github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-03 15:12:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 5b447b075f First version of the inline highlight calculation Felipe Zimmerle 2017-02-26 23:32:48 -03:00
  • f4a05b6e1f Configure: actually disable Lua on systems with liblua5.1 Andrei Belov 2017-12-26 16:04:23 +03:00
  • c1cd668acb Change release version to v3.0.0 v3.0.0 Felipe Zimmerle 2017-12-13 19:09:08 -03:00
  • eaa4770c5d Fix issue related to Lua script load Felipe Zimmerle 2017-12-13 16:20:18 -03:00
  • c98e665475 Improvements on LUA build scripts and support for LUA 5.2 Victor Hora 2017-11-23 12:38:23 -05:00
  • de36fca86a Adds info about 0xfd84e on the changes file Felipe Zimmerle 2017-12-12 09:50:14 -03:00
  • e9f3312ea9 fixed compilation error with disable_debug_log flag Izik Abramov 2017-12-05 15:35:26 +02:00
  • cb8d0b068d fixed compilation error with disable_debug_log flag v3/twaf8.5-almost-gold Izik Abramov 2017-12-05 15:35:26 +02:00
  • cb182b0dc5 highlight: Fix JSON structure Felipe Zimmerle 2017-12-04 12:16:21 -03:00
  • 445b4aee7c Fix on the m_buf generation: avoid padding before request body Felipe Zimmerle 2017-12-04 12:16:19 -03:00
  • 41040d5104 Adds request_headers_names.conf to reading_logs_via_rule_message example Felipe Zimmerle 2017-12-04 12:16:13 -03:00
  • 3c8e22ad3a Having a better error handler for the highlight feature Felipe Zimmerle 2017-03-15 21:35:33 -03:00
  • f06d09dd49 Changes the line terminator to fixed value: \n Felipe Zimmerle 2017-12-04 12:15:21 -03:00
  • cc897b0c44 Adjusts the line terminator in the RuleMessage::m_buf variable Felipe Zimmerle 2017-12-04 12:15:08 -03:00
  • e8cdefb8c6 Adds support to m_highlightJSON in RuleMessage class Felipe Zimmerle 2017-12-04 12:10:38 -03:00
  • ea8d9c0e82 First version of the inline highlight calculation Felipe Zimmerle 2017-02-26 23:32:48 -03:00
  • 81e1cdced3 Adds info about issue 1615 on the changes file Felipe Zimmerle 2017-11-17 14:11:27 -03:00
  • 8bcef41878 Improve benchmark tool michaelgranzow-avi 2017-11-07 16:26:31 +01:00
  • e98be6dc55 Adds info about issue 1622 on the changes file Felipe Zimmerle 2017-11-17 09:53:24 -03:00
  • af7e6ee169 Correction lua header Minasu 2017-11-17 09:54:43 +01:00
  • 9c0ed6109d Fix assorted minor memory management issues Felipe Zimmerle 2017-11-14 09:36:32 -03:00
  • b7698d6899 Fix memory leak in @fuzzyHash Felipe Zimmerle 2017-11-13 23:54:30 -03:00
  • 68152d8d29 Adds test case for issue #1576 Felipe Zimmerle 2017-11-13 22:32:55 -03:00
  • 3fb71f32d8 Coding style fixes Felipe Zimmerle 2017-11-13 14:22:17 -03:00
  • 023e7acbad Refactoring on the JSON parser Felipe Zimmerle 2017-11-10 16:07:24 -03:00
  • 23cf656f93 Adds support to WEBAPPID variable Felipe Zimmerle 2017-11-08 10:27:44 -03:00
  • 082a3e3287 Adds support to SecWebAppID Felipe Zimmerle 2017-11-08 09:02:42 -03:00
  • 37c34f3e65 Adds missing cflags for LUA and SSDEEP Felipe Zimmerle 2017-11-07 23:30:48 -03:00
  • ec667a4609 Adds support for SecRuleRemoveByTag Felipe Zimmerle 2017-11-07 14:51:38 -03:00
  • 381cf8ac21 Makes ssdeep enabled by default on the build scripts Felipe Zimmerle 2017-11-07 09:15:14 -03:00
  • 4d7fd5c30a Adds support for update target by message Felipe Zimmerle 2017-11-06 23:27:31 -03:00
  • 7d7c0c03c5 Adds missing SecRuleScript test case Felipe Zimmerle 2017-11-06 23:27:00 -03:00
  • dcc60d1774 Windows build, fixed duplicate YAJL dir in script Allan Boll 2017-11-03 16:04:00 -07:00
  • bff326e80e Adds lua as a travis option Felipe Zimmerle 2017-11-06 00:45:57 -03:00
  • 7fa5ca9ba0 Makes lua optional Felipe Zimmerle 2017-11-06 00:00:38 -03:00
  • e52bd7d635 Adds support to SecRuleScript directive Felipe Zimmerle 2017-11-05 18:42:46 -03:00
  • cb3363c7d5 Adds support for the exec action Felipe Zimmerle 2017-11-05 11:46:29 -03:00
  • 7bec78a5a5 Adds support for transformations inside Lua engine Felipe Zimmerle 2017-11-05 11:38:18 -03:00
  • a676f313c3 Initial support for Lua script engine Felipe Zimmerle 2017-11-05 10:42:40 -03:00
  • 1866a3a9eb Adds support for the @inspectFile operator Felipe Zimmerle 2017-10-31 09:42:06 -03:00
  • 1189e9b0ef Adds support to LUA in configure scripts Felipe Zimmerle 2017-10-30 10:42:40 -03:00
  • 9369efcb90 Adds support to the collection RESOURCE Felipe Zimmerle 2017-10-30 09:06:23 -03:00
  • a9d54c30a1 Fix on ssdeep search script Felipe Zimmerle 2017-10-27 16:57:26 -03:00
  • e6106ae0eb Fix regression tests for fuzzyHash Felipe Zimmerle 2017-10-27 14:47:04 -03:00
  • 9c83b39ea0 travis: Adds ssdeep option to our regression soup Felipe Zimmerle 2017-10-26 15:13:34 -03:00
  • 7622866f97 Adds support for @fuzzyHash Felipe Zimmerle 2017-10-25 19:11:09 -03:00
  • 4ecfed3163 Adds CHANGES info about #1598 Felipe Zimmerle 2017-10-25 16:47:36 -03:00
  • 968d83f1ff Fix build on non x86 arch build failed on ppc64/ppc64le/arch64/armv7hl/s390x due to how this arch represent chars Athmane Madjoudj 2017-10-22 14:07:35 +01:00
  • 371fc03218 Fix memory issue while changing rule target dynamic Felipe Zimmerle 2017-10-24 00:01:44 -03:00
  • 351beb0567 Adds missing info to the CHANGES file Felipe Zimmerle 2017-10-20 21:49:00 -03:00
  • c4fcb36f4c Fix log while displaying the name of a dict selection by regex Felipe Zimmerle 2017-10-20 21:46:24 -03:00
  • 93e18ca5ea Support pipes inside quoted variable selection Felipe Zimmerle 2017-10-20 11:02:42 -03:00
  • 34e8b140e5 Setting http response code on the auditlog Felipe Zimmerle 2017-10-19 23:26:08 -03:00
  • 274f9e5aa1 Refactoring on RuleMessage class, now accepting http code as parameter Felipe Zimmerle 2017-10-19 23:00:25 -03:00
  • 39fb75c34d Having disruptive msgs as disruptive [instead of warnings] on audit log Felipe Zimmerle 2017-10-17 14:56:18 -03:00
  • 30797a458b Parser: Pipes are no longer welcomed inside regex dict element selection. Felipe Zimmerle 2017-10-17 11:46:14 -03:00
  • 1518c43d61 Adds test case for issue #1565 Felipe Zimmerle 2017-10-11 23:18:44 -03:00
  • 1ad95254cd Avoids unicode initialization on every rules block Felipe Zimmerle 2017-10-11 12:37:13 -03:00
  • 20edf9ab77 Removes xml initialization from CURL if/def Felipe Zimmerle 2017-10-10 18:14:41 -03:00
  • 41bf7f716b Calls xml init and xml cleanup to avoid memory leak Felipe Zimmerle 2017-10-10 15:03:50 -03:00
  • 30364628a0 Makes clear to the user when audit log is empty due to missing JSON sup. Felipe Zimmerle 2017-10-10 10:25:22 -03:00
  • d3f979f1d2 Makes auditlog more verbose on debug logs Felipe Zimmerle 2017-10-10 09:30:21 -03:00
  • e09304a08a CHANGES: Adds info about #1583 Felipe Zimmerle 2017-10-09 09:08:31 -03:00
  • d285bc02b8 Add missing statements Victor Hora 2017-10-06 16:58:17 -04:00
  • 63bef3d142 Support to JSON stuff on serial logging Victor Hora 2017-10-03 20:50:02 +00:00
  • 2988c5bb07 CHANGES: add info about #1536 Felipe Zimmerle 2017-10-06 20:35:09 +00:00
  • fa7973a4ef Removes a regex optimization added at #1536 Felipe Zimmerle 2017-10-06 20:32:40 +00:00
  • 9e9db08b87 add @rx macro expansion test to list in Makefile asterite 2017-08-19 11:16:54 +03:00
  • 10c4f9b1b2 add a test for macro expansion in @rx asterite 2017-08-19 10:21:57 +03:00
  • a76030256e support macro expansion in @rx asterite 2017-08-17 21:03:39 +03:00
  • 210e72aa21 Consideres under quote variable while loading the rules Felipe Zimmerle 2017-10-06 18:42:32 +00:00
  • 4ee1d9c179 Adds information on #1538 Felipe Zimmerle 2017-10-05 18:28:07 +00:00
  • 6406e2108d Makes `large stream optimization' optional Felipe Zimmerle 2017-10-05 18:25:52 +00:00
  • 2e9ea0a677 Avoid use of min-macro, as it is not available in all envs Allan Boll 2017-08-29 23:22:04 -07:00
  • 7fff8938ba Check return value of modsecurity_request_body_store Allan Boll 2017-08-22 17:12:37 -07:00
  • 6ce7f4d689 Remove the unneeded null termination for the stream_input_data Allan Boll 2017-08-22 15:32:52 -07:00
  • 023b863853 Ensure memory preallocation for streaming is bounded by SecRequestBodyLimit Allan Boll 2017-08-22 15:31:33 -07:00
  • 97b51ebfed Renamed local var and initialized local vars. Undid accidental move. Allan Boll 2017-08-22 10:37:29 -07:00
  • afae690655 Preallocate memory when SecStreamInBodyInspection is on. 20x speed improvement for 10mb upload. Also simplified modsecurity_request_body_to_stream. Allan Boll 2017-08-18 17:45:44 -07:00
  • 07c3659ddc Adds information on #1538 Felipe Zimmerle 2017-10-05 16:40:40 +00:00
  • b3a527f593 Fixed a typo in build_yajl.bat Allan Boll 2017-10-05 16:39:57 +00:00
  • d50f840a43 Adds info about #1545 Felipe Zimmerle 2017-10-05 14:39:32 +00:00
  • a0bd72334d Fixes SecConnWriteStateLimit Nic Jansma 2017-08-23 19:13:50 -04:00
  • 7fd5439c63 Adds info about #1446 Felipe Zimmerle 2017-10-05 13:33:11 +00:00
  • 934a9fcc02 Verify if chunk exists before access it Felipe Zimmerle 2017-10-05 13:28:28 +00:00
  • b8636a70d1 added "empy chunk" check Guido Ravagli 2017-06-06 16:39:30 +02:00
  • 9c51671b74 Adds information about #1488 Felipe Zimmerle 2017-10-05 03:25:46 +00:00
  • 9b90d86f75 Add capture action to @detectXSS operator Victor Hora 2017-07-04 12:17:40 -04:00
  • 185ec6f72e Adds information about #1486 Felipe Zimmerle 2017-10-04 21:24:36 +00:00
  • bbe7f8c389 Proposed fix for wildcard op when loading conf files on Nginx / IIS Victor Hora 2017-06-29 01:37:23 -04:00
  • b3c39136c1 Adds info about 94fe3 on our changelogs Felipe Zimmerle 2017-10-04 13:49:54 +00:00
  • c917df0f2a Set of fixes to make the build/win to work in our buildbots Felipe Zimmerle 2017-10-04 13:48:45 +00:00
  • 5731b76918 Adds information about #1510 Felipe Zimmerle 2017-09-29 18:35:45 +00:00
  • 89764f12b0 Fixed typos: LOG_NO_STOPWATCH instead of DLOG_NO_STOPWATCH $log_server_context instead of $log_server_context Marc Stern 2017-07-24 15:10:29 +02:00
  • 658c9b5dae Adds CHANGES info for #1571 Felipe Zimmerle 2017-09-29 16:31:03 +00:00
  • a5266d6d1c Store the connection and url parameters in std::string Dávid Major 2017-09-21 17:51:06 +02:00
  • ba4e2e3737 Adds CHANGES info for #1572 Felipe Zimmerle 2017-09-29 17:18:06 +00:00
  • 495b47d8a2 Eliminate some reorder and sign warnings Dávid Major 2017-09-21 17:48:42 +02:00
  • 2ab08a625e Adds information about #1454 Felipe Zimmerle 2017-09-28 22:21:05 +00:00
  • 7ead7f4d23 Few missing headers, in the <arpa/inet.h> inclusions ones mainly due to the fact APR_HAVE* constants are simply into apr.h David Carlier 2017-06-12 11:55:47 +01:00