github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2026-01-16 08:27:10 +03:00
Code Issues Packages Projects Releases Wiki Activity

Updated Reference Manual (v2.x) (mediawiki)

martinhsv
2021-11-24 13:32:04 -05:00
parent 7474efb355
commit b402932821
1 changed files with 17 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
Reference-Manual-(v2.x).mediawiki

@@ -1237,6 +1237,23 @@ When a multipart/form-data request is being processed, once the in-memory limit
; Note : libModSecurity is able to deal with request body in a file or in a buffer (chunked or not). Web servers have properties which controls whenever a request should be saved to a file or used as a buffer (e.g. client_body_buffer_size [https://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_buffer_size]) . If it is a file, ModSecurity will use the file to perform the inspection. If not, the buffer will be used. ; Note : libModSecurity is able to deal with request body in a file or in a buffer (chunked or not). Web servers have properties which controls whenever a request should be saved to a file or used as a buffer (e.g. client_body_buffer_size [https://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_buffer_size]) . If it is a file, ModSecurity will use the file to perform the inspection. If not, the buffer will be used.
== SecRequestBodyJsonDepthLimit ==
'''Description:''' Configures the maximum parsing depth that allowed when parsing a JSON object.
'''Syntax:''' <code>SecRequestBodyJsonDepthLimit LIMIT </code>
'''Example Usage:''' <code>SecRequestBodyJsonDepthLimit 5000 </code>
'''Scope:''' Any
'''Version:''' 2.9.5- , 3.0.6-
'''Supported on libModSecurity:''' Yes - as of 3.0.6
'''Default:''' 10000
During parsing of a JSON object, if nesting exceeds the configured depth limit then parsing will halt and REQBODY_ERROR will be set.
== SecRequestBodyLimit == == SecRequestBodyLimit ==
'''Description:''' Configures the maximum request body size ModSecurity will accept for buffering. '''Description:''' Configures the maximum request body size ModSecurity will accept for buffering.