brectanus
|
c0c5d8d894
|
Removed extraneous symbols from dso via DSOLOCAL.
|
2007-05-03 16:17:42 +00:00 |
ivanr
|
fca9eabafe
|
Merged the PDF XSS protection functionality into ModSecurity.
|
2007-05-03 12:09:24 +00:00 |
brectanus
|
c559f3ee21
|
Change @eq to @streq. See #54.
|
2007-05-03 03:41:29 +00:00 |
brectanus
|
2aa6e61605
|
Exported API for registering custom variables. See #120.
Simple example in api/mod_var_remote_host_port.c
|
2007-05-03 03:26:30 +00:00 |
ivanr
|
fa13b02f7f
|
Updated the CHANGES file with the RESPONSE_* variable changes.
|
2007-05-02 11:23:21 +00:00 |
ivanr
|
e0a8602929
|
Added experiemental support for content injection.
|
2007-05-02 11:22:09 +00:00 |
brectanus
|
3f7fc7c758
|
Added string comparison operators: @contains, @is, @beginsWith and @endsWith with support for macro expansion. See #54.
|
2007-05-01 22:00:34 +00:00 |
brectanus
|
0a1610f850
|
More debug log enhancements - quote values to easier see whitespace.
|
2007-05-01 21:52:47 +00:00 |
brectanus
|
a3c3f25ae0
|
Fix macro expansion. See #118.
Fix some debug log output to escape NULs properly in preparation for #54.
Up version to prepare for 2.2.0 pre-releases.
|
2007-05-01 21:36:24 +00:00 |
brectanus
|
b93eef9db3
|
Added t:length to transform a value to its character length. See #55.
|
2007-05-01 15:59:52 +00:00 |
brectanus
|
5482606c37
|
Added t:trimLeft, t:trimRight, t:trim to remove whitespace from a value on the left, right or both. (see trac #117)
|
2007-05-01 15:55:35 +00:00 |
brectanus
|
d9a26780ab
|
Add SecAuditLog2 directive (trac #102)
|
2007-04-25 20:46:23 +00:00 |
brectanus
|
82fdc7cf3f
|
Format CHANGES to add space before '*'
|
2007-04-05 17:43:22 +00:00 |
brectanus
|
51a5418b4b
|
Update changes to reflect merges into 2.1.x branch
|
2007-04-05 15:13:22 +00:00 |
brectanus
|
00dcb2714f
|
Add the PCRE_DOLLAR_ENDONLY option when compiling regular expression for the @rx operator and variables. (trac #57)
|
2007-04-05 01:54:03 +00:00 |
brectanus
|
9e669fcc78
|
Better CHANGES entry. (trac #43)
|
2007-03-27 17:47:15 +00:00 |
brectanus
|
383119a147
|
Really set PCRE_DOTALL option when compiling the regular expression for the @rx operator as the docs state. (trac #51)
|
2007-03-27 17:22:35 +00:00 |
brectanus
|
f6de76b053
|
Removed CGI style HTTP_* variables in favor of REQUEST_HEADERS:Header-Name. (trac #23)
|
2007-03-27 17:18:21 +00:00 |
brectanus
|
485c664a42
|
Enhance debug log output for capturing to detect all regex/capture mismatches (trac #21).
|
2007-03-27 17:13:42 +00:00 |
brectanus
|
891859f9c5
|
Revert back to using captured regex execution as it seems to be more effecient as the ovector can be used for working space even if it is not used for captures.
Warn when captures are used in the regex, but "capture" not specified.
|
2007-03-27 15:32:53 +00:00 |
brectanus
|
4676132ed4
|
Add the file/line to the rule so we can use it in the debug log and eventually in the alerts.
|
2007-03-21 21:20:35 +00:00 |
brectanus
|
58afede3f3
|
Do not log 'allow' action as intercepted in the debug log.
|
2007-03-21 14:38:57 +00:00 |
brectanus
|
d1ada359dd
|
Optimize regex execution to not capture unless 'capture' action used.
|
2007-03-21 14:06:36 +00:00 |
brectanus
|
8876a03ab1
|
Recycle the mptmp pool (trac #43).
|
2007-03-20 22:09:04 +00:00 |
brectanus
|
bce096216e
|
Fixed collection variable name printing in debug log (trac #45)
|
2007-03-20 18:23:48 +00:00 |
brectanus
|
ab55a8716e
|
Fix potential memory corruption in msre_create_var_ex allocating per-request data out of global pool.
|
2007-03-08 16:15:45 +00:00 |
brectanus
|
4370819f7b
|
Fixed potential DIV0 when a collection var was fetched in the same second as creation
|
2007-03-07 15:56:22 +00:00 |
brectanus
|
4e02be6219
|
Fixed parsing of ASCIIZ for application/x-www-form-urlencoded forms
|
2007-03-06 16:14:54 +00:00 |
ivanr
|
8aeff06fc2
|
Fixed faulty REQUEST_FILENAME.
|
2007-03-01 12:17:17 +00:00 |
brectanus
|
f4fb4ed4f6
|
Updates to quiet some compiler warnings.
|
2007-03-01 11:49:56 +00:00 |
brectanus
|
79d232ccff
|
Fixed some casting issues for compiling on NetWare (Guenter Knauf).
|
2007-03-01 11:34:13 +00:00 |
ivanr
|
3e95d3c347
|
Changed version number to 2.1.0.
|
2007-02-22 13:20:17 +00:00 |
ivanr
|
f9999c440c
|
Downgraded 'Connection reset by peer' from ERROR to NOTICE, as it has nothing to do with us.
|
2007-02-22 12:14:10 +00:00 |
ivanr
|
6c5d19ed84
|
Removed the (harmless) message mentioning LAST_UPDATE_TIME missing.
|
2007-02-22 11:40:48 +00:00 |
ivanr
|
8eb0aa7e4a
|
Updated fix message.
|
2007-02-22 10:52:49 +00:00 |
ivanr
|
f807697e3d
|
SecRuleRemoveById was unable to remove a phase 4 rule.
|
2007-02-22 10:44:01 +00:00 |
ivanr
|
3f80fdac3b
|
Import ModSecurity 2.1.0-rc7
|
2007-02-06 12:29:22 +00:00 |