github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,991 Commits 55 Branches 109 Tags
Commit Graph

220 Commits

Author SHA1 Message Date
Felipe Zimmerle
e0dc84cba5
Adds new method for rule merge 
IMPORTANT: SecDefaultAction specified on a child configuration will
overwrite the ones specified on the parent; Previously it was
concatenating.
 2020-08-06 21:33:08 -03:00
Felipe Zimmerle
5dd7860f95
Moves default actions to be part of the rules 2020-08-06 21:31:35 -03:00
Felipe Zimmerle
7a48245aed
Creates RuleUnconditional 
Makes RuleScript child of RuleWithActions instead of Operator
 2020-03-31 14:44:19 -03:00
Felipe Zimmerle
59d4268882
Refactoring: renames Rule to RuleWithOperator 2020-03-31 10:00:08 -03:00
Felipe Zimmerle
43f8aee6b6
Splits Rule class into: Rule, RuleBase, RuleMarker 2020-03-30 20:21:36 -03:00
Felipe Zimmerle
fda03c0016
Yet another refactoring in Rule 2020-03-30 15:38:51 -03:00
Felipe Zimmerle
96849c07de
Makes action name a shared pointer 2020-03-27 16:13:15 -03:00
Felipe Zimmerle
343b86c2a7
Makes m_fileName a shared pointer 2020-03-27 15:00:22 -03:00
Felipe Zimmerle
6b0ad8049a
Having default actions as o shared pointer 2020-03-26 09:59:57 -03:00
Felipe Zimmerle
9d158611cf
Makes Rule a shared pointer 2020-03-25 16:11:23 -03:00
Felipe Zimmerle
6a742cdf76
Refactoring: Renames RulesProperties to RulesSetProperties 2020-02-17 13:17:03 -03:00
martinhsv
f57265a3e2
Support configurable limit on number of arguments processed 2020-02-14 11:00:01 -03:00
Felipe Zimmerle
7495675d54
Refactoring: Renames Rules to RulesSet 
RulesSet does not only contain rules but alse properties
 2020-02-11 14:26:47 -03:00
Rufus125
86ce479b59
Adds new operator to check for data leakage of Austrian social security number 2019-05-29 20:57:08 -03:00
Felipe Zimmerle
61c11251b6
parser: Fix filename 2019-04-23 13:17:23 -03:00
Felipe Zimmerle
4e76c6adf0
Renames namespace Variables to variables 2019-03-06 15:53:20 -03:00
Felipe Zimmerle
b9ed150224
Fix namespace utilization on seclang-parser.yy 2019-03-06 15:12:44 -03:00
Felipe Zimmerle
d00ea5111d
Adds initial support to drop action 2018-12-24 16:35:41 -03:00
Victor Hora
e3b9f7c913
Fix SecUnicodeMapFile support 
Makes SecUnicodeMapFile read the file and adjust transformation to use the
right variable.
 2018-10-31 22:57:39 -03:00
Felipe Zimmerle
3f0ea90970
Test case skeleton for #1941 2018-10-29 11:14:31 -03:00
Felipe Zimmerle
973c1f1028
Fix rule line number 
Issue #1844
 2018-10-24 21:02:35 -03:00
Felipe Zimmerle
23e0d35d2d
Fix the SecUnicodeMapFile and SecUnicodeCodePage 2018-10-23 17:00:11 -03:00
Felipe Zimmerle
85ecd190d9
Adds full support to UpdateActionById. 
Issue #1800
 2018-10-23 16:26:11 -03:00
Felipe Zimmerle
74841779f8
Adds partial support to UpdateActionById 2018-10-23 16:26:10 -03:00
Felipe Zimmerle
bc3d3f1915
Adds support to setenv action 
Issue #1044
 2018-09-25 10:19:52 -03:00
Felipe Zimmerle
98b9ae659d
Having a better organization for Variables:: 2018-09-24 16:39:48 -03:00
Felipe Zimmerle
ee50fea266
Handling key exceptions on the variable itself 
This is the first step towords to solve #1697
 2018-09-24 16:16:30 -03:00
Felipe Zimmerle
c2bc695265
parser: Fix typo on SanitiseArgs 
Related to: #715 and #1889
 2018-09-12 09:37:34 -03:00
Victor Hora
d97688804e
Fix parser to support GeoLookup with MaxMind 2018-09-11 20:40:28 -03:00
Victor Hora
f999f54eda
Adds support for ctl:requestBodyProcessor=URLENCODED 2018-08-22 22:07:04 -03:00
Victor Hora
bb2ecdf4db
Add missing escapeSeqDecode, urlEncode and trimLeft/Right tfns to parser 2018-04-24 09:26:30 -03:00
Victor Hora
2037a08b34
Fix STATUS var parsing and accept STATUS_LINE var for v2 backward compatibility 2018-04-24 09:06:39 -03:00
Felipe Zimmerle
0ca5994744
Adds support for ctl:ruleRemoveByTag action 2018-03-26 17:01:53 -03:00
Felipe Zimmerle
df169ea108
Adds support for libMaxMind 2018-03-22 19:11:42 -03:00
Victor Hora
480a2f89d7
Disable SecCollectionTimeout parser error 2018-03-12 22:28:07 -03:00
Victor Hora
e50c317b7a
Temporarily accept invalid MULTIPART_SEMICOLON_MISSING operator 2018-03-12 20:09:17 -03:00
Victor Hora
64ce41280d
Prettier error messages for unsupported configurations (UX) 2018-03-07 17:58:29 -03:00
Victor Hora
a66acebc05
Add missing verify*** transformation statements to parser 2018-03-05 17:50:14 -03:00
Felipe Zimmerle
8bb64c3ee3
Code cosmetics: removes an unused piece of code 2018-03-01 11:52:01 -03:00
Felipe Zimmerle
c8666fae31
Check for disruptive action on SecDefaultAction 2018-02-28 14:02:47 -03:00
Victor Hora
ab78b0cfb1
Add missing Base64 transformation statements to parser 2018-02-23 10:34:32 -03:00
Felipe Zimmerle
f17af95728
Using RunTimeString on setvar action 2018-02-20 13:40:01 -03:00
Felipe Zimmerle
a6830c76f2
parser refactoring: ops no longer carry a payload 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
a299997e02
Using run time string on the operators 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
2d892a3176
Adds support for multipart vars on the parser 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
6fe8655ed9
Adds support for RunTimeString 
Using RunTimeStrings instead of runtime parser for
macro expansion.
 2018-02-20 13:40:00 -03:00
Felipe Zimmerle
768a76a61e
perf. improvement/rx: Only compute dynamic regex in case of macro 
On #1528 was added the support for macro expansion on @rx operator.
The performance improvement suggested on the pull request was not
thread safe, therefore removed. This patch adds a performance
improvement on top of #1528. The benchmarks points to 10x faster
results on OWASP CRS.
 2018-02-20 13:39:59 -03:00
Felipe Zimmerle
eaa4770c5d
Fix issue related to Lua script load 2017-12-13 16:20:18 -03:00
Felipe Zimmerle
23cf656f93
Adds support to WEBAPPID variable 2017-11-08 10:28:56 -03:00
Felipe Zimmerle
082a3e3287
Adds support to SecWebAppID 2017-11-08 09:33:14 -03:00