github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
2,083 Commits 55 Branches 109 Tags
Commit Graph

406 Commits

Author SHA1 Message Date
Felipe Zimmerle
e65f0db13b Fix on the variable parser 2015-10-19 19:31:23 -03:00
Felipe Zimmerle
c800214e6d Fix pcre_exec matched string 2015-10-16 16:15:39 -03:00
Felipe Zimmerle
0285c944f9 Fix collections resolution 2015-10-16 15:34:17 -03:00
Felipe Zimmerle
b0089cfde9 Adds MODSEC_NO_LOGS option to be part of the configure 2015-10-15 15:47:52 -03:00
Felipe Zimmerle
74045beab5 Performance improvement while expanding macros 2015-10-15 14:04:35 -03:00
Felipe Zimmerle
3351338551 Performance improvement of setVar action 2015-10-15 14:03:43 -03:00
Felipe Zimmerle
e57ee8908f Searches for included configuration using the resource policy 2015-10-07 15:26:08 -03:00
Felipe Zimmerle
e54ef72051 Looks for external resources in the same path of the rule 2015-10-06 09:21:30 -03:00
Felipe Zimmerle
5cc9e94505 Splits operator into OPERATOR and FREE_TEXT on sec lang grammar 2015-10-02 12:07:18 -03:00
Felipe Zimmerle
df819dc43b Removes SPACE token form the GRAMMAR 2015-10-02 11:30:05 -03:00
Felipe Zimmerle
54c51e2512 Fix parser shift/reduce problem on state 133 2015-10-02 11:03:04 -03:00
Felipe Zimmerle
03eabd9c12 Fix shift/reduce conflict in the sec lang grammar. 2015-10-01 17:36:18 -03:00
Felipe Zimmerle
941b9e75c4 Adds support to rules with actions without quotes 2015-10-01 14:55:55 -03:00
Felipe Zimmerle
0087a602f1 Fix phases execution 2015-09-30 18:48:38 -03:00
Felipe Zimmerle
8255ce86ca Adds reference to filename and line number to lexer errors 2015-09-30 14:36:33 -03:00
Felipe Zimmerle
900af2cd48 Adds possibility to use include with wildcards and env vars 2015-09-29 14:06:13 -07:00
Felipe Zimmerle
cb9524ffd7 Adds support to collection in the parser 2015-09-29 13:14:36 -07:00
Felipe Zimmerle
d084ab5f2d Fix the "line counting" on parser errors 2015-09-29 12:22:23 -03:00
Felipe Zimmerle
70e2a4b379 Adds support to include path between quotes 2015-09-29 10:43:28 -03:00
Felipe Zimmerle
b497091017 Cosmetics: Fix coding style 2015-09-28 16:32:59 -03:00
Chaim Sanders
f6e0b447b3 Merge branch 'libmodsecurity' of https://github.com/SpiderLabs/ModSecurity into libmodsecurity 2015-09-25 00:42:57 -04:00
Chaim Sanders
1cf1e313cc Added some comments about msc_set_log_cb 2015-09-25 00:42:39 -04:00
Chaim Sanders
d044c7aaec Removed some extra comments 2015-09-25 00:30:59 -04:00
Felipe Zimmerle
f93c0de940 Disable NO_LOGS by default 2015-09-24 11:55:14 -07:00
Felipe Zimmerle
076a02951c Huge performance improvement: passing variables as pointers avoiding copies 2015-09-18 20:21:12 -03:00
Felipe Zimmerle
2451bf05d7 Using pcre (with JIT) instead of pcrecpp 2015-09-17 19:26:44 -03:00
Felipe Zimmerle
ed86c24df6 Adds checks for the NO_LOGS definition and improved the vars resolution time 2015-09-17 17:41:38 -03:00
Felipe Zimmerle
3e067e7409 Core is now ready to deal with SecRulesEngine set to Off 2015-09-17 10:59:56 -03:00
Felipe Zimmerle
11e1a67d58 Fix disruptive action flow while RuleEngine is in DetectionOnly 2015-09-17 10:51:44 -03:00
Felipe Zimmerle
490ad23e41 Uses macro expansion before apply redirect action 2015-09-17 09:30:39 -03:00
Felipe Zimmerle
90df21bbb1 Removes the \' from setvar before name the collections 2015-09-17 09:29:55 -03:00
Felipe Zimmerle
d0c215d78b Adds support for the server log integration 2015-09-17 09:01:52 -03:00
Felipe Zimmerle
5228b685bf Fix disruptive actions execution 2015-09-16 19:43:31 -03:00
Felipe Zimmerle
5b18db779e Makes multipart debug messages goes over modsec debug log not stdout 2015-09-16 15:24:42 -03:00
Felipe Zimmerle
639ccf7ddc Fix the rule execution debug log, so that tests won't complain 2015-09-16 15:16:04 -03:00
Felipe Zimmerle
7f747d1dd0 Fix multipart parser in crlf blobs 2015-09-16 15:01:53 -03:00
Felipe Zimmerle
e88d2120fb Including space in the list of readable characters for debuglog 2015-09-16 14:25:03 -03:00
Felipe Zimmerle
9d60dc6df8 Adds macro expansion for all operators 2015-09-16 11:25:07 -03:00
Felipe Zimmerle
320bcde89e Adds rule number to the debug logs and printing expaded variables 2015-09-16 11:24:15 -03:00
Felipe Zimmerle
4bf7f7a44c Adds 'expandKeepOriginal' method to macro expansion class 2015-09-16 11:22:57 -03:00
Felipe Zimmerle
c425b24ffb Extends redirect action to support url without quotes 2015-09-15 18:25:15 -03:00
Felipe Zimmerle
b1e845211c Limits the variable size into the debuglogs and print it in hex if needed 2015-09-15 16:09:44 -03:00
Felipe Zimmerle
8772daec4d Adds functions limitTo and toHexIfNeed into utils.cc 
Those will be used in order to make the debug and audit logs
readable.
 2015-09-15 16:07:03 -03:00
Felipe Zimmerle
97214edf6e Fix multipart parser on binary content 2015-09-15 16:06:41 -03:00
Felipe Zimmerle
23d843259d Fix rule.h include on modsecurity.cc and seclang-parser.yy 2015-09-15 16:05:29 -03:00
Felipe Zimmerle
a0a2d2c77e Adds support to read request body from a file 2015-09-15 16:04:27 -03:00
Felipe Zimmerle
140a62a2b5 Changes rule_id to long in order to have it visible by systemtap 2015-09-11 12:41:36 -03:00
Felipe Zimmerle
2a8f45b895 Adds transformations removeComments and replaceComments to the seclang parsers 2015-09-11 12:41:09 -03:00
Felipe Zimmerle
3c53869915 Adds transformation normalisePath to seclang parser 2015-09-09 23:02:07 -03:00
Felipe Zimmerle
92563da930 Adds t:utf8toUnicode and variable XML to the seclang parser 2015-09-09 22:51:19 -03:00