github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2026-01-02 22:54:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Aug 08 2025 dev (#336)

Browse Source 
* sync code

* sync code

* sync code

---------

Co-authored-by: Ned Wright <nedwright@proton.me>
This commit is contained in:
Daniel-Eisenberg
2025-08-10 13:21:52 +03:00
committed by GitHub
parent dd19bf6158
commit 6bbc89712a
153 changed files with 4864 additions and 1018 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
components/security_apps/waap/waap_clib/Waf2Util.h
View File

@@ -230,7 +230,7 @@ _IT escape_backslashes(_IT first, _IT last) {
_IT src = first;
_IT dst = first;
_IT mark = first;
enum { STATE_COPY, STATE_ESCAPE, STATE_OCTAL, STATE_HEX } state = STATE_COPY;
unsigned char accVal = 0;
unsigned char digitsCount = 0;
@@ -1137,6 +1137,8 @@ namespace Util {
bool containsInvalidUtf8(const std::string &payload);
bool containsPercentEncoding(const std::string &payload);
// based on invalid utf-8 evasion from here: https://www.cgisecurity.com/lib/URLEmbeddedAttacks.html
std::string unescapeInvalidUtf8(const std::string &text);
@@ -1145,6 +1147,8 @@ namespace Util {
bool containsCspReportPolicy(const std::string &payload);
bool testNoSQLKeySuspect(const std::string &key);
bool testUrlBareUtf8Evasion(const std::string &line);
bool testUrlBadUtf8Evasion(const std::string &line);