github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-13 21:36:00 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,791 Commits 55 Branches 109 Tags
Commit Graph

231 Commits

Author SHA1 Message Date
Felipe Zimmerle
1d3c4c670d
Treating ARGS_NAMES as an array instead of scalar 
Both value and key are the same.
 2017-08-22 18:26:56 -03:00
Felipe Zimmerle
81879cd131
parser: SecRequestBodyInMemoryLimit is now returning an error msg 2017-08-22 10:44:35 -03:00
Felipe Zimmerle
c22658ec80
Adds `msc_update_status_code' method to the libmodsec api 2017-08-20 18:52:50 -03:00
Felipe Zimmerle
d7eab6b7a3 Adds support to SecRuleRemoveByMsg 2017-08-16 23:42:13 -03:00
Felipe Zimmerle
b4051246b1 Adds support to SecResponseBodyMimeTypesClear 2017-08-16 22:21:03 -03:00
Felipe Zimmerle
48f1470269 Adds support to SecArgumentSeparator 2017-08-16 18:27:51 -03:00
Victor Hora
53ff0e1a57
Adds initial support to SecHttpBlKey 2017-07-29 00:12:14 -03:00
Lasse Karstensen
bce5ef7704
Add the missing g in Transaction::GetReponseBodyLenth() 
This commit fixes a typo in the method name for retrieving
the body length.
 2017-07-28 22:30:25 -03:00
Felipe Zimmerle
4bec6b0019
Adds support to ctl:ruleEngine 2017-07-27 22:05:10 -03:00
Felipe Zimmerle
15ca5ceab4
Yet another change on the audit log permissions 
The default values are set to 0640 and 0750. That is the real
value in version 2.
 2017-07-25 23:08:59 -03:00
Felipe Zimmerle
b58c8fe7ed
Changes the default file creation permission to 1600 
Somewhat related to #1497.
 2017-07-25 15:11:27 -03:00
Felipe Zimmerle
27a8abc052
Changes the auditlog new derectories permission to 1872 
As well noticed on #1497 [by @met3or] we had an inconsistence in the
default permission value for new directories between version 2 and 3.
 2017-07-25 15:06:47 -03:00
Felipe Zimmerle
e14dc602e5 Adds support to SecRuleUpdateTargetById 2017-07-04 13:13:13 -07:00
Felipe Zimmerle
fba9c20ea1 Adds initial support to SecRuleUpdateTargetByTag 2017-07-03 17:42:34 -07:00
Felipe Zimmerle
6421ff087a
Forces disruptive to be first-rule-only 
ModSecurity version 3 is capable to handle disruptive actions in different
rules from the chain. However, lets get it working in the same fashion that
we have in version 2.
 2017-04-24 21:06:35 -03:00
Felipe Zimmerle
5f60bb5224
Yet another fix on the debuglogs merge 2017-03-28 18:11:31 -03:00
Felipe Zimmerle
80cfca6fa3
Fix the debug log level merge function 2017-03-27 14:09:42 -03:00
Felipe Zimmerle
2a54bf23e5
Fix the debug log merge function 2017-03-27 11:30:26 -03:00
Felipe Zimmerle
dbcf5a7198
API CHANGE: Rules::merge signature was change to includes error msg 2017-03-23 09:52:39 -03:00
Felipe Zimmerle
e79712095b
Minor fix in the decision on whenever the log callback should be called 2017-03-06 15:02:04 -03:00
Felipe Zimmerle
e2af60e765
Expands log_cb to share ruleMessage structure instead text 
Text version still available and it is the default options
 2017-03-06 15:02:04 -03:00
Felipe Zimmerle
027d50b76b
Adds first version of `processContentOffset' 
This commit also includes an example application on how to use the
`processContentOffset' method.
 2017-03-06 15:02:02 -03:00
Felipe Zimmerle
4ad3574cf2
Adds offset regression tests and assorted fixes on var's offsets 2017-03-06 15:02:02 -03:00
Felipe Zimmerle
d851699529
Adds references to the collection variables 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
e95efa05cc
Fix assorted memory and static analysis errors 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
f2d149fc5f
Extends the direct access model to other collections 2017-03-06 15:02:00 -03:00
Felipe Zimmerle
ca24b6bb06
PoC: Adds support to direct access on ARGS collection 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
17e5a63577
Removes memory leak on the "offset" feature 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
c1f11ab4e5
Cosmetics: assorted fixes on the coding style 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
ecbf292f6d
Adds first PoC for the operator offset feature 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
9a8fc3116a
Instantiates the Class variable earlier 
Avoid the instantiation for every call
 2017-03-06 15:01:59 -03:00
Felipe Zimmerle
e95555132e
Contionuation of 1 time variable patch 
Now we have almost 100% of the transaction variables hosted on the
new schema. Variable modifcators (count and exclusion) are not yet
supported on the new schema. Notice that setvar is now using the
parser.
 2017-03-06 15:01:58 -03:00
Felipe Zimmerle
703da3c4f0
Adds PoC about 1-time variable resolution and draft for offset 
There is no need for the variable purely associated with the
transaction (transient) be part of collection that demands
lookups. Also, those variables will held the concept of offset:
The offset from the first byte of the request till the start of
the variable.
 2017-03-06 15:01:52 -03:00
Felipe Zimmerle
a8e5cce744
Moving the rules deletion to the RuleProperties class 
The deletion was happning on the Rule class due to historical reasons.
The consequence of that was a parser memory leak.
 2017-03-06 15:01:51 -03:00
Felipe Zimmerle
60402d8b80
Renames defaultActions to m_defaultActions in RulesProperties 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
7927ddda91
Renames rules to m_rules in RulesProperties 2017-03-06 15:01:50 -03:00
Felipe Zimmerle
f62dc287c9
Uses pointer instead of std::string copies while applying transformations 2016-12-28 20:00:44 -03:00
Felipe Zimmerle
a7f465cf3a
Avoids string copy by working with pointers while resolving variables 2016-12-28 20:00:14 -03:00
Felipe Zimmerle
168fa22e19
Collections cleanup: removes resolveFirstCopy method 2016-12-28 19:56:27 -03:00
Felipe Zimmerle
bbb61d560c
Changes the saving selection for the audit logs 2016-12-28 17:48:21 -03:00
Felipe Zimmerle
9c7416da97
Refactoring the actions classes 2016-12-28 15:20:06 -03:00
Felipe Zimmerle
317808fe54
Adds section "H" to serial audit log 2016-12-16 00:07:15 -03:00
Felipe Zimmerle
c1e96d6c2b
Fix rules messages in the audit logs 2016-12-15 23:11:54 -03:00
Felipe Zimmerle
2e9a35c358
Refactoring on the audit logs implementation 
Among of other things, it is now supporting shared file locks between
different process.
 2016-12-14 23:17:28 -03:00
Felipe Zimmerle
64e2927922 Moves debuglog stuff inside the debug_log namespace 2016-12-09 09:52:01 -03:00
Felipe Zimmerle
cce6179dcc
Refactoring: new structure for logging alerts 
Disruptive actions were moved to actions::disruptive namespace
 2016-12-01 14:14:54 -03:00
Felipe Zimmerle
bfc30dad34
Refactoring: how to report to error logs 2016-12-01 01:05:29 -03:00
Felipe Zimmerle
9bd37ccb63
Refactoring: Rule class 2016-11-28 13:07:25 -03:00
Felipe Zimmerle
a776cce6d7
Changes RULE variable group to be save at transient collection 2016-11-28 13:00:04 -03:00
Felipe Zimmerle
293a849668
Adds m_uri_no_query_string_decoded to transaction 2016-11-22 15:23:47 -03:00