github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-08 17:28:31 +03:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 3c259f83b7 Tag 2.1.3-rc1. v2.1.3-rc1 brectanus 2007-08-10 16:37:35 +00:00
  • 765eab5630 Removed extraneous line in CHANGES. brectanus 2007-08-10 16:04:15 +00:00
  • 28d44486e3 Fixed data corruption in the multipart parser. ivanr 2007-08-10 15:59:54 +00:00
  • 855e75c12a Fixed data corruption in the multipart parser. ivanr 2007-08-10 15:59:54 +00:00
  • a6ad6b2ec1 Update CHANGES for upcoming 2.1.3-rc1 release. brectanus 2007-08-10 15:55:28 +00:00
  • af5c895d53 Do not intercept internal redirect error documents. brectanus 2007-08-10 15:50:11 +00:00
  • a9703a0559 Backport multipart changes to 2.1.x. ivanr 2007-08-10 15:17:32 +00:00
  • 222f1f6f78 Cleanup. MULTIPART_STRICT_ERROR now returns 1 on parsing error too. ivanr 2007-08-10 15:04:42 +00:00
  • 323f9f81a0 Better discovery of partial quoting evasion. ivanr 2007-08-10 14:51:55 +00:00
  • bd3845a62b Added ability to compile without API. See #198. brectanus 2007-08-10 14:47:48 +00:00
  • b1949b7ebc Another check for evasion through partial quoting of multipart boundary. ivanr 2007-08-10 14:40:22 +00:00
  • d0ac05c3ea Add check for evasion using double quote inside multipart boundary. ivanr 2007-08-10 14:37:04 +00:00
  • 25fb1b2629 Moved XML request body processor error to debug level 1. ivanr 2007-08-10 14:25:44 +00:00
  • 5898e9e116 Fixed a potential segmentation fault, introduced with recent changes. ivanr 2007-08-10 14:24:13 +00:00
  • 7c856eef1f Fix typo and make clearer the intent by using defined(). See #198. brectanus 2007-08-10 13:44:55 +00:00
  • e64ac265f4 Prepare branches for next release. brectanus 2007-08-10 12:56:01 +00:00
  • 716d0fd419 Added a check for nul bytes in multipart part headers. ivanr 2007-08-10 10:17:36 +00:00
  • c85773b343 Added MULTIPART_UNMATCHED_BOUNDARY. Not very reliable, as it detects anything that looks like a boundary, which means any line that begins with -- but we don't think it's a boundary. ivanr 2007-08-10 09:59:57 +00:00
  • 70324713e4 Added checks to detect quoted boundary evasion (although we are not susceptable any more) and to detect duplicate final bounary. ivanr 2007-08-10 08:36:24 +00:00
  • 32905f9d46 Add ability to compile without API support (-DNO_MODSEC_API). See #198. brectanus 2007-08-10 00:46:04 +00:00
  • f4389c9a55 Update docs and CHANGES for logdata action. brectanus 2007-08-10 00:44:20 +00:00
  • 8f6385f784 Added logdata action (still needs byte limit). See #40. brectanus 2007-08-10 00:22:15 +00:00
  • 765dfd0274 Fixed typo. ivanr 2007-08-09 15:30:47 +00:00
  • 9cfdd8f0d2 Rename TX_SEVERITY to HIGHEST_SEVERITY, fix and document. brectanus 2007-08-09 14:32:02 +00:00
  • b71687c7f7 Add ARGS_GET* and ARGS_POST docs. brectanus 2007-08-09 13:26:19 +00:00
  • c520886e10 Detect and prevent multipart evasion. ivanr 2007-08-09 10:50:53 +00:00
  • cb0cb93752 Sorted variables in the registration code. ivanr 2007-08-09 10:17:42 +00:00
  • 648037fdb5 Added TX_SEVERITY variable. See #60. brectanus 2007-08-08 22:11:02 +00:00
  • d2fd881c00 Fix typo in CHANGES. brectanus 2007-08-08 20:53:00 +00:00
  • f41c27a28c Added ARGS_GET, ARGS_POST, ARGS_GET_NAME, ARGS_POST_NAMES variables. See #136. brectanus 2007-08-08 20:49:51 +00:00
  • fe8c564ed0 Added MODSEC_BUILD variable. See #38. brectanus 2007-08-08 18:25:03 +00:00
  • 2ec596e83a Fix error message in validateByteRange to include the target variable name. See #157. brectanus 2007-08-08 15:16:26 +00:00
  • 5a6ce01429 Added logging of target variable expansion. See #62. brectanus 2007-08-08 14:48:49 +00:00
  • 820ba5f1d2 Add debug message when not buffering response body due to MIME type not configured. See trac #63. brectanus 2007-08-06 20:51:21 +00:00
  • 892938dee4 Enhanced multipart parsing to support quotted boundaries and LF line terminators (RFC demands CRLF but some applications use only LF). ivanr 2007-08-06 14:55:18 +00:00
  • 9695f2b816 Improvements in transformation cache (add options, document). Update CHANGES. brectanus 2007-08-03 20:25:30 +00:00
  • 43f7fa72f5 Remove non-ASCII characters. brectanus 2007-08-02 21:20:32 +00:00
  • 1a851c681c Retag 2.1.2 with minor doc changes. v2.1.2 brectanus 2007-08-02 21:16:16 +00:00
  • f02349263a Remove non-ASCII chars. brectanus 2007-08-02 21:14:49 +00:00
  • 1f1635cf0d Retag 2.1.2 with some doc changes. brectanus 2007-08-02 21:01:46 +00:00
  • 42edcab6ab Updated CHANGES. brectanus 2007-08-02 21:01:07 +00:00
  • fc0e9cca90 Revert accidental change of Makefile from r482 to r160. v2.1.1 brectanus 2007-08-02 20:58:35 +00:00
  • ef18b862d6 Remove 2.1.2 tag to be replaced with some more doc changes. brectanus 2007-08-02 20:54:25 +00:00
  • 2b3aeb93ba Merge in trunk doc cleanup changes. brectanus 2007-08-02 20:53:40 +00:00
  • b761c1c01c Merge in some doc changes. Fix some doc formatting issues. Update the CHANGES file. brectanus 2007-08-02 20:40:37 +00:00
  • 72832c1b32 Working on cache enhancements. See trac #14. brectanus 2007-08-02 20:25:06 +00:00
  • c5d69ff5e7 Tag 2.1.2. brectanus 2007-07-31 19:08:30 +00:00
  • 3e5e2a06b7 Stricter validation for @validateUtf8Encoding. Capture the match in TX:0 when using "capture" action w/@pm operators. brectanus 2007-07-31 19:04:07 +00:00
  • 5a38dde99b Disable XML parsing by default in the included core rules. brectanus 2007-07-30 15:34:46 +00:00
  • a4196561e7 Disable XML parsing by default in included core rules. brectanus 2007-07-30 15:29:00 +00:00
  • c9c1cf1264 Cleaned up some code to make the intent clearer. brectanus 2007-07-27 15:30:25 +00:00
  • 94294fad0f Remove old comment. ivanr 2007-07-27 13:31:31 +00:00
  • bafe8ad773 Remove old comment. ivanr 2007-07-27 13:31:31 +00:00
  • 1bb59208e5 Remove old comment. ivanr 2007-07-27 13:31:31 +00:00
  • 3277095d98 Updated README files to refer to GPLv2. ivanr 2007-07-27 12:45:09 +00:00
  • 31f119664f Updated README files to refer to GPLv2. ivanr 2007-07-27 12:45:09 +00:00
  • ce3741854b Updated README files to refer to GPLv2. ivanr 2007-07-27 12:45:09 +00:00
  • b4ea83dc6f Emphasize the need to check REQBODY_PROCESSOR_ERROR in configuration example. ivanr 2007-07-27 12:38:54 +00:00
  • 3facacf92a Emphasize the need to check REQBODY_PROCESSOR_ERROR in configuration example. ivanr 2007-07-27 12:38:54 +00:00
  • 80b2e6bc4b Emphasize the need to check REQBODY_PROCESSOR_ERROR in configuration example. ivanr 2007-07-27 12:38:54 +00:00
  • 73706c8bc6 Update documentation to emphasize the importance of REQBODY_PROCESSOR_ERROR handling. ivanr 2007-07-27 12:31:19 +00:00
  • 9d9b3e2975 Update documentation to emphasize the importance of REQBODY_PROCESSOR_ERROR handling. ivanr 2007-07-27 12:31:19 +00:00
  • b48c6c76ae Prepare CHANGES for 2.1.2 release. brectanus 2007-07-26 19:09:52 +00:00
  • e405631d78 Update to core rules 1.4.3. Update version to prepare for 2.1.2 final release. brectanus 2007-07-25 19:30:48 +00:00
  • b1afe754e7 Tag 2.1.2-rc3. v2.1.2-rc3 brectanus 2007-07-24 17:25:51 +00:00
  • 08300020d3 Upped versions to 2.1.2-rc3. brectanus 2007-07-24 17:24:58 +00:00
  • 8b9d914ed0 Merge in code fixes to create msr context on request failure. brectanus 2007-07-23 22:14:09 +00:00
  • 7de4290389 Update code to create msr context on request failure. brectanus 2007-07-23 22:00:17 +00:00
  • 5f6c846efd Tag 2.1.2-rc2 v2.1.2-rc2 brectanus 2007-07-19 18:18:35 +00:00
  • 798b414b4d Update doc version to 2.1.2-rc2 brectanus 2007-07-19 18:18:15 +00:00
  • f15d9e0f23 Added ability to audit failed request. Prepare for 2.1.2-rc2. brectanus 2007-07-19 18:16:51 +00:00
  • 4d03b029f1 Remove the error message on a failed request so we can handle it in a pater phase. brectanus 2007-07-19 14:45:43 +00:00
  • 9be72c39d1 Update to core rules 1.4.3 brectanus 2007-07-19 14:18:42 +00:00
  • e251a9bd57 Add back code to send an alert on request failure. brectanus 2007-07-19 13:33:46 +00:00
  • 656021c20e Fix typo. ivanr 2007-07-17 09:01:13 +00:00
  • bff23e3eba Updated the rule IDs documentation (reserved ranges). ivanr 2007-07-17 08:58:35 +00:00
  • 96edb02fe8 Updated documentation to specify libxml is no longer optional. ivanr 2007-07-09 15:40:07 +00:00
  • 90fc9a2070 Added Cygwin to the list of platforms not supporting the hidden visibility attribute. brectanus 2007-07-02 15:25:33 +00:00
  • 60ed4bb2e8 Update LICENSE removing part that is not the licence (but can cause confusion). ivanr 2007-07-02 15:22:37 +00:00
  • 881e8e66c2 Update LICENSE removing part that is not the licence (but can cause confusion). ivanr 2007-07-02 15:22:37 +00:00
  • 3d2c0586aa Update LICENSE removing part that is not the licence (but can cause confusion). ivanr 2007-07-02 15:22:37 +00:00
  • cffe26eaf5 Added Cygwin to the list of platforms not supporting the hidden visibility attribute. brectanus 2007-07-02 15:05:00 +00:00
  • 7fbf664ec8 Added cygwin to list of compilers that do not support hidden visibility attribute. brectanus 2007-07-02 14:49:56 +00:00
  • 7a47973e15 Update msr->r to the current r whenever we receive control from Apache. ivanr 2007-07-02 14:06:04 +00:00
  • 8cd8f42d24 Clarified which variables are URL-decoded and which aren't. ivanr 2007-07-02 13:56:13 +00:00
  • c4d8196739 Fixed typo. ivanr 2007-06-29 23:24:46 +00:00
  • f19622b04b Clarified that we are a GPLv2-only project. ivanr 2007-06-29 23:23:00 +00:00
  • 2d80689ac4 Clarified that we are a GPLv2-only project. ivanr 2007-06-29 23:23:00 +00:00
  • 129a5ab252 Reserved a rule ID range for ScallyWack. ivanr 2007-06-29 08:24:33 +00:00
  • 530c8ea02e Remove duplicate entries in CHANGES cause by bad svn merge. brectanus 2007-06-28 13:25:37 +00:00
  • 1e03b47cb0 Update CHANGES date. brectanus 2007-06-28 02:01:25 +00:00
  • 4a5649e601 Tag 2.5.0-dev2 v2.5.0-dev2 brectanus 2007-06-21 17:22:03 +00:00
  • 5a94aede33 Merge in trunk changes for 2.5.0-dev2. brectanus 2007-06-21 15:46:22 +00:00
  • 698955aae1 Update changes to reflect the 2.2 -> 2.5 change. brectanus 2007-06-21 15:45:21 +00:00
  • 8dea31635c Update @within docs according to Ofer's comments. See #134. brectanus 2007-06-21 14:09:13 +00:00
  • 19887f9cc6 Added @within string comparison operator with support for macro expansion. See #134. brectanus 2007-06-21 02:21:06 +00:00
  • b58efb3466 Update CHANGES. Reversion from 2.2. to 2.5. Update @pmFromFile to base relative filenames off of rule file path. brectanus 2007-06-20 19:58:01 +00:00
  • 2e3a2da9e1 Reversion 2.2 to 2.5. brectanus 2007-06-20 14:51:28 +00:00
  • de739c60c0 Updated documentation for RESPONSE_CONTENT_TYPE and RESPONSE_CONTENT_LENGTH. ivanr 2007-06-20 11:17:07 +00:00
  • 8de8e44e09 Removed RESPONSE_CONTENT_ENCODING, which never worked as intended. ivanr 2007-06-20 11:10:47 +00:00