Skip to content

Smallfixes#56

Open
airween wants to merge 4 commits intoowasp-modsecurity:masterfrom
airween:smallfixes
Open

Smallfixes#56
airween wants to merge 4 commits intoowasp-modsecurity:masterfrom
airween:smallfixes

Conversation

@airween
Copy link
Member

@airween airween commented Mar 11, 2019

With these commits, the Apache passes all CRS (3.1) regression tests (with patched libmodsecurity3).

@zimmerle
Copy link
Contributor

zimmerle commented Apr 3, 2019

Hi @airween,

You mentioned that it depends on the patched libModSecurity. Do you mind to share the exact patches that you are referring to?

@airween
Copy link
Member Author

airween commented Apr 3, 2019
edited
Loading

Hi @zimmerle

there is one bug in libmodsecurity3, what I couldn't fixed yet. In the tests what I referred above, I've used a quick and dirty workaround for some CRS rule. I need some time to finish that.

Any other patches are shared, most of them are merged :).

Note, that these fixes are independents of the libmodsecurity3 and those patches.

Finally, the ec098a isn't complete yet too (the process_intervention() missing when msc_process_request_body() called, but with it the response will always HTTP 400, no matters what is in the rule, eg. 403 or something other...).

Summarize: I think these collection won't spoil the Apache connector :), and I guess this way is right to make it better.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@zimmerle zimmerle

@victorhora victorhora

Labels

enhancement

Projects

None yet

Milestone

Beta version for ModSecurity-apache c...

Development

Successfully merging this pull request may close these issues.

3 participants

@airween @zimmerle @victorhora