59 Commits

Author	SHA1	Message	Date
Breno Silva	aa18ec7f45	Updated copyright dates	2013-04-19 03:20:46 -04:00
Breno Silva	4db1f51f39	Added MULTIPART_NAME and MULTIPART_FILENAME variables	2013-03-04 11:54:13 -04:00
brenosilva	6335e5426c	Added MULTIPART_INVALID_PART flag	2012-10-14 23:47:27 +00:00
brenosilva	592ec392d1	Remove ctl:ruleUpdateTarget* and add ctl:ruleRemovetarget*	2012-08-02 18:04:53 +00:00
brenosilva	1e8259b4a4	Avoid double close() for multipart file descriptors	2012-07-27 01:00:13 +00:00
brenosilva	3bb931e188	Fix warnings	2012-06-17 13:32:07 +00:00
brenosilva	e584123aba	Fix quote validation in multipart code	2012-06-07 22:10:46 +00:00
brenosilva	988e78e9ab	Fix quote validation in multipart code	2012-06-07 13:46:29 +00:00
brenosilva	d3ad05e9c9	MODSEC-312	2012-06-01 20:16:06 +00:00
brenosilva	104f0de46e	New License	2011-03-30 14:12:44 +00:00
brenosilva	49732256f6	Improvements, fixes and new features	2011-03-25 13:51:13 +00:00
brenosilva	549f059480	move 2.5.13 into trunk	2010-12-08 18:58:18 +00:00
b1v1r	3a10f9fb8d	Fix autoconf header and include path so trunk builds.	2010-08-31 18:35:55 +00:00
b1v1r	08edc0c26f	Merge 2.5.x (2.5.12) changes into trunk.	2010-02-05 19:05:20 +00:00
b1v1r	b01f8190e4	Merged 2.5.x changes for 2.5.11 into trunk.	2009-11-06 18:38:15 +00:00
ivanr	8fe278e845	Change 'sanitise' to 'sanitize' everywhere, preserving the 'sanitise' action variants for backward compatibility.	2009-10-29 17:57:18 +00:00
b1v1r	826124b378	Merge 2.5.x changes to trunk.	2009-08-25 22:19:33 +00:00
b1v1r	dc0a2161ac	Merge 2.5.9 changes into trunk.	2009-03-12 15:31:10 +00:00
brectanus	10713fbd37	Sync up branches/2.5.x and trunk.	2008-07-31 22:36:24 +00:00
brectanus	21f305095c	Fixed warning for mixed CRLF/LF lines and LF lines in changeset:1070. See #504.	2008-06-05 18:03:20 +00:00
ivanr	81d98de283	Log strict multipart errors at level 4.	2008-06-05 13:52:30 +00:00
ivanr	043a5d6082	Handle the case when there isn't a new line after the final boundary in a multipart request. This fix takes care of the WordPress Flash file uploader problem.	2008-05-29 15:10:36 +00:00
brectanus	aa6be1614e	Make sure all filehandles are closed at the end of a trasaction. See #464 and #465. ... Fixes a few typos in some error messages when we are over the limits.	2008-03-28 20:00:37 +00:00
brectanus	f428d37680	Cleanup - remove extraneous whitespace and tabs.	2008-02-07 21:45:05 +00:00
brectanus	f8adea949c	Implemented SecUploadFileMode. See #448.	2008-01-24 22:10:37 +00:00
brectanus	9fb03d277d	Fixing code based on review comments... ... Cleaned up what vars are cacheable. Added parens around "*foo++" where it clarified the operation to be "*(foo++)". Added " at VARNAME" to operator matches where needed. Escaped var->name in the var generation (user-supplied data). Marked a bunch of TODOs as ENHs instead. Transformed some C++ style comments to C style. Removed the %0-9 macros code which was commented out. Optimized some ctl action code so that multiple ifs are else ifs. Implemented some error messages marked as ENH. Make commented out acmp debugging a configure-time option. Cleanup GEO debug log messages. Added relative filename support for geo dbs. Added help text to Sec* directives.	2008-01-18 00:47:30 +00:00
brectanus	b5033e6e29	It is 2008 now :)	2008-01-11 00:00:31 +00:00
ivanr	bbcf1d08fc	Added an APR-Util variant of character encoding conversion.	2007-12-03 14:46:00 +00:00
ivanr	c25071b832	Initial experimental implementation of SecRequestEncoding. See #390 for more details.	2007-12-03 14:04:53 +00:00
ivanr	575e86388a	Implemented SecRequestBodyNoFilesLimit (#103).	2007-11-29 11:41:48 +00:00
brectanus	e47fdeb420	Changed %p formatter to APRs %pp (wish that was documented). ... Marked msr_log() as a printf style function so GNU compiler can check formatting types. Fixed a few other warnings with msr_log() formatters.	2007-11-26 22:53:51 +00:00
brectanus	aff6900539	Initial full pass through code to fix issues with 64-bit/mismatch sign/mismatch size printf style formatters. ... Still need to look more into how we are handling time and convert to apr_time_t (or time_t) where appropriate. Still need to look into our use of 'long' as windows is LLP64 where 'long' is still 32-bit.	2007-11-15 19:09:14 +00:00
ivanr	cd2287a412	Fix for an evasion false positive.	2007-11-08 18:12:51 +00:00
ivanr	b0d514478f	Fix blocking multipart FP, which affected Safari.	2007-10-15 18:05:12 +00:00
ivanr	d5f3b9ce52	Fix multipart parser blocking FP with Safari ( ... (#317).	2007-10-15 17:27:51 +00:00
brectanus	63a47c370e	Prefer %d string formatter to %i so we do not get warnings on some platforms.	2007-09-27 21:34:29 +00:00
ivanr	79ee3a6a79	Process debug log statements only if the debug log level is sufficiently high.	2007-09-21 19:46:53 +00:00
brectanus	8549546b5e	Add a cast to unsigned char * to avoid warning.	2007-09-11 17:59:14 +00:00
ivanr	fa2b97ddb4	Tidy code. Small bug fixes.	2007-09-07 16:01:28 +00:00
ivanr	0769f2378c	More multipart improvements. Added MULTIPART_MISSING_SEMICOLON.	2007-09-07 13:16:40 +00:00
ivanr	9301461b33	Allow multipart C-T header to be up to 1024 bytes long. Some code cleanup (really ;).	2007-08-20 16:09:48 +00:00
ivanr	608f7f2b44	Fix LF line detection, add MULTIPART_CRLF_LINE, MULTIPART_CRLF_LF_LINES.	2007-08-20 15:25:05 +00:00
ivanr	239fa00957	Fix silly errors, typos.	2007-08-17 16:01:24 +00:00
ivanr	baf6f59dff	Multipart parsing improvements.	2007-08-17 15:47:33 +00:00
ivanr	28d44486e3	Fixed data corruption in the multipart parser.	2007-08-10 15:59:54 +00:00
ivanr	222f1f6f78	Cleanup. MULTIPART_STRICT_ERROR now returns 1 on parsing error too.	2007-08-10 15:04:42 +00:00
ivanr	323f9f81a0	Better discovery of partial quoting evasion.	2007-08-10 14:51:55 +00:00
ivanr	b1949b7ebc	Another check for evasion through partial quoting of multipart boundary.	2007-08-10 14:40:22 +00:00
ivanr	d0ac05c3ea	Add check for evasion using double quote inside multipart boundary.	2007-08-10 14:37:04 +00:00
ivanr	5898e9e116	Fixed a potential segmentation fault, introduced with recent changes.	2007-08-10 14:24:13 +00:00