e03ea11f9a Only calculate debug data when we are debugging. 2007-05-16 19:48:21 +00:00
brectanus
b60f206976 Remove use of GNU extention strnlen(). 
Fix CHANGES.
 2007-05-16 19:37:27 +00:00
brectanus
a68eb04884 Add geo lookup support. See #22. 2007-05-11 16:14:11 +00:00
ivanr
d8abb48ad9 Fixed a problem with content injection that resulted in content being injected twice. 2007-05-11 11:04:34 +00:00
brectanus
2733cc739a Do not try to intercept a request after a failed rule. (See #53) 2007-05-10 04:28:37 +00:00
ivanr
dfde8169e6 Documented the PDF XSS protection functionality. It's not much but it will do for now. 2007-05-03 17:02:37 +00:00
ivanr
f1d4e0e2ff Documented RESPONSE_CONTENT_LENGTH and RESPONSE_CONTENT_TYPE. 2007-05-03 16:47:34 +00:00
ivanr
d8418c3aa3 Documented SecContentInjection, append, and prepend. 2007-05-03 16:41:12 +00:00
brectanus
c0c5d8d894 Removed extraneous symbols from dso via DSOLOCAL. 2007-05-03 16:17:42 +00:00
ivanr
fca9eabafe Merged the PDF XSS protection functionality into ModSecurity. 2007-05-03 12:09:24 +00:00
brectanus
c559f3ee21 Change @eq to @streq. See #54. 2007-05-03 03:41:29 +00:00
brectanus
2aa6e61605 Exported API for registering custom variables. See #120. 
Simple example in api/mod_var_remote_host_port.c
 2007-05-03 03:26:30 +00:00
brectanus
b47059a5b3 Remove docs for HTTP_* vars. See #23. 2007-05-03 01:52:47 +00:00
brectanus
cd62f20022 Add docs for new transformations and operators. See #54, #55 and #117. 2007-05-02 17:00:13 +00:00
brectanus
0c234c115e Cleanup debug log output: add rev to 'Invoking rule' line, remove clearing mem pool line. 2007-05-02 16:00:20 +00:00
ivanr
fa13b02f7f Updated the CHANGES file with the RESPONSE_* variable changes. 2007-05-02 11:23:21 +00:00
ivanr
e0a8602929 Added experiemental support for content injection. 2007-05-02 11:22:09 +00:00
ivanr
20c0b11dd9 Added experimental RESPONSE_CONTENT_LENGTH, RESPONSE_CONTENT_TYPE. 2007-05-02 10:02:20 +00:00
ivanr
3661a294a4 Added experimental RESPONSE_CONTENT_ENCODING. 2007-05-02 09:06:39 +00:00
brectanus
3f7fc7c758 Added string comparison operators: @contains, @is, @beginsWith and @endsWith with support for macro expansion. See #54. 2007-05-01 22:00:34 +00:00
brectanus
0a1610f850 More debug log enhancements - quote values to easier see whitespace. 2007-05-01 21:52:47 +00:00
brectanus
a3c3f25ae0 Fix macro expansion. See #118. 
Fix some debug log output to escape NULs properly in preparation for #54.
Up version to prepare for 2.2.0 pre-releases.
 2007-05-01 21:36:24 +00:00
brectanus
b93eef9db3 Added t:length to transform a value to its character length. See #55. 2007-05-01 15:59:52 +00:00
brectanus
5482606c37 Added t:trimLeft, t:trimRight, t:trim to remove whitespace from a value on the left, right or both. (see trac #117) 2007-05-01 15:55:35 +00:00
brectanus
d9a26780ab Add SecAuditLog2 directive (trac #102) 2007-04-25 20:46:23 +00:00
brectanus
e556a914f9 Remove tabs 2007-04-25 17:53:02 +00:00
rbarnett
f2c96bae2a I added notes about accessing response headers in phase:3 and phase:5. 2007-04-12 18:46:12 +00:00
rbarnett
e72540b0a0 I added the XML and HTML files for the Migration Matrix doc. 2007-04-10 20:23:36 +00:00
brectanus
82fdc7cf3f Format CHANGES to add space before '*' 2007-04-05 17:43:22 +00:00
brectanus
51a5418b4b Update changes to reflect merges into 2.1.x branch 2007-04-05 15:13:22 +00:00
brectanus
eab433187f Add PCRE_DOLLAR_ENDONLY to doc 2007-04-05 14:59:44 +00:00
brectanus
00dcb2714f Add the PCRE_DOLLAR_ENDONLY option when compiling regular expression for the @rx operator and variables. (trac #57) 2007-04-05 01:54:03 +00:00
brectanus
a93c77e9a2 Updated line/num/id debug output with a format that is easier to parse. (trac #47) 2007-03-27 18:00:04 +00:00
brectanus
9e669fcc78 Better CHANGES entry. (trac #43) 2007-03-27 17:47:15 +00:00
brectanus
383119a147 Really set PCRE_DOTALL option when compiling the regular expression for the @rx operator as the docs state. (trac #51) 2007-03-27 17:22:35 +00:00
brectanus
f6de76b053 Removed CGI style HTTP_* variables in favor of REQUEST_HEADERS:Header-Name. (trac #23) 2007-03-27 17:18:21 +00:00
brectanus
485c664a42 Enhance debug log output for capturing to detect all regex/capture mismatches (trac #21). 2007-03-27 17:13:42 +00:00
brectanus
891859f9c5 Revert back to using captured regex execution as it seems to be more effecient as the ovector can be used for working space even if it is not used for captures. 
Warn when captures are used in the regex, but "capture" not specified.
 2007-03-27 15:32:53 +00:00
brectanus
59928bfe60 This was not meant to be checked in yet (trac #42) 2007-03-27 15:28:47 +00:00
brectanus
4676132ed4 Add the file/line to the rule so we can use it in the debug log and eventually in the alerts. 2007-03-21 21:20:35 +00:00
brectanus
58afede3f3 Do not log 'allow' action as intercepted in the debug log. 2007-03-21 14:38:57 +00:00
brectanus
d1ada359dd Optimize regex execution to not capture unless 'capture' action used. 2007-03-21 14:06:36 +00:00
brectanus
09b704f114 Recycle the mptmp pool (trac #43). 2007-03-20 22:15:19 +00:00
brectanus
8876a03ab1 Recycle the mptmp pool (trac #43). 2007-03-20 22:09:04 +00:00
brectanus
f508c0a331 Fix a compile warning. 2007-03-20 22:01:30 +00:00
brectanus
473a471bba Oops, forgot my parens. 2007-03-20 18:27:51 +00:00
brectanus
bce096216e Fixed collection variable name printing in debug log (trac #45) 2007-03-20 18:23:48 +00:00
brectanus
ab55a8716e Fix potential memory corruption in msre_create_var_ex allocating per-request data out of global pool. 2007-03-08 16:15:45 +00:00
brectanus
8898759c47 Add back the check for overflow on length 2007-03-07 16:54:41 +00:00
brectanus
9b56d63145 More generic Makefile 2007-03-07 16:02:20 +00:00