microsoft
/
ModSecurity
зеркало из https://github.com/microsoft/ModSecurity.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
259 коммитов 149 Ветки 113 Теги 136 MiB
Граф коммитов

100 Коммитов

Автор SHA1 Сообщение Дата
brectanus 54cac6461b Add IS_NEW and IS_EXPIRED collection variables. See #345. 2007-12-12 22:52:08 +00:00
brectanus 715a8eae58 Implement SecMarker. See #416. 2007-12-11 17:53:50 +00:00
brectanus a6c2d867f4 Improvements to audit logging matching rules. See #93. 2007-11-30 21:31:12 +00:00
brectanus dcdce0cbc5 Added matching rules to audit log data. See #93. 2007-11-30 00:52:21 +00:00
ivanr ff12e6f1c0 Remove comment that is not needed. 2007-11-29 18:10:54 +00:00
ivanr 526bcc0b5a More informative change log message for fixing utf-8 validation. 2007-11-29 14:50:54 +00:00
ivanr c5c759d6f0 Forgot to update CHANGES. 2007-11-29 14:03:05 +00:00
ivanr 575e86388a Implemented SecRequestBodyNoFilesLimit (#103). 2007-11-29 11:41:48 +00:00
ivanr 4a08d7e6bf Handle out-of-disk-space conditions gracefully when writing to audit log. 2007-11-27 10:52:14 +00:00
brectanus 1860e2a35e Renamed SecGeoLookupsDb to SecGeoLookupDB. 2007-11-26 17:04:42 +00:00
ivanr 6ca5b831fb Document SecComponentSignature. Update CHANGES. 2007-11-26 16:22:33 +00:00
brectanus e45ea12fc8 Fix warnings on Solaris and/or 64bit builds. 2007-11-02 22:31:47 +00:00
brectanus 8e99090067 Add the input filter if we have read the body (even if a sub-request). See #335. 2007-10-17 22:41:37 +00:00
brectanus 9d49adf028 Basic implementation of skipAfter (still need to implement placeholders so it works with removed rules). See #258. 2007-10-17 19:59:28 +00:00
brectanus 974298a76c Added ctl:ruleRemoveById action. See #259. 2007-10-17 19:11:47 +00:00
brectanus b784e6cb73 Change from TX:LAST_MATCHED_VAR_NAME to MATCHED_VAR. See #123. 2007-10-03 00:23:46 +00:00
brectanus 83a7886071 Now use memcmp() vs strncmp() in string comparison operators since we already short-circuit when the match will not fit in the target. 
Added @containsWord.  See #182.
 2007-10-02 18:50:35 +00:00
brectanus da1399f0b8 Added TX:LAST_MATCHED_VAR_NAME. See #123. 2007-10-01 22:35:52 +00:00
brectanus 9d4965b29e Fix macro expansion in setvar. See #126. 2007-10-01 17:24:10 +00:00
brectanus fe1021e369 More cleanup of error messages and marking as relevant. See #4. 2007-09-28 20:02:02 +00:00
brectanus f3a8854fe9 Mark any error conditions/alerts as 'relevant'. 
Clean up/add error messages where this can happen.
 2007-09-27 21:18:23 +00:00
brectanus 5022ddcadf Cleanup more subrequest code. 
Do not run with subrequests in phase 3-4.
Still need to look at phase 5 to see what I can cleanup there.
See #135.
 2007-09-26 21:46:06 +00:00
brectanus 86c9a9bf1f Cleanup CHANGES. 2007-09-26 21:39:45 +00:00
brectanus 72f8149338 Do not process subrequests in phase 2. See #135. 2007-09-26 18:03:08 +00:00
brectanus 426ce1aea7 Fixed deprecatevar. See #59. 2007-09-25 21:40:04 +00:00
ivanr 9ed3cf9e5a Added support for partial response body processing. 2007-09-21 23:23:11 +00:00
ivanr 59333a6a81 Update CHANGES. 2007-09-21 22:15:12 +00:00
brectanus eb6b456f5b Fix potential buffer overrun by 1 byte in base64Decode caused by bad docs from APR-Util. See #255. 2007-09-21 00:20:31 +00:00
brectanus ad940d1ff9 Partially corrected the filter error code. See #3. 2007-09-14 23:01:58 +00:00
brectanus 53011819d4 Cleanup some doc formatting. 
Prepare trunk for use as 2.5.0-devN tree.
 2007-09-14 21:41:34 +00:00
brectanus 1e603d8a3e Detect and use new API calls to get the server version/banner when available. 2007-09-11 18:01:28 +00:00
brectanus 70e8246ae4 Update CHANGES. 2007-08-21 23:47:06 +00:00
brectanus e275162463 Quiet "warning: int format, pid_t arg" type warnings. 2007-08-13 17:49:37 +00:00
brectanus 32905f9d46 Add ability to compile without API support (-DNO_MODSEC_API). See #198. 2007-08-10 00:46:04 +00:00
brectanus f4389c9a55 Update docs and CHANGES for logdata action. 2007-08-10 00:44:20 +00:00
brectanus 648037fdb5 Added TX_SEVERITY variable. See #60. 2007-08-08 22:11:02 +00:00
brectanus d2fd881c00 Fix typo in CHANGES. 2007-08-08 20:53:00 +00:00
brectanus f41c27a28c Added ARGS_GET, ARGS_POST, ARGS_GET_NAME, ARGS_POST_NAMES variables. See #136. 2007-08-08 20:49:51 +00:00
brectanus fe8c564ed0 Added MODSEC_BUILD variable. See #38. 2007-08-08 18:25:03 +00:00
brectanus 5a6ce01429 Added logging of target variable expansion. See #62. 2007-08-08 14:48:49 +00:00
brectanus 9695f2b816 Improvements in transformation cache (add options, document). 
Update CHANGES.
 2007-08-03 20:25:30 +00:00
brectanus b761c1c01c Merge in some doc changes. 
Fix some doc formatting issues.
Update the CHANGES file.
 2007-08-02 20:40:37 +00:00
brectanus 3e5e2a06b7 Stricter validation for @validateUtf8Encoding. 
Capture the match in TX:0 when using "capture" action w/@pm operators.
 2007-07-31 19:04:07 +00:00
brectanus 7fbf664ec8 Added cygwin to list of compilers that do not support hidden visibility attribute. 2007-07-02 14:49:56 +00:00
brectanus 698955aae1 Update changes to reflect the 2.2 -> 2.5 change. 2007-06-21 15:45:21 +00:00
brectanus 19887f9cc6 Added @within string comparison operator with support for macro expansion. See #134. 2007-06-21 02:21:06 +00:00
brectanus b58efb3466 Update CHANGES. 
Reversion from 2.2. to 2.5.
Update @pmFromFile to base relative filenames off of rule file path.
 2007-06-20 19:58:01 +00:00
brectanus efe52d4e77 Initialize rules tmp pool properly. 
Update to latest core rules.
 2007-06-14 18:48:35 +00:00
brectanus 81d0f84ad3 Update copyright text to Breach Security, Inc. 
Merge in changes from branches/2.1.x
 2007-06-14 16:05:45 +00:00
brectanus 6350e2badc Do not log alert message for subrequests. See #124. 
Cleanup CHANGES.
 2007-06-11 21:28:03 +00:00