github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
543 Commits 55 Branches 109 Tags
Commit Graph

543 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ivanr
fd5cf18ca4 Add the data formats documentation. 2008-12-01 10:39:46 +00:00
b1v1r
facacae238 Fix a typo in the SecRuleInheritance example. 2008-11-13 00:28:29 +00:00
(no author)
c012db7e60 Make a note of configure options that can affect performance (MODSEC-28). 2008-10-21 17:46:20 +00:00
(no author)
4a336dadf2 Removed an invalid "Internal error" message forcing auditing of a request (MODSEC-29). 
Cleaned up error messages prior to using send_error_bucket().
 2008-10-21 17:45:18 +00:00
brectanus
c3c822ea01 Revert r1205 as it was fixed in mod_jk upstream. 2008-09-17 16:54:31 +00:00
ivanr
becf694033 Updated REQUEST_BODY documentation. 2008-09-17 11:04:12 +00:00
ivanr
7b0e71f929 CHANGES text describing when REQUEST_BODY is populated was not accurate. 2008-09-17 10:59:11 +00:00
brectanus
3848ff5b36 Worked around mod_jk issue where a 401 response was not including the WWW-Authentication header (MODSEC-16). 2008-09-15 19:51:06 +00:00
brectanus
67c48bfdfb Added ability to use ctl:requestBodyAccess=off in phase:1 to avoid limit check. 
Added regression tests for this as well.
 2008-09-10 19:45:13 +00:00
brectanus
c5e258f0ba Added additional check for XML well formed. 2008-09-10 18:32:24 +00:00
brectanus
b2c7424a96 Added a comment. 2008-09-10 17:39:18 +00:00
brectanus
309510d70b Change from ctl:requestBodyBuffering to ctl:forceRequestBodyVariable. 2008-09-10 17:11:20 +00:00
ivanr
5740f7a3eb Tidy up. 2008-09-10 14:15:37 +00:00
ivanr
2ee69ce468 Document css_inplace_decode(). 2008-09-10 12:44:41 +00:00
ivanr
2f7ff8f7ab Tidy up. 2008-09-10 11:34:16 +00:00
brectanus
ec49ce05c7 Updated docs to point out some features are not available on all OSes. MODSEC-9 2008-09-05 16:18:00 +00:00
brectanus
ac767de86e Typo in SecRuleUpdateActionById example. 2008-09-05 15:29:25 +00:00
brectanus
f20059b009 Make sure we fail to validate DTD/schema after a parsing error. Fixes MODSEC-5. 2008-09-03 22:16:42 +00:00
brectanus
f5af5ef429 Remove declaration of an unused variable. 2008-09-03 21:20:06 +00:00
brectanus
34798e9abe Allow ability to force request body buffering to memory. Fixes MODSEC-2. 2008-09-03 20:42:28 +00:00
brectanus
139d651bbf Updated the CHANGES. 2008-09-03 18:06:14 +00:00
brectanus
deb6a816b4 Fixed MODSEC-2 by using the msr->hostname (ap_get_server_name(r)) vs r->hostname in the log. 2008-09-02 23:43:15 +00:00
brectanus
20cc395510 Added mlogc source. 2008-09-02 23:10:36 +00:00
ivanr
2818e66a95 Tidy up the code for the performance-measurement mode. Remove the per-phase measurements, which don't seem to work (at least not in my case). 2008-09-01 09:38:30 +00:00
ivanr
acec75be45 Make PERFORMANCE_MEASUREMENT more accurate by removing stray msr_log() invocation. Clean the code a bit. 2008-08-29 16:09:59 +00:00
ivanr
9997cee04a Clarified that SecMarker IDs are the same thing as rule IDs. 2008-08-27 14:46:31 +00:00
ivanr
1b977e6106 Clarifications in response to comments from Kiyohiko Kajihara. 2008-08-27 12:22:56 +00:00
brectanus
a686b0633a Update configure to better find lua libs. 2008-08-18 16:00:29 +00:00
brectanus
ab5cd92618 Update a regression test due to changed error message. 2008-08-15 21:04:12 +00:00
brectanus
7eef5ce7ae Update test stup with new msr_log_* wrappers. 2008-08-15 20:45:28 +00:00
brectanus
d419a21682 Update CHANGES. 
Sync up docs.
 2008-08-15 20:25:27 +00:00
brectanus
225339525d Allow disabling processing of request body size limit in phase 1. See #518. 2008-08-15 20:21:25 +00:00
brectanus
5298e29540 Added XML warn/error output to debug log. See #519. 2008-08-15 19:58:02 +00:00
brectanus
458fe8423c Add parity transformations. See #516. 2008-08-14 23:49:39 +00:00
brectanus
94370b2c76 Update default action in unit test stub. 2008-08-14 23:43:18 +00:00
brectanus
bb2e4b9a3e Fix cssDecode. See #512. 2008-08-14 23:37:40 +00:00
brectanus
5f648db898 Updated regression suite to use full path to LoadModule. 2008-08-08 22:50:47 +00:00
brectanus
10713fbd37 Sync up branches/2.5.x and trunk. 2008-07-31 22:36:24 +00:00
ivanr
9c6b267447 Change licence file to Unix format. 2008-07-31 08:43:43 +00:00
ivanr
a05445e335 Tidy up whitespace. More characters in the commit messages than in the change itself! Way, way, more. This is what happens when you work too much. 2008-07-29 15:46:45 +00:00
brectanus
924ce68c55 Update readme to point to new exception filename. 2008-07-29 15:40:37 +00:00
brectanus
7899b5c6e0 Update licensing. 2008-07-29 15:38:32 +00:00
brectanus
6a33fedc81 Regression suite cleanup merged from 2.5.x. 2008-07-29 05:50:03 +00:00
brectanus
478389d5a4 Added regression tests for ctl:ruleRemoveById and disruptive actions in DetectionOnly mode. 2008-07-22 17:03:30 +00:00
ivanr
ae40b8c213 Implemented cssDecode. 2008-07-16 13:08:12 +00:00
brectanus
e6e06bff72 Update trunk CHANGES with 2.5.5 release. 2008-07-07 15:47:49 +00:00
brectanus
200d9e5fe3 Firewalls not fireballs ;) 2008-06-16 22:13:52 +00:00
brectanus
326208d02c Newer apaches default to text/plain instead of null. 
Make matching files a bit more robust.
 2008-06-16 17:20:50 +00:00
brectanus
21f305095c Fixed warning for mixed CRLF/LF lines and LF lines in changeset:1070. See #504. 2008-06-05 18:03:20 +00:00
brectanus
f072738c82 Remove an extraneous debug statement and update version date. 2008-06-05 17:29:29 +00:00