From 8d74343f899aeb35c822a65863f046a2dddf84ac Mon Sep 17 00:00:00 2001
From: Marc Stern <marc.stern@approach.be>
Date: Wed, 17 Feb 2016 13:50:39 +0100
Subject: [PATCH] Updated Ideas for Google Summer of Code 2016 (markdown)

---
 Ideas-for-Google-Summer-of-Code-2016.md | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/Ideas-for-Google-Summer-of-Code-2016.md b/Ideas-for-Google-Summer-of-Code-2016.md
index 38e21e7..4e217e5 100644
--- a/Ideas-for-Google-Summer-of-Code-2016.md
+++ b/Ideas-for-Google-Summer-of-Code-2016.md
@@ -56,4 +56,15 @@ https://github.com/SpiderLabs/ModSecurity-nginx"
 ###ModSecurity transformation functions: allow parameters  
 **Brief explanation:** Currently, transformations cannot use parameters. This would allow more flexibility.  
 **Expected results:** Support parameters  
-**Example:** t:encrypt(%{TX.mykey}%)  
\ No newline at end of file
+t:encrypt(%{TX.mykey}%)  
+
+
+###ModSecurity sub-phases
+**Brief explanation:** ModSecurity supports real phases 1-4 and the 'virtual' one 5. Having intermediate virtual phases, like phase:2.2, would allow to order rules inside a real phase. This is especially useful for configurations integrating rules provided, for example, by a hoster and customs ones.   
+**Expected results:** Rules will be ordered, inside a phase, not only based on their occurence but also based on their sub-phase.  
+**Example:**  
+- SecRule ... phase:2.6,id:1  
+- SecRule ... phase:2,id:2  
+- SecRule ... phase:2.3,id:3  
+Execution order: 2, 3, 1  
+**References:** https://github.com/SpiderLabs/ModSecurity/issues/371
\ No newline at end of file