From 71df07c4040d9dbdf0092a3e6ebffce4589b0215 Mon Sep 17 00:00:00 2001 From: Victor Hora Date: Thu, 27 Jul 2017 20:16:44 -0700 Subject: [PATCH] Revert f05011dc4f3614cdfc9310391b1275243b398639...f28112c38c487f1d241f2109d3b4c29d6d8f8280 on Reference Manual --- Reference-Manual.mediawiki | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Reference-Manual.mediawiki b/Reference-Manual.mediawiki index dbbcdd5..591bc20 100644 --- a/Reference-Manual.mediawiki +++ b/Reference-Manual.mediawiki @@ -2462,6 +2462,8 @@ Contains the status of the request body processor used for request body parsing. ; Note : Your policies must have a rule to check for request body processor errors at the very beginning of phase 2. Failure to do so will leave the door open for impedance mismatch attacks. It is possible, for example, that a payload that cannot be parsed by ModSecurity can be successfully parsed by more tolerant parser operating in the application. If your policy dictates blocking, then you should reject the request if error is detected. When operating in detection-only mode, your rule should alert with high severity when request body processing fails. +; Related issues: #1475 + == REQBODY_ERROR_MSG == If there’s been an error during request body parsing, the variable will contain the following error message: