ModSecurity

mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-17 14:46:13 +03:00

Author	SHA1	Message	Date
Victor Hora	9d70345d3d	Add missing hexDecode transformation to seclang parser	2017-05-29 22:48:23 -03:00
Felipe Zimmerle	a90b2a3ff7	Code cosmetics: init a vector.	2017-05-28 22:27:10 -03:00
Felipe Zimmerle	e1d3abc8e7	Removes memory leak on the counter variable modificator	2017-05-28 22:10:30 -03:00
Felipe Zimmerle	c49688fd7d	Verify if a certain resource exists before do any other sanity check	2017-05-28 22:10:15 -03:00
Felipe Zimmerle	37619bae77	Removes local cache for transformations	2017-05-10 09:29:08 -03:00
Felipe Zimmerle	0e05b7bb8a	Avoids to load a directory structure as a rules file	2017-05-02 16:42:22 -03:00
Felipe Zimmerle	c97db2f361	Adds verbose message when a resource is not found. Fix #1309	2017-05-02 13:39:37 -03:00
Felipe Zimmerle	6421ff087a	Forces disruptive to be first-rule-only ModSecurity version 3 is capable to handle disruptive actions in different rules from the chain. However, lets get it working in the same fashion that we have in version 2.	2017-04-24 21:06:35 -03:00
Michael Simpson	7e59250068	Fix JSON parsing error message	2017-04-24 16:37:35 -03:00
Felipe Zimmerle	e2bbe9858f	XML Parser: removes unnecessary message from debug logs Fix #44	2017-04-05 09:40:05 -03:00
Felipe Zimmerle	ba070c9eaa	Speeds up utils::string::toupper function	2017-03-31 14:35:26 -03:00
Felipe Zimmerle	b3c8e97ff7	Parse fix: accepting variables in between quotes	2017-03-30 10:02:36 -03:00
Felipe Zimmerle	c7053e572f	Postponing the decision to whenever save or not a log message to the last rule Whenever there is a chained rule, the decision of saving a message on the webserver's log will be taken after the execution of all actions on the chain, including the default actions.	2017-03-29 14:51:32 -03:00
Felipe Zimmerle	4d03ef512e	Fix TX dictionary element name on logs Before this patch the element name was not being shown.	2017-03-29 14:49:57 -03:00
Felipe Zimmerle	cf4deaa3a0	Using uint64_t instead of u_int64_t	2017-03-28 12:55:40 -03:00
Felipe Zimmerle	d15b57895b	Fix the Multipart parser error for unknown content type	2017-03-28 09:38:10 -03:00
Felipe Zimmerle	eb12b15146	Flush [shared-] file after write it	2017-03-24 18:08:13 -03:00
Felipe Zimmerle	dbcf5a7198	API CHANGE: Rules::merge signature was change to includes error msg	2017-03-23 09:52:39 -03:00
Felipe Zimmerle	5e59d19121	Improves macro expansion speed and variable set attribution	2017-03-23 08:53:51 -03:00
Felipe Zimmerle	f17da09fc0	Avoids call `toupper' twice while resolving a variable	2017-03-23 08:53:51 -03:00
Andrei Belov	85f98c8a66	Fix "make dist" after recent changes to parser In particular, it is now possible to either build ModSecurity with pre-generated parser, or use "--enable-parser-generation" configure option to rebuild parser from sources.	2017-03-09 18:18:00 -03:00
Felipe Zimmerle	53485c7f74	Fix pcre_exec offset values	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	e79712095b	Minor fix in the decision on whenever the log callback should be called	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	e2af60e765	Expands log_cb to share ruleMessage structure instead text Text version still available and it is the default options	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	d2c5b31b17	Uses FILE instead of _IO_FILE	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	e2bd87d07d	Fix minor parser errors	2017-03-06 15:02:04 -03:00
Felipe Zimmerle	c3cb23f47d	Removes the ';' from the x-www-form-urlencoded body-processor comparison	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	d6363607aa	Accept quoted regexp in the collection selection	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	39761ce7b8	Discards the `charset' from the C-T while checking for body processors Issue #1330	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	7ab192e90f	Using method instead of procol in the audit logs. Issue #1331	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	fcad290152	Having the DebugLogs using the SharedFile schema	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	7f9cd76619	Improvements on the SharedFiles class examples/multiprocess_c/multi	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	01c13da510	Fix segfault due to invalid memory access on SharedFiles class Issue #1318	2017-03-06 15:02:03 -03:00
David Testé	87f6b478fb	Fix typo in returned string	2017-03-06 15:02:03 -03:00
David Testé	cc25390dc9	Fix copy/paste typo	2017-03-06 15:02:03 -03:00
Felipe Zimmerle	027d50b76b	Adds first version of `processContentOffset' This commit also includes an example application on how to use the `processContentOffset' method.	2017-03-06 15:02:02 -03:00
Felipe Zimmerle	7aae5dc183	Fix Regex::searchAll to behave like global modifier	2017-03-06 15:02:02 -03:00
Felipe Zimmerle	4ad3574cf2	Adds offset regression tests and assorted fixes on var's offsets	2017-03-06 15:02:02 -03:00
Felipe Zimmerle	71a9677f38	Adds configure.h to system.cc in oder to read the MACOSX def	2017-03-06 15:02:01 -03:00
Felipe Zimmerle	f9552ede2b	Adds missing file	2017-03-06 15:02:01 -03:00
Felipe Zimmerle	36ab4b952f	Fix lmdb compilation issue	2017-03-06 15:02:00 -03:00
Felipe Zimmerle	6f47462110	Fix compilation when YAJL is not present	2017-03-06 15:02:00 -03:00
Felipe Zimmerle	d851699529	Adds references to the collection variables	2017-03-06 15:02:00 -03:00
Felipe Zimmerle	e95efa05cc	Fix assorted memory and static analysis errors	2017-03-06 15:02:00 -03:00
Felipe Zimmerle	f2d149fc5f	Extends the direct access model to other collections	2017-03-06 15:02:00 -03:00
Felipe Zimmerle	ca24b6bb06	PoC: Adds support to direct access on ARGS collection	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	c1f11ab4e5	Cosmetics: assorted fixes on the coding style	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	a88dc8efa9	Changes the check script to detect segfaults	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	ff65d618e4	Adds missing Makefile.am file	2017-03-06 15:01:59 -03:00
Felipe Zimmerle	ecbf292f6d	Adds first PoC for the operator offset feature	2017-03-06 15:01:59 -03:00

... 7 8 9 10 11 ...

1046 Commits