github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-08 17:28:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 214cc15785 Cosmetics: Reduce the coding style warnings Felipe Zimmerle 2016-03-21 15:32:02 -03:00
  • c43391072c Fix some issues reported by the static analysis Felipe Zimmerle 2016-03-18 18:52:48 -03:00
  • 28008be616 Build: Adds /usr/lib64 as possible path for YAJL Felipe Zimmerle 2016-03-18 16:42:15 -03:00
  • d528b8ea6d Build: Looking for YAJL's LD flags instead of CFLAGS Felipe Zimmerle 2016-03-18 16:40:06 -03:00
  • e3dd2937e6 Installs the library file in the right path [lib|lib64] Felipe Zimmerle 2016-03-18 16:01:02 -03:00
  • 88ca736543 Avoids the installation of test utilities during `make install' Felipe Zimmerle 2016-03-18 14:26:41 -03:00
  • e0926fee37 Fix parser error while dealing with operator negation Felipe Zimmerle 2016-03-17 18:06:46 -03:00
  • 808ea48263 Adds information about the pull request #1060 on the CHANGES file Felipe Zimmerle 2016-03-16 10:37:01 -03:00
  • f9c253952c This is fix for reborn of https://github.com/SpiderLabs/ModSecurity/issues/334 This bug has been reborn, because Apache (at least in RedHat/CentOS) since version 2.2.15-47 returns in same case APR_INCOMPLETE (not APR_EOF). Based on same patch I have added handler for APR_INCOMPLETE. root 2016-01-29 08:43:28 +00:00
  • 88bffb1e3e Version 2.9.1 (final) v2.9.1 Felipe Zimmerle 2016-03-09 10:07:44 -03:00
  • 47a62b98bb Saves `MATCHED_VAR' and related before execute the actions Felipe Zimmerle 2016-02-18 20:02:28 -03:00
  • 778db259cf Treats the keys of the sec language variables as case-insensitive Felipe Zimmerle 2016-02-18 19:58:14 -03:00
  • 30d9ade192 Fix macro expansion: Now support } and/or }% to close a variable Felipe Zimmerle 2016-02-18 19:39:43 -03:00
  • f44143436b Fix parser error on free text operator Felipe Zimmerle 2016-02-18 10:11:54 -03:00
  • 1f68075a28 Process the logging phase on the benchmark utility Felipe Zimmerle 2016-02-17 14:39:10 -03:00
  • 1e3cafb734 Fix memory management on the rules' messages (try 2) Felipe Zimmerle 2016-02-17 13:32:31 -03:00
  • 71970915b1 Using `clear' to clean up lists instead of clean via integration Felipe Zimmerle 2016-02-17 12:21:05 -03:00
  • 163483e8d4 Fix memory management on the rules' messages Felipe Zimmerle 2016-02-16 23:30:14 -03:00
  • ed8b0c85d7 Fix `capture' memory management Felipe Zimmerle 2016-02-16 23:20:23 -03:00
  • e346454374 Fix memory leaks on the collections/variables management Felipe Zimmerle 2016-02-16 18:56:26 -03:00
  • 49fc1f8b79 Fix memory leak on the benchmark utility Felipe Zimmerle 2016-02-16 18:51:21 -03:00
  • 8647d63e90 Fix m accuracy initialization inside the Rule class Felipe Zimmerle 2016-02-15 15:47:36 -03:00
  • a2ffb36159 Adds "matched" line to the audit logs Felipe Zimmerle 2016-02-12 13:28:43 -03:00
  • 362b376acb Adds verbose logs to audit logs while deciding or not to save a request Felipe Zimmerle 2016-02-12 11:51:33 -03:00
  • 77a1dcab9b parser: fix issue with skipAfter action Felipe Zimmerle 2016-02-11 16:42:39 -03:00
  • 049e4eb69d Adds support to the @rbl operator Felipe Zimmerle 2016-02-11 14:25:58 -03:00
  • 4bdb4ed63a Fix chained rules execution order Felipe Zimmerle 2016-02-10 14:29:45 -03:00
  • 8143f8ea89 Adds support to the action `maturity' Felipe Zimmerle 2016-02-10 13:55:12 -03:00
  • 714df8db20 Adds support to the action `accuracy' Felipe Zimmerle 2016-02-10 13:34:41 -03:00
  • 5a2a81a568 Adds support to the action `ver' Felipe Zimmerle 2016-02-10 12:53:22 -03:00
  • 77900ed4e2 Fix rules `messages' on the auditlog Felipe Zimmerle 2016-02-10 12:03:52 -03:00
  • 9474373264 General improvements on audit logs information Felipe Zimmerle 2016-02-05 15:12:20 -03:00
  • ad9257c374 Version 2.9.1 v2.9.1-rc1 Felipe Zimmerle 2016-02-03 11:03:00 -03:00
  • a157ac2946 Fix compilation issue on "pedantic" compilers Felipe Zimmerle 2016-02-03 08:08:21 -03:00
  • 207c85d9f7 Best practices: Checking if variables are null before use it nginx_refactoring Eldar Zaitov 2014-06-13 23:42:09 +04:00
  • bc390c6659 Use ngx_cycle to obtain log object in handler function. Andrei Belov 2014-06-06 11:36:37 +04:00
  • ce21d6b4dc Explicitly set log object to r->connection->log in preaccess phase handler. Andrei Belov 2014-06-03 17:30:04 +04:00
  • 0276b34507 All ngx_log_debug() calls changed to ngx_log_debug0(). Andrei Belov 2014-06-02 11:48:54 +04:00
  • 94de8077cb Fixes in consequence of the rebase Felipe Zimmerle 2016-02-02 13:13:12 -03:00
  • 169e918a64 Small fix on the top of #950 to sanity check the variable before use it Felipe Zimmerle 2015-12-10 14:40:32 -03:00
  • 10bc802ee0 Use nginx's parsed hostname Ngo The Trung 2015-10-28 14:45:02 +08:00
  • 411dc15a4a Small fix on the top of the patch #950 Felipe Zimmerle 2015-12-10 14:39:02 -03:00
  • e76e912bab Passthrough the saved Response headers in the response Ramandeep Singh 2014-06-30 12:41:00 +05:30
  • 5f9c4d75e8 nginx: cosmetics: Splits lines longer than 80 characters Felipe Zimmerle 2014-04-30 11:06:21 -07:00
  • 523ac1093c nginx: copies the req body chain to be processed instead of move Felipe Zimmerle 2014-04-29 07:23:37 -07:00
  • d294e8f083 nginx: better dealing with chunked request body Felipe Zimmerle 2014-04-28 19:11:59 -07:00
  • a3433c3d17 nginx refactoring Felipe Zimmerle 2014-04-28 06:28:11 -07:00
  • fda20322fb Adds information about the issue #904 on the CHANGES file Felipe Zimmerle 2015-06-30 16:01:05 -03:00
  • 06ba734542 Fix issues with uploading files over 8K : #142, #582 and #830 Andrey Kolganov 2015-06-24 16:11:05 +01:00
  • d135f88254 Avoids segfault while running with proxy_pass Felipe Zimmerle 2015-03-21 11:50:48 -07:00
  • eb904c2666 Fix missing status_line when logging in nginx. Fabricio Oliveira 2015-02-25 15:10:10 -03:00
  • 005b42548a Allow non-zero Content-Length for HEAD requests Ramandeep 2014-08-08 13:45:12 +05:30
  • c226240df9 Passthrough the saved Response headers in the response Ramandeep Singh 2014-06-30 12:41:00 +05:30
  • 8907941f49 nginx: fixing fuzzyHash test case for nginx Felipe Zimmerle 2015-01-09 05:46:09 -08:00
  • 99a148f072 Obtain port from r->connection->local_sockaddr. Andrei Belov 2014-05-15 15:56:44 +04:00
  • 6ef8028720 Removed unneeded and invalid initialization. Andrei Belov 2014-05-14 14:45:24 +04:00
  • f7f3b32a27 Bugfix: add -P option in test script paulyang 2014-05-14 10:04:10 +08:00
  • 9de3bb6be7 niginx: cosmetics: Changes CRLF to LF Felipe Zimmerle 2014-04-30 11:25:04 -07:00
  • feaf4c512b nginx: cosmetics: Removes trailing whitespace Felipe Zimmerle 2014-04-30 11:09:03 -07:00
  • b1aed8d7c1 nginx: cosmetics: Splits lines longer than 80 characters Felipe Zimmerle 2014-04-30 11:06:21 -07:00
  • 0c8a5b2af0 nginx: copies the req body chain to be processed instead of move Felipe Zimmerle 2014-04-29 07:23:37 -07:00
  • ed8666d386 nginx: better dealing with chunked request body Felipe Zimmerle 2014-04-28 19:11:59 -07:00
  • 0b5f3e123c nginx: looking for segfaults on the regression test. Felipe Zimmerle 2014-04-28 11:54:23 -07:00
  • 9602fa4a44 nginx refactoring Felipe Zimmerle 2014-04-28 06:28:11 -07:00
  • ad0a29ea2f Adds information about the pull request #1060 on the CHANGES file Felipe Zimmerle 2016-01-29 13:44:04 -03:00
  • c5fd8c7cea This is fix for reborn of https://github.com/SpiderLabs/ModSecurity/issues/334 This bug has been reborn, because Apache (at least in RedHat/CentOS) since version 2.2.15-47 returns in same case APR_INCOMPLETE (not APR_EOF). Based on same patch I have added handler for APR_INCOMPLETE. root 2016-01-29 08:43:28 +00:00
  • eef2c03e64 Fixed broken link in readme #1059 Chaim Sanders 2016-02-01 11:16:13 -05:00
  • c131dcc93c Adds information about the pull request #914 on the CHANGES file Felipe Zimmerle 2016-01-29 13:27:30 -03:00
  • 374871e10e Updates to parse_modsec.pl Robert Paprocki 2015-12-07 22:15:28 -08:00
  • 2307a8b55b Add JSON log parse script Robert Paprocki 2015-12-04 16:43:24 -08:00
  • 8f8645f3d6 Whitespace fix for pull request Robert Paprocki 2015-11-11 08:17:59 -08:00
  • ddc25dbbaa Fix 'is_chained' value for final rule in chain Robert Paprocki 2015-11-10 15:54:42 -08:00
  • 5bc75ec871 Do not compile in JSON logging support if yajl is not found Robert Paprocki 2015-11-10 11:12:42 -08:00
  • 0c95a7a2cd Clean up JSON rule writer Robert Paprocki 2015-07-22 13:14:00 -07:00
  • 8559399ebd Update JSON structure for matched rules Robert Paprocki 2015-07-19 00:09:37 -07:00
  • 7a39b4b5b9 Make JSON audit logging a configurable option Robert Paprocki 2015-07-18 22:43:10 -07:00
  • dd79bea0b4 Additional updates for JSON logging Robert Paprocki 2015-07-16 15:33:52 -07:00
  • 7b2ca1617e first pass at JSON logging implementation Robert Paprocki 2015-07-15 13:57:02 -07:00
  • 12d2d4abc2 Documentation changes v2/exp/ModSecurity_for_Java mihaipitu 2013-09-27 22:03:00 +01:00
  • 1b5de94f3d BeanShell support Mihai Pitu 2013-09-18 17:49:14 +01:00
  • 28e6ad8963 BeanShell support Mihai Pitu 2013-09-18 17:48:12 +01:00
  • 90856f42b6 BeanShell support Mihai Pitu 2013-09-18 17:41:18 +01:00
  • 29f4bd15ea BeanShell support and documentation Mihai Pitu 2013-09-18 17:11:31 +01:00
  • e87b970dc5 Beanshell support Mihai Pitu 2013-09-17 23:14:36 +01:00
  • 963346246a config reload logic Mihai Pitu 2013-09-06 15:48:10 +03:00
  • 0619f6726e clean Mihai Pitu 2013-09-04 22:52:16 +03:00
  • a0781edba2 log messages fix Mihai Pitu 2013-09-04 22:49:57 +03:00
  • 8a0e3d0e9f Loader improvement & request wrapper fix Mihai Pitu 2013-08-28 17:54:24 +03:00
  • 5e98205ccc cleanup Mihai Pitu 2013-08-26 22:43:27 +03:00
  • 3c61493169 Servlet request improvements Mihai Pitu 2013-08-26 22:41:16 +03:00
  • c8e31c42f5 improved search directory for native libs Mihai Pitu 2013-08-25 00:08:49 +03:00
  • c0eee93dac clean Mihai Pitu 2013-08-25 00:06:20 +03:00
  • c822374ebc clean Mihai Pitu 2013-08-25 00:00:04 +03:00
  • 1df1614f1f makefile & help Mihai Pitu 2013-08-23 14:51:17 +03:00
  • 895ee4045e Revert "clea" Mihai Pitu 2013-08-23 14:32:25 +03:00
  • e90b6715ca clea Mihai Pitu 2013-08-23 14:15:15 +03:00
  • e193fdd698 clean Mihai Pitu 2013-08-23 14:06:38 +03:00
  • 3b92a030c7 merge upstream & update configs Mihai Pitu 2013-08-23 13:54:30 +03:00
  • 7ff4e465bf changes Mihai Pitu 2013-08-22 17:13:27 +03:00
  • 1a57192ff7 help notes Mihai Pitu 2013-08-22 15:08:26 +03:00