github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-15 23:55:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
1,096 Commits 55 Branches 109 Tags
Commit Graph

74 Commits

Author SHA1 Message Date
Breno Silva
3bca8d41fc Change names of HMAC feature to HASH 2012-10-30 17:58:10 -04:00
Breno Silva
3ef77de118 Merging to release 2.7.1 2012-10-23 01:20:33 -04:00
brenosilva
5c5107a860 MODSEC-297 2012-10-08 13:55:11 +00:00
gregwroblewski
2dbe4ab4f0 Second part of IIS/nginx merge into M2 trunk. 2012-08-20 20:31:06 +00:00
brenosilva
22b763257c Fixing missing code between branches 2012-08-09 19:02:10 +00:00
brenosilva
592ec392d1 Remove ctl:ruleUpdateTarget* and add ctl:ruleRemovetarget* 2012-08-02 18:04:53 +00:00
brenosilva
3bb931e188 Fix warnings 2012-06-17 13:32:07 +00:00
brenosilva
d88a24da1f fix rsub input parsing and add maturity, ver and accuracy actions 2012-06-04 15:29:51 +00:00
brenosilva
866cb6d6b4 Update trunk for 2.7 2012-05-10 23:18:39 +00:00
brenosilva
f6e53252b2 add collection timeout in the trunk 2011-10-20 11:54:36 +00:00
brenosilva
d4079971c6 MODSEC-160 2011-10-14 13:32:30 +00:00
brenosilva
d43c7e0bf5 MODSEC-132 2011-08-11 14:35:20 +00:00
brenosilva
6b7edc4d47 Fixes, code cleanups, improvements 2011-04-27 15:58:22 +00:00
brenosilva
2a8c8a7475 force process partial when use ctl to detectiononly 2011-04-04 15:10:49 +00:00
brenosilva
a75f2c0c6e Testing new approach to tag macro expansion 2011-04-03 21:55:51 +00:00
brenosilva
b64d28eb5a Testing new approach to tag macro expansion 2011-04-03 21:54:12 +00:00
brenosilva
6b7c138a98 Testing new approach to tag macro expansion 2011-04-03 21:22:16 +00:00
brenosilva
f524cfee48 Testing new approach to tag macro expansion 2011-04-03 20:53:15 +00:00
brenosilva
82a9652ae9 Tag test 2011-04-02 23:39:20 +00:00
brenosilva
093cb24952 Tag test 2011-04-02 23:21:49 +00:00
brenosilva
6031e7fdae Improvements, bug fixes and cleanup from Tom Donavan 2011-04-02 23:10:16 +00:00
brenosilva
104f0de46e New License 2011-03-30 14:12:44 +00:00
brenosilva
1a2d377e34 MODSEC-178 2011-03-28 18:47:58 +00:00
brenosilva
49732256f6 Improvements, fixes and new features 2011-03-25 13:51:13 +00:00
brenosilva
d170dd4ebe MODSEC-57 2011-02-24 15:03:50 +00:00
brenosilva
7f52d86e4b Include data edition, sanitizematched and few fixes 2011-02-14 12:49:55 +00:00
brenosilva
549f059480 move 2.5.13 into trunk 2010-12-08 18:58:18 +00:00
ivanr
76583d80fa Added the missing log messages for the ctl action; optimised the existing log messages (MODSEC-99). 2009-12-04 23:50:51 +00:00
b1v1r
3b12989683 Merge 2.5.x changes into trunk. 2009-11-07 00:06:26 +00:00
b1v1r
b01f8190e4 Merged 2.5.x changes for 2.5.11 into trunk. 2009-11-06 18:38:15 +00:00
ivanr
8fe278e845 Change 'sanitise' to 'sanitize' everywhere, preserving the 'sanitise' action variants for backward compatibility. 2009-10-29 17:57:18 +00:00
b1v1r
ffc5d968e6 Merge 2.5.x changes into trunk. 2009-05-21 06:18:18 +00:00
b1v1r
dc0a2161ac Merge 2.5.9 changes into trunk. 2009-03-12 15:31:10 +00:00
brectanus
309510d70b Change from ctl:requestBodyBuffering to ctl:forceRequestBodyVariable. 2008-09-10 17:11:20 +00:00
brectanus
34798e9abe Allow ability to force request body buffering to memory. Fixes MODSEC-2. 2008-09-03 20:42:28 +00:00
brectanus
10713fbd37 Sync up branches/2.5.x and trunk. 2008-07-31 22:36:24 +00:00
brectanus
f394c6faa2 Add atomic updates for persistent counters. See #20. 2008-05-13 00:05:02 +00:00
brectanus
b4f473f87f Expand macros in expirevar and deprecatevar. See #477. 
Cleaned up debug logs in actions.
Warn on mismatched curly braces in macro expansion.
 2008-04-24 16:23:35 +00:00
brectanus
7a1e2db148 Fixed code according to Ivan's review. 2008-02-20 00:41:43 +00:00
brectanus
e4eaade2ca Make Lua support optional since it is still experimental (--without-lua). If someone still uses SecRuleScript, however, it iignores it and just warns on Apache startup. 2008-02-16 00:27:44 +00:00
brectanus
f428d37680 Cleanup - remove extraneous whitespace and tabs. 2008-02-07 21:45:05 +00:00
brectanus
13b5cdd5fc Expand macros in setenv (name and value). See #458. 2008-02-04 18:26:35 +00:00
brectanus
a3584993f5 Implement "block" pseudo-action. See #441. 2008-01-24 05:16:35 +00:00
brectanus
c4e1ede358 Fixed merging actionsets so we can build a more accurate rule for auditing. 2008-01-22 05:39:33 +00:00
brectanus
96ff268f64 Replace TABs with 4 spaces. 2008-01-18 01:04:47 +00:00
brectanus
9fb03d277d Fixing code based on review comments... 
Cleaned up what vars are cacheable.
Added parens around "*foo++" where it clarified the operation to be "*(foo++)".
Added " at VARNAME" to operator matches where needed.
Escaped var->name in the var generation (user-supplied data).
Marked a bunch of TODOs as ENHs instead.
Transformed some C++ style comments to C style.
Removed the %0-9 macros code which was commented out.
Optimized some ctl action code so that multiple ifs are else ifs.
Implemented some error messages marked as ENH.
Make commented out acmp debugging a configure-time option.
Cleanup GEO debug log messages.
Added relative filename support for geo dbs.
Added help text to Sec* directives.
 2008-01-18 00:47:30 +00:00
brectanus
b5033e6e29 It is 2008 now :) 2008-01-11 00:00:31 +00:00
brectanus
b6446dc836 Fixed an old bug in ctl:auditLogParts that was fixed in 2.1.x, but not trunk. 2008-01-09 01:02:51 +00:00
ivanr
2068357af8 Added m.getvars() and finalised Lua support. 2007-12-21 12:50:03 +00:00
ivanr
f64c7c39e8 Lua: Added support for scripting to @inspectFile. 2007-12-20 15:53:23 +00:00