github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-10 02:04:36 +03:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • d044c7aaec Removed some extra comments Chaim Sanders 2015-09-25 00:30:59 -04:00
  • 2c39f83b5f Fix the regression test regexp validation Felipe Zimmerle 2015-09-24 12:33:37 -07:00
  • f93c0de940 Disable NO_LOGS by default Felipe Zimmerle 2015-09-24 08:44:33 -07:00
  • 076a02951c Huge performance improvement: passing variables as pointers avoiding copies Felipe Zimmerle 2015-09-18 20:21:12 -03:00
  • 2451bf05d7 Using pcre (with JIT) instead of pcrecpp Felipe Zimmerle 2015-09-17 19:26:44 -03:00
  • ed86c24df6 Adds checks for the NO_LOGS definition and improved the vars resolution time Felipe Zimmerle 2015-09-17 17:41:38 -03:00
  • 3e067e7409 Core is now ready to deal with SecRulesEngine set to Off Felipe Zimmerle 2015-09-17 10:59:56 -03:00
  • 11e1a67d58 Fix disruptive action flow while RuleEngine is in DetectionOnly Felipe Zimmerle 2015-09-17 10:49:12 -03:00
  • 490ad23e41 Uses macro expansion before apply redirect action Felipe Zimmerle 2015-09-17 09:30:39 -03:00
  • 90df21bbb1 Removes the \' from setvar before name the collections Felipe Zimmerle 2015-09-17 09:29:55 -03:00
  • d0c215d78b Adds support for the server log integration Felipe Zimmerle 2015-09-17 09:01:52 -03:00
  • 5228b685bf Fix disruptive actions execution Felipe Zimmerle 2015-09-16 19:42:26 -03:00
  • 081fe235ad Cosmetic: fix variable-REQUEST_BODY.json format Felipe Zimmerle 2015-09-16 18:11:43 -03:00
  • 6782fd0989 Cosmetic: Makes the parser error more verbose on the regression tests Felipe Zimmerle 2015-09-16 15:42:59 -03:00
  • 5b18db779e Makes multipart debug messages goes over modsec debug log not stdout Felipe Zimmerle 2015-09-16 15:24:01 -03:00
  • a52a3a71ed Fix some regression tests to fit the most recent changes Felipe Zimmerle 2015-09-16 15:17:11 -03:00
  • 639ccf7ddc Fix the rule execution debug log, so that tests won't complain Felipe Zimmerle 2015-09-16 15:16:04 -03:00
  • 7f747d1dd0 Fix multipart parser in crlf blobs Felipe Zimmerle 2015-09-16 15:01:53 -03:00
  • c8f91ca856 Adds expected results when a regression test failed due to unexpected debug logs Felipe Zimmerle 2015-09-16 15:00:16 -03:00
  • e88d2120fb Including space in the list of readable characters for debuglog Felipe Zimmerle 2015-09-16 14:25:03 -03:00
  • 7a468a8fbe Cosmetic: Prints regression test results in a better shape Felipe Zimmerle 2015-09-16 13:35:30 -03:00
  • 9d60dc6df8 Adds macro expansion for all operators Felipe Zimmerle 2015-09-16 11:25:07 -03:00
  • 320bcde89e Adds rule number to the debug logs and printing expaded variables Felipe Zimmerle 2015-09-16 11:24:15 -03:00
  • 4bf7f7a44c Adds 'expandKeepOriginal' method to macro expansion class Felipe Zimmerle 2015-09-16 11:22:57 -03:00
  • c425b24ffb Extends redirect action to support url without quotes Felipe Zimmerle 2015-09-15 18:25:15 -03:00
  • 530b158315 Adds scripts to call the tests using valgrind Felipe Zimmerle 2015-09-15 16:48:26 -03:00
  • b1e845211c Limits the variable size into the debuglogs and print it in hex if needed Felipe Zimmerle 2015-09-15 16:09:44 -03:00
  • 8772daec4d Adds functions limitTo and toHexIfNeed into utils.cc Felipe Zimmerle 2015-09-15 16:07:03 -03:00
  • 97214edf6e Fix multipart parser on binary content Felipe Zimmerle 2015-09-15 16:06:15 -03:00
  • 23d843259d Fix rule.h include on modsecurity.cc and seclang-parser.yy Felipe Zimmerle 2015-09-15 16:05:29 -03:00
  • a0a2d2c77e Adds support to read request body from a file Felipe Zimmerle 2015-09-15 16:04:27 -03:00
  • 140a62a2b5 Changes rule_id to long in order to have it visible by systemtap Felipe Zimmerle 2015-09-11 12:41:36 -03:00
  • 2a8f45b895 Adds transformations removeComments and replaceComments to the seclang parsers Felipe Zimmerle 2015-09-11 12:41:09 -03:00
  • 3c53869915 Adds transformation normalisePath to seclang parser Felipe Zimmerle 2015-09-09 22:55:04 -03:00
  • 92563da930 Adds t:utf8toUnicode and variable XML to the seclang parser Felipe Zimmerle 2015-09-09 22:51:19 -03:00
  • 736183b7f1 Adds ctl:forceRequestBodyVariable to the seclang parser Felipe Zimmerle 2015-09-09 22:43:18 -03:00
  • 4095ae7b52 Adds action accuracy to the parser Felipe Zimmerle 2015-09-09 22:26:35 -03:00
  • 1079b5ba54 Adds action maturity to the parser Felipe Zimmerle 2015-09-09 22:19:07 -03:00
  • 09651baf9a Adds action ver to the seclang parser Felipe Zimmerle 2015-09-09 22:10:45 -03:00
  • 254b29265e Adds action expirevar to the parser and fix the line counting Felipe Zimmerle 2015-09-09 18:31:37 -03:00
  • ee8b886371 Adds parser support to ctl:[auditEngine|ruleEngine] Felipe Zimmerle 2015-09-09 17:39:54 -03:00
  • ec6a5a0cd2 Adds support to t:sha1 and t:hexEncode at seclang parser Felipe Zimmerle 2015-09-09 17:13:07 -03:00
  • d1fa2cfa7b Parser: Fix redirect action and adds SecRule first line-only comment syle Felipe Zimmerle 2015-09-09 15:04:42 -03:00
  • 5c3a4b608d Adds support to SecMarker and skipAfter Felipe Zimmerle 2015-09-04 17:36:57 -03:00
  • b048794f4e Adds support to unconditional rules Felipe Zimmerle 2015-09-04 14:52:18 -03:00
  • 4e8bb276b8 Fixing compilation problem on newer versions of gcc (Fedora 22+) Chaim Sanders 2015-09-03 14:55:42 -04:00
  • 010c18f63f Adds support to SecDefaultAction configuration directive Felipe Zimmerle 2015-09-04 10:55:20 -03:00
  • f2ed890ea6 Now accept SecRules regardless of the letter case Felipe Zimmerle 2015-09-03 11:06:51 -03:00
  • 8675383c0d Updated build instructions for Fedora Chaim Sanders 2015-09-01 12:15:45 -04:00
  • 9a0c9d4938 Updated build instructions for Fedora Chaim Sanders 2015-09-01 12:14:16 -04:00
  • 84eba7ad1a Updated build instructions for Fedora Chaim Sanders 2015-09-01 12:12:40 -04:00
  • 9cd9f7f11e Updated readme to reflect required Fedora packages Chaim Sanders 2015-08-31 20:18:18 -04:00
  • d963e2dc23 Updated readme to reflect required Fedora packages Chaim Sanders 2015-08-31 20:17:31 -04:00
  • 3cd54e753d Updated readme to reflect required Fedora packages Chaim Sanders 2015-08-31 20:16:12 -04:00
  • 7afd93196d Adds contains to the list of operators compatibles with the capture action Felipe Zimmerle 2015-09-02 22:59:05 -03:00
  • 3de845fac1 Fix macro expansion string replacement Felipe Zimmerle 2015-09-02 22:56:15 -03:00
  • 45d81e1c04 Adds sanity check to the rule id action Felipe Zimmerle 2015-09-02 19:19:19 -03:00
  • 6ab88472b1 Adds a simple regression test for the operator @rx Felipe Zimmerle 2015-09-02 18:50:19 -03:00
  • a63aa50f1b Changes the default operator to be @rx not @pm Felipe Zimmerle 2015-09-02 16:12:02 -03:00
  • ea4cd53221 Accepts phases with its name instead of a number Felipe Zimmerle 2015-09-02 15:17:47 -03:00
  • 035040cd13 Adds sanity check to confirm that the rule has an ID and it is not duplicated Felipe Zimmerle 2015-09-02 10:03:22 -03:00
  • aae8036c0c Cosmetics: Fix debug log message Felipe Zimmerle 2015-09-01 17:32:32 -03:00
  • 5d24b237bd Fix default parts to be logged on audit logs Felipe Zimmerle 2015-09-01 15:41:30 -03:00
  • fa4f72d90d Adds support to ctl:auditLogParts variation Felipe Zimmerle 2015-09-01 15:17:53 -03:00
  • e89e395a32 Fix various minor issues on the auditlog schema Felipe Zimmerle 2015-08-27 17:50:42 -03:00
  • 24b7d72666 DebugLogs are now being redirected to the correct files Felipe Zimmerle 2015-08-27 01:27:34 -03:00
  • 01542e28c3 Allows blank line (or line with space) at the end of a rules file Felipe Zimmerle 2015-08-25 15:49:32 -03:00
  • e76af0eab9 Correctly handling nginx configuration merge Felipe Zimmerle 2015-08-25 15:06:00 -03:00
  • 004ef066ed Fix rules chain and action execution Felipe Zimmerle 2015-08-25 13:44:20 -03:00
  • f2da6bb81d Fix the ruturn value while loading the rules Felipe Zimmerle 2015-08-25 10:01:34 -03:00
  • c586ba0178 Removes an unused state from the seclang parser Felipe Zimmerle 2015-08-25 08:15:27 -03:00
  • 15893e312b Fix regression test and example: checking if rules are loaded ok Felipe Zimmerle 2015-08-25 07:31:27 -03:00
  • e94226f1d8 Fix some build issues Felipe Zimmerle 2015-08-25 00:11:49 -03:00
  • fd8578351d Fix segmentation fault in the regression tests Felipe Zimmerle 2015-08-25 00:24:28 -03:00
  • a168502717 Adds missing file Felipe Zimmerle 2015-08-24 11:17:11 -03:00
  • 1065e297b2 Fix several minor issues on the seclang grammar Felipe Zimmerle 2015-08-22 11:06:28 -03:00
  • e78d7f5b91 Makes the parser understand some missing configuration directives Felipe Zimmerle 2015-08-20 13:04:54 -03:00
  • a453a656c3 Fix continuation line and VARIABLENOCOLON Felipe Zimmerle 2015-08-19 23:12:34 -03:00
  • 0b225f0239 Parser: adds support to SecRequestBodyInMemoryLimit Felipe Zimmerle 2015-08-19 22:42:46 -03:00
  • 2d56aa521b Cosmetics: fix actions on yy file Felipe Zimmerle 2015-08-19 22:33:48 -03:00
  • a230a4ff3c parser: Adds support for continuation lines Felipe Zimmerle 2015-08-19 17:20:43 -03:00
  • ef99615401 parser: Understanding @pm if no operator is provided Felipe Zimmerle 2015-08-19 16:52:45 -03:00
  • 101fddfc9b Extends DICT_ELEMENT to support "-" Felipe Zimmerle 2015-08-18 22:19:32 -03:00
  • d5bf955028 Using DetectionOnly instead of DetectOnly Felipe Zimmerle 2015-08-18 22:16:38 -03:00
  • b7fb65fe65 seclanguage: ignore lines starting with "#" Felipe Zimmerle 2015-08-18 22:10:55 -03:00
  • cff74e7cea Fix ValidateUrlEncoding corner case Felipe Zimmerle 2015-08-14 00:40:44 -03:00
  • 1de6d07dfd Adds support to the @detectSQLi operator Felipe Zimmerle 2015-08-13 23:33:57 -03:00
  • 4baee88eb3 Adds support to the @detectXSS operator Felipe Zimmerle 2015-08-13 18:50:57 -03:00
  • f0535ae11b Adds libinjection repo as submodule Felipe Zimmerle 2015-08-13 17:10:01 -03:00
  • ad65a1abea Adds @noMatch operator Felipe Zimmerle 2015-08-13 16:42:47 -03:00
  • 73c6c8cf7c build: searching for pcre/geoip on /opt/local directory Felipe Zimmerle 2015-08-12 23:03:11 -03:00
  • d5fe21ce3c Code cosmetics: reduce the amount of cppcheck warnings Felipe Zimmerle 2015-08-12 15:22:00 -03:00
  • 21400ba454 Adds support to the @verifyCC operator Felipe Zimmerle 2015-08-12 13:14:16 -03:00
  • 1b0a918330 Adds support to the @validateUrlEncoding operator Felipe Zimmerle 2015-08-11 18:01:39 -03:00
  • b325834f1e Disables c++11 mutex, until we have a better approach Felipe Zimmerle 2015-08-11 16:05:06 -03:00
  • ac2f0bfd08 Cosmetic: avoiding warning by including full path instead of file.h Felipe Zimmerle 2015-08-11 16:01:17 -03:00
  • 2ff0a44df2 Eliminates the sec language grammar shift-reduce problem Felipe Zimmerle 2015-08-11 15:57:35 -03:00
  • a324ff9317 Fix validate byte range table initizliation Felipe Zimmerle 2015-08-11 15:34:14 -03:00
  • 187be64edf Fix operator instantiation/selection Felipe Zimmerle 2015-08-11 14:53:04 -03:00
  • 9a7506f9e9 Adds support to the beginsWith operator Felipe Zimmerle 2015-08-11 13:50:37 -03:00