|
[-]
[+]
|
Changed |
mod_security-ix.changes
|
|
|
|
[-]
[+]
|
Changed |
mod_security-ix.spec
^
|
|
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/CHANGES
^
|
| @@ -1,3 +1,29 @@
+23 Dec 2011 - 2.6.3
+-------------------
+
+* Fixed conn_rec apache API changes in httpd trunk (Thanks Steffen Land).
+
+* Fixed Error log Hook apache API changes in httpd trunk (Thanks Steffen Land).
+
+* Updated doc/ Reference_Manual
+
+06 Dec 2011 - 2.6.3-rc1
+-------------------
+
+* Fixed MATCHED_VARS does not correctly handle multiple VARS with the same name.
+
+* Fixed SDBM garbage collection was not working as expected, increasing the size of files.
+
+* Fixed wrong timestamp calculation for some time zones in log files.
+
+* Fixed SecUpdateTargetById failed to load multiple VARS (MODSEC-270).
+
+* Fixed Reverted hexDecode for hexEncode compatibility reason.
+
+* Added SecCollectionTimeout to set collection timeout, default is 3600.
+
+* Added sqlHexDecode transformation to decode sql hex data. Thanks Marc Stern.
+
30 Sep 2011 - 2.6.2
-------------------
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/apache2_config.c
^
|
| @@ -125,6 +125,9 @@
dcfg->request_encoding = NOT_SET_P;
dcfg->disable_backend_compression = NOT_SET;
+ /* Collection timeout */
+ dcfg->col_timeout = NOT_SET;
+
return dcfg;
}
@@ -512,6 +515,9 @@
merged->disable_backend_compression = (child->disable_backend_compression == NOT_SET
? parent->disable_backend_compression : child->disable_backend_compression);
+ merged->col_timeout = (child->col_timeout == NOT_SET
+ ? parent->col_timeout : child->col_timeout);
+
return merged;
}
@@ -607,6 +613,8 @@
if (dcfg->request_encoding == NOT_SET_P) dcfg->request_encoding = NULL;
if (dcfg->disable_backend_compression == NOT_SET) dcfg->disable_backend_compression = 0;
+
+ if (dcfg->col_timeout == NOT_SET) dcfg->col_timeout = 3600;
}
/**
@@ -1249,6 +1257,18 @@
return NULL;
}
+static const char *cmd_collection_timeout(cmd_parms *cmd, void *_dcfg,
+ const char *p1)
+{
+ directory_config *dcfg = (directory_config *)_dcfg;
+
+ dcfg->col_timeout = atoi(p1);
+ /* max 30 days */
+ if ((dcfg->col_timeout >= 0)&&(dcfg->col_timeout <= 2592000)) return NULL;
+
+ return apr_psprintf(cmd->pool, "ModSecurity: Invalid value for SecCollectionTimeout: %s", p1);
+}
+
static const char *cmd_debug_log_level(cmd_parms *cmd, void *_dcfg,
const char *p1)
{
@@ -2333,6 +2353,14 @@
),
AP_INIT_TAKE1 (
+ "SecCollectionTimeout",
+ cmd_collection_timeout,
+ NULL,
+ CMD_SCOPE_ANY,
+ "set default collections timeout. default it 3600"
+ ),
+
+ AP_INIT_TAKE1 (
"SecDefaultAction",
cmd_default_action,
NULL,
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/apache2_io.c
^
|
| @@ -119,6 +119,13 @@
bucket = apr_bucket_heap_create(msr->stream_input_data, msr->stream_input_length, NULL,
f->r->connection->bucket_alloc);
+ if (msr->txcfg->stream_inbody_inspection) {
+ if(msr->stream_input_data != NULL) {
+ free(msr->stream_input_data);
+ msr->stream_input_data = NULL;
+ }
+ }
+
if (bucket == NULL) return APR_EGENERAL;
APR_BRIGADE_INSERT_TAIL(bb_out, bucket);
@@ -562,24 +569,6 @@
if (msr->txcfg->stream_outbody_inspection) {
- char *stream_output_body = NULL;
-
- if(msr->stream_output_data == NULL)
- msr->stream_output_data = (char *)malloc(msr->resbody_length+1);
- else {
- stream_output_body = (char *)realloc(msr->stream_output_data, msr->resbody_length+1);
-
- if(stream_output_body == NULL) {
- free(msr->stream_output_data);
- msr->stream_output_data = NULL;
- msr_log(msr, 1, "Output filter: Stream Response body data memory allocation failed. Asked for: %" APR_SIZE_T_FMT,
- msr->stream_output_length + 1);
- return -1;
- }
-
- msr->stream_output_data = (char *)stream_output_body;
- }
-
msr->stream_output_length = msr->resbody_length;
if (msr->stream_output_data == NULL) {
@@ -825,7 +814,24 @@
/* Do we need to process a partial response? */
if (start_skipping) {
+
+ if (msr->txcfg->stream_outbody_inspection) {
+ if(msr->stream_output_data != NULL) {
+ free(msr->stream_output_data);
+ msr->stream_output_data = NULL;
+ }
+
+ msr->stream_output_data = (char *)malloc(msr->resbody_length+1);
+ }
+
if (flatten_response_body(msr) < 0) {
+ if (msr->txcfg->stream_outbody_inspection) {
+ if(msr->stream_output_data != NULL) {
+ free(msr->stream_output_data);
+ msr->stream_output_data = NULL;
+ }
+ }
+
ap_remove_output_filter(f);
return send_error_bucket(msr, f, HTTP_INTERNAL_SERVER_ERROR);
}
@@ -885,7 +891,24 @@
* only if it hasn't been processed already.
*/
if (msr->phase < PHASE_RESPONSE_BODY) {
+
+ if (msr->txcfg->stream_outbody_inspection) {
+ if(msr->stream_output_data != NULL) {
+ free(msr->stream_output_data);
+ msr->stream_output_data = NULL;
+ }
+
+ msr->stream_output_data = (char *)malloc(msr->resbody_length+1);
+ }
+
if (flatten_response_body(msr) < 0) {
+ if (msr->txcfg->stream_outbody_inspection) {
+ if(msr->stream_output_data != NULL) {
+ free(msr->stream_output_data);
+ msr->stream_output_data = NULL;
+ }
+ }
+
ap_remove_output_filter(f);
return send_error_bucket(msr, f, HTTP_INTERNAL_SERVER_ERROR);
}
@@ -912,6 +935,14 @@
inject_content_to_of_brigade(msr,f);
msr->of_stream_changed = 0;
}
+
+ if (msr->txcfg->stream_outbody_inspection) {
+ if(msr->stream_output_data != NULL) {
+ free(msr->stream_output_data);
+ msr->stream_output_data = NULL;
+ }
+ }
+
prepend_content_to_of_brigade(msr, f);
/* Inject content into response (append & buffering). */
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/apache2_util.c
^
|
| @@ -263,9 +263,15 @@
}
else hostname = "";
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,
+ "[client %s] ModSecurity: %s%s [uri \"%s\"]%s", r->connection->client_ip, str1,
+ hostname, log_escape(msr->mp, r->uri), unique_id);
+#else
ap_log_error(APLOG_MARK, APLOG_ERR | APLOG_NOERRNO, 0, r->server,
"[client %s] ModSecurity: %s%s [uri \"%s\"]%s", r->connection->remote_ip, str1,
hostname, log_escape(msr->mp, r->uri), unique_id);
+#endif
/* Add this message to the list. */
if (msr != NULL) {
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/mod_security2.c
^
|
| @@ -409,8 +409,13 @@
msr->local_addr = r->connection->local_ip;
msr->local_port = r->connection->local_addr->port;
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ msr->remote_addr = r->connection->client_ip;
+ msr->remote_port = r->connection->client_addr->port;
+#else
msr->remote_addr = r->connection->remote_ip;
msr->remote_port = r->connection->remote_addr->port;
+#endif
msr->request_line = r->the_request;
msr->request_uri = r->uri;
@@ -881,8 +886,7 @@
* Invoked every time Apache has something to write to the error log.
*/
#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
-static void hook_error_log(const char *file, int line, int module_index, int level, apr_status_t status,
- const server_rec *s, const request_rec *r, apr_pool_t *mp, const char *fmt)
+static void hook_error_log(const ap_errorlog_info *info, const char *errstr)
#else
static void hook_error_log(const char *file, int line, int level, apr_status_t status,
const server_rec *s, const request_rec *r, apr_pool_t *mp, const char *fmt)
@@ -891,15 +895,35 @@
modsec_rec *msr = NULL;
error_message *em = NULL;
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ if (info == NULL) return;
+ if (info->r == NULL) return;
+#else
if (r == NULL) return;
+#endif
+
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ msr = retrieve_tx_context((request_rec *)info->r);
+#else
msr = retrieve_tx_context((request_rec *)r);
+#endif
/* Create a context for requests we never had the chance to process */
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ if ((msr == NULL)
+ && ((info->level & APLOG_LEVELMASK) < APLOG_DEBUG)
+ && apr_table_get(info->r->subprocess_env, "UNIQUE_ID"))
+#else
if ((msr == NULL)
&& ((level & APLOG_LEVELMASK) < APLOG_DEBUG)
&& apr_table_get(r->subprocess_env, "UNIQUE_ID"))
+#endif
{
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ msr = create_tx_context((request_rec *)info->r);
+#else
msr = create_tx_context((request_rec *)r);
+#endif
if (msr->txcfg->debuglog_level >= 9) {
if (msr == NULL) {
msr_log(msr, 9, "Failed to create context after request failure.");
@@ -916,11 +940,19 @@
em = (error_message *)apr_pcalloc(msr->mp, sizeof(error_message));
if (em == NULL) return;
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ if (info->file != NULL) em->file = apr_pstrdup(msr->mp, info->file);
+ em->line = info->line;
+ em->level = info->level;
+ em->status = info->status;
+ if (info->format != NULL) em->message = apr_pstrdup(msr->mp, info->format);
+#else
if (file != NULL) em->file = apr_pstrdup(msr->mp, file);
em->line = line;
em->level = level;
em->status = status;
if (fmt != NULL) em->message = apr_pstrdup(msr->mp, fmt);
+#endif
/* Remove \n from the end of the message */
if (em->message != NULL) {
@@ -1204,7 +1236,7 @@
int i, j;
unsigned long int ip_count = 0, ip_count_w = 0;
worker_score *ws_record = NULL;
-#if AP_SERVER_MINORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
ap_sb_handle_t *sbh = NULL;
#endif
@@ -1214,11 +1246,15 @@
if(ws_record == NULL)
return DECLINED;
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ apr_cpystrn(ws_record->client, conn->client_ip, sizeof(ws_record->client));
+#else
apr_cpystrn(ws_record->client, conn->remote_ip, sizeof(ws_record->client));
+#endif
for (i = 0; i < server_limit; ++i) {
for (j = 0; j < thread_limit; ++j) {
-#if AP_SERVER_MINORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
sbh = conn->sbh;
if (sbh == NULL) {
return DECLINED;
@@ -1234,12 +1270,22 @@
switch (ws_record->status) {
case SERVER_BUSY_READ:
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ if (strcmp(conn->client_ip, ws_record->client) == 0)
+ ip_count++;
+#else
if (strcmp(conn->remote_ip, ws_record->client) == 0)
ip_count++;
+#endif
break;
case SERVER_BUSY_WRITE:
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ if (strcmp(conn->client_ip, ws_record->client) == 0)
+ ip_count_w++;
+#else
if (strcmp(conn->remote_ip, ws_record->client) == 0)
ip_count_w++;
+#endif
break;
default:
break;
@@ -1248,10 +1294,18 @@
}
if ((conn_read_state_limit > 0) && (ip_count > conn_read_state_limit)) {
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "ModSecurity: Access denied with code 400. Too many threads [%ld] of %ld allowed in READ state from %s - Possible DoS Consumption Attack [Rejected]", ip_count,conn_read_state_limit,conn->client_ip);
+#else
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "ModSecurity: Access denied with code 400. Too many threads [%ld] of %ld allowed in READ state from %s - Possible DoS Consumption Attack [Rejected]", ip_count,conn_read_state_limit,conn->remote_ip);
+#endif
return OK;
} else if ((conn_write_state_limit > 0) && (ip_count_w > conn_write_state_limit)) {
+#if AP_SERVER_MAJORVERSION_NUMBER > 1 && AP_SERVER_MINORVERSION_NUMBER > 2
+ ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "ModSecurity: Access denied with code 400. Too many threads [%ld] of %ld allowed in WRITE state from %s - Possible DoS Consumption Attack [Rejected]", ip_count_w,conn_write_state_limit,conn->client_ip);
+#else
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, NULL, "ModSecurity: Access denied with code 400. Too many threads [%ld] of %ld allowed in WRITE state from %s - Possible DoS Consumption Attack [Rejected]", ip_count_w,conn_write_state_limit,conn->remote_ip);
+#endif
return OK;
} else {
return DECLINED;
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/modsecurity.c
^
|
| @@ -212,28 +212,30 @@
}
time_after = apr_time_now();
-
+
msr->time_storage_write += time_after - time_before;
-
+
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Recording persistent data took %" APR_TIME_T_FMT
" microseconds.", msr->time_gc);
- }
-
+ }
+
/* Remove stale collections. */
+ srand(time(NULL));
+
if (rand() < RAND_MAX/100) {
arr = apr_table_elts(msr->collections);
te = (apr_table_entry_t *)arr->elts;
for (i = 0; i < arr->nelts; i++) {
collections_remove_stale(msr, te[i].key);
}
-
+
msr->time_gc = apr_time_now() - time_after;
-
+
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Garbage collection took %" APR_TIME_T_FMT
" microseconds.", msr->time_gc);
- }
+ }
}
}
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/modsecurity.h
^
|
| @@ -517,8 +517,11 @@
/* Request character encoding. */
const char *request_encoding;
-
+
int disable_backend_compression;
+
+ /* Collection timeout */
+ int col_timeout;
};
struct error_message {
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/msc_release.h
^
|
| @@ -38,7 +38,7 @@
#define MODSEC_VERSION_MAJOR "2"
#define MODSEC_VERSION_MINOR "6"
-#define MODSEC_VERSION_MAINT "2"
+#define MODSEC_VERSION_MAINT "3"
#define MODSEC_VERSION_TYPE ""
#define MODSEC_VERSION_RELEASE ""
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/msc_reqbody.c
^
|
| @@ -400,11 +400,6 @@
stream_input_body = (char *)realloc(msr->stream_input_data, msr->stream_input_length + 1);
- if(stream_input_body == NULL) {
- free(msr->stream_input_data);
- msr->stream_input_data = NULL;
- }
-
msr->stream_input_data = (char *)stream_input_body;
}
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/msc_util.c
^
|
| @@ -419,28 +419,48 @@
/**
*
*/
+int sql_hex2bytes_inplace(unsigned char *data, int len) {
+ unsigned char *d, *begin = data;
+
+ if ((data == NULL)||(len == 0)) return 0;
+
+ for( d = data; *data; *d++ = *data++) {
+ if ( *data != '0' ) continue;
+ if ( tolower(*++data) != 'x' ) {
+ data--;
+ continue;
+ }
+
+ data++;
+
+ // Do we need to keep "0x" if no hexa after?
+ if ( !VALID_HEX(data[0]) || !VALID_HEX(data[1]) ) {
+ data-=2;
+ continue;
+ }
+
+ while ( VALID_HEX(data[0]) && VALID_HEX(data[1]) ) {
+ *d++ = x2c(data);
+ data += 2;
+ }
+ }
+
+ *d = '\0';
+ return strlen(begin);
+}
+
+/**
+ *
+ *
+ */
int hex2bytes_inplace(unsigned char *data, int len) {
unsigned char *d = data;
- char print = 0;
int i, count = 0;
if ((data == NULL)||(len == 0)) return 0;
- for(i = 0; i <= len - 1; i++) {
- if(VALID_HEX(data[i]) && VALID_HEX(data[i+1])) {
- print = data[i];
- if(print > 0x31 && print < 0x38) {
- *d++ = x2c(&data[i]);
- i++;
- } else {
- *d++ = data[i];
- *d++ = data[i+1];
- i++;
- count++;
- }
- } else {
- *d++ = data[i];
- }
+ for(i = 0; i <= len - 2; i += 2) {
+ *d++ = x2c(&data[i]);
count++;
}
*d = '\0';
@@ -600,7 +620,7 @@
apr_strftime(tstr, &len, 80, "%d/%b/%Y:%H:%M:%S ", &t);
apr_snprintf(tstr + strlen(tstr), 80 - strlen(tstr), "%c%.2d%.2d",
t.tm_gmtoff < 0 ? '-' : '+',
- t.tm_gmtoff / (60 * 60), t.tm_gmtoff % (60 * 60));
+ t.tm_gmtoff / (60 * 60), (t.tm_gmtoff / 60) % 60);
return apr_pstrdup(mp, tstr);
}
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/msc_util.h
^
|
| @@ -43,6 +43,8 @@
char DSOLOCAL *file_basename(apr_pool_t *p, const char *filename);
+int DSOLOCAL sql_hex2bytes_inplace(unsigned char *data, int len);
+
int DSOLOCAL hex2bytes_inplace(unsigned char *data, int len);
char DSOLOCAL *bytes2hex(apr_pool_t *pool, unsigned char *data, int len);
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/persist_dbm.c
^
|
| @@ -108,7 +108,10 @@
goto cleanup;
}
- dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
+ if(strstr(col_name,"USER") || strstr(col_name,"SESSION"))
+ dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", msr->txcfg->webappid, "_", col_name, NULL);
+ else
+ dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
key.dptr = (char *)col_key;
key.dsize = col_key_len + 1;
@@ -576,7 +579,10 @@
goto error;
}
- dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
+ if(strstr(col_name,"USER") || strstr(col_name,"SESSION"))
+ dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", msr->txcfg->webappid, "_", col_name, NULL);
+ else
+ dbm_filename = apr_pstrcat(msr->mp, msr->txcfg->data_dir, "/", col_name, NULL);
rc = apr_sdbm_open(&dbm, dbm_filename, APR_CREATE | APR_WRITE | APR_SHARELOCK,
CREATEMODE, msr->mp);
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/re.c
^
|
| @@ -113,9 +113,6 @@
if(opt != NULL) {
name = apr_strtok(param,":",&value);
- if(strchr(value,':') != NULL) {
- goto end;
- }
} else {
name = param;
}
@@ -128,12 +125,14 @@
targets = (msre_var **)rule->targets->elts;
// TODO need a good way to remove the element from array, maybe change array by tables or rings
for (i = 0; i < rule->targets->nelts; i++) {
- if((strncasecmp(targets[i]->name,name,name_len) == 0) &&
+ if((strlen(targets[i]->name) == strlen(name)) &&
+ (strncasecmp(targets[i]->name,name,strlen(targets[i]->name)) == 0) &&
(targets[i]->is_negated == is_negated) &&
(targets[i]->is_counting == is_counting)) {
if(value != NULL && targets[i]->param != NULL) {
- if(strncasecmp(targets[i]->param,value,value_len) == 0) {
+ if((strlen(targets[i]->param) == strlen(value)) &&
+ strncasecmp(targets[i]->param,value,strlen(targets[i]->param)) == 0) {
memset(targets[i]->name,0,strlen(targets[i]->name));
memset(targets[i]->param,0,strlen(targets[i]->param));
match = 1;
@@ -190,9 +189,6 @@
if(opt != NULL) {
name = apr_strtok(param,":",&value);
- if(strchr(value,':') != NULL) {
- goto end;
- }
} else {
name = param;
}
@@ -202,32 +198,39 @@
if(value != NULL)
value_len = strlen(value);
+ match = 0;
+
targets = (msre_var **)rule->targets->elts;
for (i = 0; i < rule->targets->nelts; i++) {
- if((strncasecmp(targets[i]->name,name,name_len) == 0) &&
+ if((strlen(targets[i]->name) == strlen(name)) &&
+ (strncasecmp(targets[i]->name,name,strlen(targets[i]->name)) == 0) &&
(targets[i]->is_negated == is_negated) &&
(targets[i]->is_counting == is_counting)) {
if(value != NULL && targets[i]->param != NULL) {
- if(strncasecmp(targets[i]->param,value,value_len) == 0) {
- goto end;
+ if((strlen(targets[i]->param) == strlen(value)) &&
+ strncasecmp(targets[i]->param,value,strlen(targets[i]->param)) == 0) {
+ match = 1;
}
} else if (value == NULL && targets[i]->param == NULL){
- goto end;
+ match = 1;
} else
continue;
}
}
+
if(target != NULL) {
free(target);
target = NULL;
}
- rc = msre_parse_targets(ruleset, p, rule->targets, &my_error_msg);
- if (rc < 0) {
- goto end;
+ if(match == 0 ) {
+ rc = msre_parse_targets(ruleset, p, rule->targets, &my_error_msg);
+ if (rc < 0) {
+ goto end;
+ }
}
}
@@ -282,13 +285,13 @@
for (i = 0; i < rule->targets->nelts; i++) {
if(targets[i]->name != NULL && strlen(targets[i]->name) > 0) {
- target_str = apr_pstrcat(pool,
- (target_str == NULL) ? "" : apr_psprintf(pool, "%s|", target_str),
- (targets[i]->is_negated == 0) ? "" : "!",
- (targets[i]->is_counting == 0) ? "" : "&",
- (targets[i]->name == NULL) ? "" : targets[i]->name,
- (targets[i]->param == NULL) ? "" : apr_psprintf(pool, ":%s", targets[i]->param),
- NULL);
+ target_str = apr_pstrcat(pool,
+ (target_str == NULL) ? "" : apr_psprintf(pool, "%s|", target_str),
+ (targets[i]->is_negated == 0) ? "" : "!",
+ (targets[i]->is_counting == 0) ? "" : "&",
+ (targets[i]->name == NULL) ? "" : targets[i]->name,
+ (targets[i]->param == NULL) ? "" : apr_psprintf(pool, ":%s", targets[i]->param),
+ NULL);
}
}
@@ -320,14 +323,14 @@
if (chain) {
/* Skip some actions that are not used in a chain. */
if ( (action->metadata->type == ACTION_DISRUPTIVE)
- || (action->metadata->type == ACTION_METADATA)
- || (strcmp("log", action->metadata->name) == 0)
- || (strcmp("auditlog", action->metadata->name) == 0)
- || (strcmp("nolog", action->metadata->name) == 0)
- || (strcmp("noauditlog", action->metadata->name) == 0)
- || (strcmp("severity", action->metadata->name) == 0)
- || (strcmp("tag", action->metadata->name) == 0)
- || (strcmp("phase", action->metadata->name) == 0))
+ || (action->metadata->type == ACTION_METADATA)
+ || (strcmp("log", action->metadata->name) == 0)
+ || (strcmp("auditlog", action->metadata->name) == 0)
+ || (strcmp("nolog", action->metadata->name) == 0)
+ || (strcmp("noauditlog", action->metadata->name) == 0)
+ || (strcmp("severity", action->metadata->name) == 0)
+ || (strcmp("tag", action->metadata->name) == 0)
+ || (strcmp("phase", action->metadata->name) == 0))
{
continue;
}
@@ -346,14 +349,14 @@
}
actions = apr_pstrcat(pool,
- (actions == NULL) ? "" : actions,
- (actions == NULL) ? "" : ",",
- action->metadata->name,
- (action->param == NULL) ? "" : ":",
- (use_quotes) ? "'" : "",
- (action->param == NULL) ? "" : action->param,
- (use_quotes) ? "'" : "",
- NULL);
+ (actions == NULL) ? "" : actions,
+ (actions == NULL) ? "" : ",",
+ action->metadata->name,
+ (action->param == NULL) ? "" : ":",
+ (use_quotes) ? "'" : "",
+ (action->param == NULL) ? "" : action->param,
+ (use_quotes) ? "'" : "",
+ NULL);
}
return actions;
@@ -397,7 +400,7 @@
* given text string and places them into the supplied table.
*/
static apr_status_t msre_parse_targets(msre_ruleset *ruleset, const char *text,
- apr_array_header_t *arr, char **error_msg)
+ apr_array_header_t *arr, char **error_msg)
{
const apr_array_header_t *tarr;
const apr_table_entry_t *telts;
@@ -433,7 +436,7 @@
* them into the supplied array.
*/
static apr_status_t msre_parse_actions(msre_engine *engine, msre_actionset *actionset,
- const char *text, char **error_msg)
+ const char *text, char **error_msg)
{
const apr_array_header_t *tarr;
const apr_table_entry_t *telts;
@@ -593,7 +596,7 @@
* Creates a new action instance given its name and an (optional) parameter.
*/
msre_action *msre_create_action(msre_engine *engine, const char *name, const char *param,
- char **error_msg)
+ char **error_msg)
{
msre_action *action = apr_pcalloc(engine->mp, sizeof(msre_action));
if (action == NULL) return NULL;
@@ -611,7 +614,7 @@
if (param == NULL) { /* Parameter not present */
if (action->metadata->argc_min > 0) {
*error_msg = apr_psprintf(engine->mp, "Missing mandatory parameter for action %s",
- name);
+ name);
return NULL;
}
} else { /* Parameter present */
@@ -626,7 +629,7 @@
if ((param[0] == '+')||(param[0] == '-')) {
if (action->metadata->allow_param_plusminus == 0) {
*error_msg = apr_psprintf(engine->mp,
- "Action %s does not allow +/- modificators.", name);
+ "Action %s does not allow +/- modificators.", name);
return NULL;
}
else { /* Modificators allowed. */
@@ -634,10 +637,10 @@
action->param = param + 1;
action->param_plusminus = POSITIVE_VALUE;
} else
- if (param[0] == '-') {
- action->param = param + 1;
- action->param_plusminus = NEGATIVE_VALUE;
- }
+ if (param[0] == '-') {
+ action->param = param + 1;
+ action->param_plusminus = NEGATIVE_VALUE;
+ }
}
} else {
action->param = param;
@@ -659,7 +662,7 @@
* them into the given table.
*/
int msre_parse_generic(apr_pool_t *mp, const char *text, apr_table_t *vartable,
- char **error_msg)
+ char **error_msg)
{
char *p = (char *)text;
int count = 0;
@@ -702,7 +705,7 @@
}
*error_msg = apr_psprintf(mp, "Unexpected character at position %d: %s",
- (int)(p - text), text);
+ (int)(p - text), text);
return -1;
}
@@ -737,28 +740,28 @@
for(;;) {
if (*p == '\0') {
*error_msg = apr_psprintf(mp, "Missing closing quote at position %d: %s",
- (int)(p - text), text);
+ (int)(p - text), text);
free(value);
return -1;
} else
- if (*p == '\\') {
- if ( (*(p + 1) == '\0') || ((*(p + 1) != '\'')&&(*(p + 1) != '\\')) ) {
- *error_msg = apr_psprintf(mp, "Invalid quoted pair at position %d: %s",
- (int)(p - text), text);
- free(value);
- return -1;
- }
- p++;
- *(d++) = *(p++);
- } else
- if (*p == '\'') {
- *d = '\0';
- p++;
- break;
- }
- else {
- *(d++) = *(p++);
- }
+ if (*p == '\\') {
+ if ( (*(p + 1) == '\0') || ((*(p + 1) != '\'')&&(*(p + 1) != '\\')) ) {
+ *error_msg = apr_psprintf(mp, "Invalid quoted pair at position %d: %s",
+ (int)(p - text), text);
+ free(value);
+ return -1;
+ }
+ p++;
+ *(d++) = *(p++);
+ } else
+ if (*p == '\'') {
+ *d = '\0';
+ p++;
+ break;
+ }
+ else {
+ *(d++) = *(p++);
+ }
}
d = value;
@@ -789,10 +792,10 @@
* parsing the given string which contains a list of actions.
*/
msre_actionset *msre_actionset_create(msre_engine *engine, const char *text,
- char **error_msg)
+ char **error_msg)
{
msre_actionset *actionset = (msre_actionset *)apr_pcalloc(engine->mp,
- sizeof(msre_actionset));
+ sizeof(msre_actionset));
if (actionset == NULL) return NULL;
actionset->actions = apr_table_make(engine->mp, 25);
@@ -855,7 +858,7 @@
* Merges two actionsets into one.
*/
msre_actionset *msre_actionset_merge(msre_engine *engine, msre_actionset *parent,
- msre_actionset *child, int inherit_by_default)
+ msre_actionset *child, int inherit_by_default)
{
msre_actionset *merged = NULL;
const apr_array_header_t *tarr;
@@ -928,8 +931,8 @@
msre_actionset *msre_actionset_create_default(msre_engine *engine) {
char *my_error_msg = NULL;
return msre_actionset_create(engine,
- "phase:2,log,auditlog,pass",
- &my_error_msg);
+ "phase:2,log,auditlog,pass",
+ &my_error_msg);
}
/**
@@ -1063,10 +1066,10 @@
if (rule->placeholder == RULE_PH_MARKER) continue;
msr_log(msr, 1, "Rule %pp [id \"%s\"][file \"%s\"][line \"%d\"]: %u usec", rule,
- ((rule->actionset != NULL)&&(rule->actionset->id != NULL)) ? rule->actionset->id : "-",
- rule->filename != NULL ? rule->filename : "-",
- rule->line_num,
- (rule->execution_time / PERFORMANCE_MEASUREMENT_LOOP));
+ ((rule->actionset != NULL)&&(rule->actionset->id != NULL)) ? rule->actionset->id : "-",
+ rule->filename != NULL ? rule->filename : "-",
+ rule->line_num,
+ (rule->execution_time / PERFORMANCE_MEASUREMENT_LOOP));
}
return rc;
@@ -1074,151 +1077,151 @@
static apr_status_t msre_ruleset_process_phase_(msre_ruleset *ruleset, modsec_rec *msr) {
#else
-apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr) {
+ apr_status_t msre_ruleset_process_phase(msre_ruleset *ruleset, modsec_rec *msr) {
#endif
- apr_array_header_t *arr = NULL;
- msre_rule **rules;
- apr_status_t rc;
- const char *skip_after = NULL;
- msre_rule *last_rule = NULL;
- msre_rule *rule_starter = NULL;
- int i, mode, skip, skipped, saw_starter;
-
- /* First determine which set of rules we need to use. */
- switch (msr->phase) {
- case PHASE_REQUEST_HEADERS :
- arr = ruleset->phase_request_headers;
- break;
- case PHASE_REQUEST_BODY :
- arr = ruleset->phase_request_body;
- break;
- case PHASE_RESPONSE_HEADERS :
- arr = ruleset->phase_response_headers;
- break;
- case PHASE_RESPONSE_BODY :
- arr = ruleset->phase_response_body;
- break;
- case PHASE_LOGGING :
- arr = ruleset->phase_logging;
- break;
- default :
- msr_log(msr, 1, "Internal Error: Invalid phase %d", msr->phase);
- return -1;
- }
+ apr_array_header_t *arr = NULL;
+ msre_rule **rules;
+ apr_status_t rc;
+ const char *skip_after = NULL;
+ msre_rule *last_rule = NULL;
+ msre_rule *rule_starter = NULL;
+ int i, mode, skip, skipped, saw_starter;
+
+ /* First determine which set of rules we need to use. */
+ switch (msr->phase) {
+ case PHASE_REQUEST_HEADERS :
+ arr = ruleset->phase_request_headers;
+ break;
+ case PHASE_REQUEST_BODY :
+ arr = ruleset->phase_request_body;
+ break;
+ case PHASE_RESPONSE_HEADERS :
+ arr = ruleset->phase_response_headers;
+ break;
+ case PHASE_RESPONSE_BODY :
+ arr = ruleset->phase_response_body;
+ break;
+ case PHASE_LOGGING :
+ arr = ruleset->phase_logging;
+ break;
+ default :
+ msr_log(msr, 1, "Internal Error: Invalid phase %d", msr->phase);
+ return -1;
+ }
- if (msr->txcfg->debuglog_level >= 9) {
- msr_log(msr, 9, "This phase consists of %d rule(s).", arr->nelts);
- }
+ if (msr->txcfg->debuglog_level >= 9) {
+ msr_log(msr, 9, "This phase consists of %d rule(s).", arr->nelts);
+ }
- apr_table_clear(msr->matched_vars);
+ apr_table_clear(msr->matched_vars);
- /* Loop through the rules in the selected set. */
- skip = 0;
- skipped = 0;
- saw_starter = 0;
- mode = NEXT_RULE;
- rules = (msre_rule **)arr->elts;
- for (i = 0; i < arr->nelts; i++) {
- msre_rule *rule = rules[i];
+ /* Loop through the rules in the selected set. */
+ skip = 0;
+ skipped = 0;
+ saw_starter = 0;
+ mode = NEXT_RULE;
+ rules = (msre_rule **)arr->elts;
+ for (i = 0; i < arr->nelts; i++) {
+ msre_rule *rule = rules[i];
#if defined(PERFORMANCE_MEASUREMENT)
- apr_time_t time1 = 0;
+ apr_time_t time1 = 0;
#endif
- /* Reset the rule interception flag */
- msr->rule_was_intercepted = 0;
+ /* Reset the rule interception flag */
+ msr->rule_was_intercepted = 0;
- /* SKIP_RULES is used to skip all rules until we hit a placeholder
- * with the specified rule ID and then resume execution after that.
- */
- if (mode == SKIP_RULES) {
- /* Go to the next rule if we have not yet hit the skip_after ID */
+ /* SKIP_RULES is used to skip all rules until we hit a placeholder
+ * with the specified rule ID and then resume execution after that.
+ */
+ if (mode == SKIP_RULES) {
+ /* Go to the next rule if we have not yet hit the skip_after ID */
- if ((rule->placeholder == RULE_PH_NONE) || (rule->actionset->id == NULL) || (strcmp(skip_after, rule->actionset->id) != 0)) {
+ if ((rule->placeholder == RULE_PH_NONE) || (rule->actionset->id == NULL) || (strcmp(skip_after, rule->actionset->id) != 0)) {
- if(i-1 >=0)
- last_rule = rules[i-1];
- else
- last_rule = rules[0];
+ if(i-1 >=0)
+ last_rule = rules[i-1];
+ else
+ last_rule = rules[0];
+
+ if((last_rule != NULL) && (last_rule->actionset != NULL) && last_rule->actionset->is_chained && (saw_starter == 1)) {
+ mode = NEXT_RULE;
+ skipped = 1;
+ --i;
+ } else {
+ mode = SKIP_RULES;
+ skipped = 0;
+ saw_starter = 0;
- if((last_rule != NULL) && (last_rule->actionset != NULL) && last_rule->actionset->is_chained && (saw_starter == 1)) {
- mode = NEXT_RULE;
- skipped = 1;
- --i;
- } else {
- mode = SKIP_RULES;
- skipped = 0;
- saw_starter = 0;
+ if (msr->txcfg->debuglog_level >= 9) {
+ msr_log(msr, 9, "Current rule is id=\"%s\" [chained %d] is trying to find the SecMarker=\"%s\" [stater %d]",rule->actionset->id,last_rule->actionset->is_chained,skip_after,saw_starter);
+ }
- if (msr->txcfg->debuglog_level >= 9) {
- msr_log(msr, 9, "Current rule is id=\"%s\" [chained %d] is trying to find the SecMarker=\"%s\" [stater %d]",rule->actionset->id,last_rule->actionset->is_chained,skip_after,saw_starter);
}
+ continue;
}
- continue;
- }
+ if (msr->txcfg->debuglog_level >= 9) {
+ msr_log(msr, 9, "Found rule %pp id=\"%s\".", rule, skip_after);
+ }
- if (msr->txcfg->debuglog_level >= 9) {
- msr_log(msr, 9, "Found rule %pp id=\"%s\".", rule, skip_after);
- }
+ /* Go to the rule *after* this one to continue execution. */
+ if (msr->txcfg->debuglog_level >= 4) {
+ msr_log(msr, 4, "Continuing execution after rule id=\"%s\".", skip_after);
+ }
- /* Go to the rule *after* this one to continue execution. */
- if (msr->txcfg->debuglog_level >= 4) {
- msr_log(msr, 4, "Continuing execution after rule id=\"%s\".", skip_after);
+ saw_starter = 0;
+ skipped = 0;
+ skip_after = NULL;
+ mode = NEXT_RULE;
+ apr_table_clear(msr->matched_vars);
+ continue;
}
- saw_starter = 0;
- skipped = 0;
- skip_after = NULL;
- mode = NEXT_RULE;
- apr_table_clear(msr->matched_vars);
- continue;
- }
+ /* Skip any rule marked as a placeholder */
+ if (rule->placeholder != RULE_PH_NONE) {
+ continue;
+ }
- /* Skip any rule marked as a placeholder */
- if (rule->placeholder != RULE_PH_NONE) {
- continue;
- }
+ /* NEXT_CHAIN is used when one of the rules in a chain
+ * fails to match and then we need to skip the remaining
+ * rules in that chain in order to get to the next
+ * rule that can execute.
+ */
+ if (mode == NEXT_CHAIN) {
+ if (rule->actionset->is_chained == 0) {
+ mode = NEXT_RULE;
+ }
- /* NEXT_CHAIN is used when one of the rules in a chain
- * fails to match and then we need to skip the remaining
- * rules in that chain in order to get to the next
- * rule that can execute.
- */
- if (mode == NEXT_CHAIN) {
- if (rule->actionset->is_chained == 0) {
- mode = NEXT_RULE;
+ /* Go to the next rule. */
+ apr_table_clear(msr->matched_vars);
+ continue;
}
- /* Go to the next rule. */
- apr_table_clear(msr->matched_vars);
- continue;
- }
-
- /* If we are here that means the mode is NEXT_RULE, which
- * then means we have done processing any chains. However,
- * if the "skip" parameter is set we need to skip over.
- */
- if ((mode == NEXT_RULE)&&(skip > 0)) {
- /* Decrement the skip counter by one. */
- skip--;
-
- /* If the current rule is part of a chain then
- * we need to skip over the entire chain. Thus
- * we change the mode to NEXT_CHAIN. The skip
- * counter will not decrement as we are moving
- * over the rules belonging to the chain.
+ /* If we are here that means the mode is NEXT_RULE, which
+ * then means we have done processing any chains. However,
+ * if the "skip" parameter is set we need to skip over.
*/
- if (rule->actionset->is_chained) {
- mode = NEXT_CHAIN;
- }
+ if ((mode == NEXT_RULE)&&(skip > 0)) {
+ /* Decrement the skip counter by one. */
+ skip--;
- /* Go to the next rule. */
- apr_table_clear(msr->matched_vars);
- continue;
- }
+ /* If the current rule is part of a chain then
+ * we need to skip over the entire chain. Thus
+ * we change the mode to NEXT_CHAIN. The skip
+ * counter will not decrement as we are moving
+ * over the rules belonging to the chain.
+ */
+ if (rule->actionset->is_chained) {
+ mode = NEXT_CHAIN;
+ }
+
+ /* Go to the next rule. */
+ apr_table_clear(msr->matched_vars);
+ continue;
+ }
- /* Check if this rule was removed at runtime */
+ /* Check if this rule was removed at runtime */
if (((rule->actionset->id !=NULL) && !apr_is_empty_array(msr->removed_rules)) || (apr_is_empty_array(msr->removed_rules_tag)==0)) {
int j, act;
int do_process = 1;
@@ -2226,8 +2229,7 @@
mvar->value = apr_pmemdup(msr->mp, var->value, var->value_len);
mvar->value_len = var->value_len;
- apr_table_unset(msr->matched_vars, parm);
- apr_table_setn(msr->matched_vars, parm, (void *)mvar);
+ apr_table_addn(msr->matched_vars, parm, (void *)mvar);
} else {
@@ -2237,8 +2239,7 @@
mvar->value = apr_pmemdup(msr->mp, var->value, var->value_len);
mvar->value_len = var->value_len;
- apr_table_unset(msr->matched_vars, mvar->name);
- apr_table_setn(msr->matched_vars, mvar->name, (void *)mvar);
+ apr_table_addn(msr->matched_vars, mvar->name, (void *)mvar);
}
}
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/re_actions.c
^
|
| @@ -1730,7 +1730,7 @@
if (table == NULL) {
/* Does not exist yet - create new. */
-
+
if (msr->txcfg->debuglog_level >= 4) {
msr_log(msr, 4, "Creating collection (name \"%s\", key \"%s\").",
real_col_name, col_key);
@@ -1741,11 +1741,15 @@
/* IMP1 Is the timeout hard-coded to 3600? */
+ if(msr->txcfg->debuglog_level >= 4) {
+ msr_log(msr, 4, "Setting default timeout collection value %d.",msr->txcfg->col_timeout);
+ }
+
/* Add default timeout. */
var = (msc_string *)apr_pcalloc(msr->mp, sizeof(msc_string));
var->name = "__expire_KEY";
var->name_len = strlen(var->name);
- var->value = apr_psprintf(msr->mp, "%" APR_TIME_T_FMT, (apr_time_t)(apr_time_sec(msr->request_time) + 3600));
+ var->value = apr_psprintf(msr->mp, "%" APR_TIME_T_FMT, (apr_time_t)(apr_time_sec(msr->request_time) + msr->txcfg->col_timeout));
var->value_len = strlen(var->value);
apr_table_setn(table, var->name, (void *)var);
@@ -1761,7 +1765,7 @@
var = apr_pcalloc(msr->mp, sizeof(msc_string));
var->name = "TIMEOUT";
var->name_len = strlen(var->name);
- var->value = apr_psprintf(msr->mp, "%d", 3600);
+ var->value = apr_psprintf(msr->mp, "%d", msr->txcfg->col_timeout);
var->value_len = strlen(var->value);
apr_table_setn(table, var->name, (void *)var);
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/re_operators.c
^
|
| @@ -455,13 +455,12 @@
msr->stream_output_length = size;
if(stream_output_data == NULL) {
- free (msr->stream_output_data);
- msr->stream_output_data = NULL;
return -1;
}
var->value_len = size;
msr->of_stream_changed = 1;
+
msr->stream_output_data = (char *)stream_output_data;
if(msr->stream_output_data != NULL)
apr_cpystrn(msr->stream_output_data, data, size);
@@ -475,16 +474,15 @@
msr->stream_input_length = size;
if(stream_input_data == NULL) {
- free (msr->stream_input_data);
- msr->stream_input_data = NULL;
return -1;
}
var->value_len = size;
+ msr->if_stream_changed = 1;
+
msr->stream_input_data = (char *)stream_input_data;
if(msr->stream_input_data != NULL)
apr_cpystrn(msr->stream_input_data, data, size);
- msr->if_stream_changed = 1;
}
if (! *error_msg) {
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/re_tfns.c
^
|
| @@ -544,6 +544,17 @@
return 1;
}
+/* sqlHexDecode */
+
+static int msre_fn_sqlHexDecode_execute(apr_pool_t *mptmp, unsigned char *input,
+ long int input_len, char **rval, long int *rval_len)
+{
+ *rval_len = sql_hex2bytes_inplace(input, input_len);
+ *rval = (char *)input;
+
+ return 1;
+}
+
/* hexDecode */
static int msre_fn_hexDecode_execute(apr_pool_t *mptmp, unsigned char *input,
@@ -797,6 +808,12 @@
msre_fn_escapeSeqDecode_execute
);
+ /* sqlHexDecode */
+ msre_engine_tfn_register(engine,
+ "sqlHexDecode",
+ msre_fn_sqlHexDecode_execute
+ );
+
/* hexDecode */
msre_engine_tfn_register(engine,
"hexDecode",
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/apache2/re_variables.c
^
|
| @@ -1888,7 +1888,7 @@
else
rvar->is_negated = 1;
- apr_table_setn(vartab, rvar->name, (void *)rvar);
+ apr_table_addn(vartab, rvar->name, (void *)rvar);
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Set variable \"%s\" value \"%s\" size %d to collection.", rvar->name, rvar->value, rvar->value_len);
@@ -1948,7 +1948,7 @@
else
rvar->is_negated = 1;
- apr_table_setn(vartab, rvar->name, (void *)rvar);
+ apr_table_addn(vartab, rvar->name, (void *)rvar);
if (msr->txcfg->debuglog_level >= 9) {
msr_log(msr, 9, "Set variable \"%s\" value \"%s\" size %d to collection.", rvar->name, rvar->value, rvar->value_len);
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/configure
^
|
| @@ -12889,7 +12889,7 @@
fi
fi
-#MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api"
+MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api"
APXS_WRAPPER=build/apxs-wrapper
APXS_EXTRA_CFLAGS=""
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/configure.ac
^
|
| @@ -549,7 +549,7 @@
fi
fi
-#MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api"
+MODSEC_EXTRA_CFLAGS="$pcre_study $pcre_match_limit $pcre_match_limit_recursion $debug_conf $debug_cache $debug_acmp $debug_mem $perf_meas $modsec_api"
APXS_WRAPPER=build/apxs-wrapper
APXS_EXTRA_CFLAGS=""
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual.html
^
|
| @@ -55,7 +55,7 @@
var wgUserLanguage = "en";
var wgContentLanguage = "en";
var wgBreakFrames = false;
- var wgCurRevisionId = 441;
+ var wgCurRevisionId = 444;
var wgVersion = "1.15.1";
var wgEnableAPI = true;
var wgEnableWriteAPI = true;
@@ -334,6 +334,8 @@
class="tocnumber">6.65</span> <span class="toctext">SecUploadKeepFiles</span></a></li>
<li class="toclevel-2"><a href="#SecWebAppId"><span class="tocnumber">6.66</span>
<span class="toctext">SecWebAppId</span></a></li>
+<li class="toclevel-2"><a href="#SecCollectionTimeout"><span
+class="tocnumber">6.67</span> <span class="toctext">SecCollectionTimeout</span></a></li>
</ul>
</li>
<li class="toclevel-1"><a href="#Processing_Phases"><span
@@ -555,69 +557,71 @@
<ul>
<li class="toclevel-2"><a href="#base64Decode"><span class="tocnumber">9.1</span>
<span class="toctext">base64Decode</span></a></li>
+<li class="toclevel-2"><a href="#sqlHexDecode"><span class="tocnumber">9.2</span>
+ <span class="toctext">sqlHexDecode</span></a></li>
<li class="toclevel-2"><a href="#base64DecodeExt"><span
-class="tocnumber">9.2</span> <span class="toctext">base64DecodeExt</span></a></li>
-<li class="toclevel-2"><a href="#base64Encode"><span class="tocnumber">9.3</span>
+class="tocnumber">9.3</span> <span class="toctext">base64DecodeExt</span></a></li>
+<li class="toclevel-2"><a href="#base64Encode"><span class="tocnumber">9.4</span>
<span class="toctext">base64Encode</span></a></li>
-<li class="toclevel-2"><a href="#cmdLine"><span class="tocnumber">9.4</span>
+<li class="toclevel-2"><a href="#cmdLine"><span class="tocnumber">9.5</span>
<span class="toctext">cmdLine</span></a></li>
<li class="toclevel-2"><a href="#compressWhitespace"><span
-class="tocnumber">9.5</span> <span class="toctext">compressWhitespace</span></a></li>
-<li class="toclevel-2"><a href="#cssDecode"><span class="tocnumber">9.6</span>
+class="tocnumber">9.6</span> <span class="toctext">compressWhitespace</span></a></li>
+<li class="toclevel-2"><a href="#cssDecode"><span class="tocnumber">9.7</span>
<span class="toctext">cssDecode</span></a></li>
<li class="toclevel-2"><a href="#escapeSeqDecode"><span
-class="tocnumber">9.7</span> <span class="toctext">escapeSeqDecode</span></a></li>
-<li class="toclevel-2"><a href="#hexDecode"><span class="tocnumber">9.8</span>
+class="tocnumber">9.8</span> <span class="toctext">escapeSeqDecode</span></a></li>
+<li class="toclevel-2"><a href="#hexDecode"><span class="tocnumber">9.9</span>
<span class="toctext">hexDecode</span></a></li>
-<li class="toclevel-2"><a href="#hexEncode"><span class="tocnumber">9.9</span>
+<li class="toclevel-2"><a href="#hexEncode"><span class="tocnumber">9.10</span>
<span class="toctext">hexEncode</span></a></li>
<li class="toclevel-2"><a href="#htmlEntityDecode"><span
-class="tocnumber">9.10</span> <span class="toctext">htmlEntityDecode</span></a></li>
-<li class="toclevel-2"><a href="#jsDecode"><span class="tocnumber">9.11</span>
+class="tocnumber">9.11</span> <span class="toctext">htmlEntityDecode</span></a></li>
+<li class="toclevel-2"><a href="#jsDecode"><span class="tocnumber">9.12</span>
<span class="toctext">jsDecode</span></a></li>
-<li class="toclevel-2"><a href="#length"><span class="tocnumber">9.12</span>
+<li class="toclevel-2"><a href="#length"><span class="tocnumber">9.13</span>
<span class="toctext">length</span></a></li>
-<li class="toclevel-2"><a href="#lowercase"><span class="tocnumber">9.13</span>
+<li class="toclevel-2"><a href="#lowercase"><span class="tocnumber">9.14</span>
<span class="toctext">lowercase</span></a></li>
-<li class="toclevel-2"><a href="#md5"><span class="tocnumber">9.14</span>
+<li class="toclevel-2"><a href="#md5"><span class="tocnumber">9.15</span>
<span class="toctext">md5</span></a></li>
-<li class="toclevel-2"><a href="#none"><span class="tocnumber">9.15</span>
+<li class="toclevel-2"><a href="#none"><span class="tocnumber">9.16</span>
<span class="toctext">none</span></a></li>
-<li class="toclevel-2"><a href="#normalisePath"><span class="tocnumber">9.16</span>
+<li class="toclevel-2"><a href="#normalisePath"><span class="tocnumber">9.17</span>
<span class="toctext">normalisePath</span></a></li>
<li class="toclevel-2"><a href="#normalisePathWin"><span
-class="tocnumber">9.17</span> <span class="toctext">normalisePathWin</span></a></li>
-<li class="toclevel-2"><a href="#parityEven7bit"><span class="tocnumber">9.18</span>
+class="tocnumber">9.18</span> <span class="toctext">normalisePathWin</span></a></li>
+<li class="toclevel-2"><a href="#parityEven7bit"><span class="tocnumber">9.19</span>
<span class="toctext">parityEven7bit</span></a></li>
-<li class="toclevel-2"><a href="#parityOdd7bit"><span class="tocnumber">9.19</span>
+<li class="toclevel-2"><a href="#parityOdd7bit"><span class="tocnumber">9.20</span>
<span class="toctext">parityOdd7bit</span></a></li>
-<li class="toclevel-2"><a href="#parityZero7bit"><span class="tocnumber">9.20</span>
+<li class="toclevel-2"><a href="#parityZero7bit"><span class="tocnumber">9.21</span>
<span class="toctext">parityZero7bit</span></a></li>
-<li class="toclevel-2"><a href="#removeNulls"><span class="tocnumber">9.21</span>
+<li class="toclevel-2"><a href="#removeNulls"><span class="tocnumber">9.22</span>
<span class="toctext">removeNulls</span></a></li>
<li class="toclevel-2"><a href="#removeWhitespace"><span
-class="tocnumber">9.22</span> <span class="toctext">removeWhitespace</span></a></li>
+class="tocnumber">9.23</span> <span class="toctext">removeWhitespace</span></a></li>
<li class="toclevel-2"><a href="#replaceComments"><span
-class="tocnumber">9.23</span> <span class="toctext">replaceComments</span></a></li>
+class="tocnumber">9.24</span> <span class="toctext">replaceComments</span></a></li>
<li class="toclevel-2"><a href="#removeCommentsChar"><span
-class="tocnumber">9.24</span> <span class="toctext">removeCommentsChar</span></a></li>
-<li class="toclevel-2"><a href="#removeComments"><span class="tocnumber">9.25</span>
+class="tocnumber">9.25</span> <span class="toctext">removeCommentsChar</span></a></li>
+<li class="toclevel-2"><a href="#removeComments"><span class="tocnumber">9.26</span>
<span class="toctext">removeComments</span></a></li>
-<li class="toclevel-2"><a href="#replaceNulls"><span class="tocnumber">9.26</span>
+<li class="toclevel-2"><a href="#replaceNulls"><span class="tocnumber">9.27</span>
<span class="toctext">replaceNulls</span></a></li>
-<li class="toclevel-2"><a href="#urlDecode"><span class="tocnumber">9.27</span>
+<li class="toclevel-2"><a href="#urlDecode"><span class="tocnumber">9.28</span>
<span class="toctext">urlDecode</span></a></li>
-<li class="toclevel-2"><a href="#urlDecodeUni"><span class="tocnumber">9.28</span>
+<li class="toclevel-2"><a href="#urlDecodeUni"><span class="tocnumber">9.29</span>
<span class="toctext">urlDecodeUni</span></a></li>
-<li class="toclevel-2"><a href="#urlEncode"><span class="tocnumber">9.29</span>
+<li class="toclevel-2"><a href="#urlEncode"><span class="tocnumber">9.30</span>
<span class="toctext">urlEncode</span></a></li>
-<li class="toclevel-2"><a href="#sha1"><span class="tocnumber">9.30</span>
+<li class="toclevel-2"><a href="#sha1"><span class="tocnumber">9.31</span>
<span class="toctext">sha1</span></a></li>
-<li class="toclevel-2"><a href="#trimLeft"><span class="tocnumber">9.31</span>
+<li class="toclevel-2"><a href="#trimLeft"><span class="tocnumber">9.32</span>
<span class="toctext">trimLeft</span></a></li>
-<li class="toclevel-2"><a href="#trimRight"><span class="tocnumber">9.32</span>
+<li class="toclevel-2"><a href="#trimRight"><span class="tocnumber">9.33</span>
<span class="toctext">trimRight</span></a></li>
-<li class="toclevel-2"><a href="#trim"><span class="tocnumber">9.33</span>
+<li class="toclevel-2"><a href="#trim"><span class="tocnumber">9.34</span>
<span class="toctext">trim</span></a></li>
</ul>
</li>
@@ -1357,6 +1361,7 @@
log directories.
</p><p><b>Syntax:</b> <code>SecAuditLogFileMode octal_mode|"default"</code>
+</p><p><b>Default:</b> 0600
</p><p><b>Scope:</b> Any
</p><p><b>Version:</b> 2.5.10
</p><p><b>Example Usage:</b> <code>SecAuditLogFileMode 00640</code>
@@ -2614,6 +2619,17 @@
in conjunction with the Apache VirtualHost directives. Applications
namespace information is also recorded in the audit logs (using the
WebApp-Info header of the H part).
+</p><p>This directive is used to set collections timeout. For example:
+</p>
+<pre>SecCollectionTimeout 500</pre>
+<a name="SecCollectionTimeout" id="SecCollectionTimeout"></a><h2> <span
+class="mw-headline"> SecCollectionTimeout </span></h2>
+<p><b>Description:</b> Specifies the collections timeout. Default is
+3600 seconds.
+</p><p><b>Syntax:</b> <code>SecCollectionTimeout seconds</code>
+</p><p><b>Default:</b> 3600
+</p><p><b>Scope:</b> Any
+</p><p><b>Version:</b> 2.6.3
</p>
<a name="Processing_Phases" id="Processing_Phases"></a><h1> <span
class="mw-headline"> Processing Phases </span></h1>
@@ -3722,6 +3738,11 @@
SecRule TX:1 ^(\w+): t:base64Decode,capture,chain
SecRule TX:1 ^(admin|root|backup)$
</pre>
+<a name="sqlHexDecode" id="sqlHexDecode"></a><h2> <span
+class="mw-headline"> sqlHexDecode </span></h2>
+<p>Decode sql hex data. Example (0x414243) will be decoded to (ABC).
+Available as of 2.6.3
+</p>
<a name="base64DecodeExt" id="base64DecodeExt"></a><h2> <span
class="mw-headline"> base64DecodeExt </span></h2>
<p>Decodes a Base64-encoded string. Unlike base64Decode, this version
@@ -5794,13 +5815,13 @@
<!--
NewPP limit report
-Preprocessor node count: 718/1000000
+Preprocessor node count: 723/1000000
Post-expand include size: 0/2097152 bytes
Template argument size: 0/2097152 bytes
Expensive parser function count: 0/100
-->
-<!-- Saved in parser cache with key p_mod-security_mediawiki:pcache:idhash:12-0!1!0!!en!2!edit=0!printable=1 and timestamp 20110930150653 -->
+<!-- Saved in parser cache with key p_mod-security_mediawiki:pcache:idhash:12-0!1!0!!en!2!edit=0!printable=1 and timestamp 20111219124748 -->
<div class="printfooter">
Retrieved from "<a
href="http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual">http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual</a>"</div>
@@ -5910,7 +5931,7 @@
href="http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual&printable=yes&printable=yes"
rel="alternate" title="Printable version of this page [alt-shift-p]"
accesskey="p">Printable version</a></li> <li id="t-permalink"><a
-href="http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual&oldid=441"
+href="http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual&oldid=444"
title="Permanent link to this revision of the page">Permanent link</a></li>
</ul>
</div>
@@ -5922,15 +5943,15 @@
src="Reference_Manual_files/poweredby_mediawiki_88x31.png" alt="Powered
by MediaWiki"></a></div>
<ul id="f-list">
- <li id="lastmod"> This page was last modified on 30 September 2011,
- at 15:04.</li>
- <li id="viewcount">This page has been accessed 55,206 times.</li>
+ <li id="lastmod"> This page was last modified on 19 December 2011,
+at 12:16.</li>
+ <li id="viewcount">This page has been accessed 77,761 times.</li>
</ul>
</div>
</div>
<script type="text/javascript">if (window.runOnloadHook) runOnloadHook();</script>
-<!-- Served in 1.178 secs. -->
+<!-- Served in 1.177 secs. -->
<script type="text/javascript">
|
|
[-]
[+]
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files
^
|
| +(directory)
|
|
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files/600px-Apache_request_cycle-modsecurity.jpg
^
|
|
[-]
[+]
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files/ajax.js
^
|
| @@ -0,0 +1,167 @@
+// remote scripting library
+// (c) copyright 2005 modernmethod, inc
+var sajax_debug_mode = false;
+var sajax_request_type = "GET";
+
+/**
+* if sajax_debug_mode is true, this function outputs given the message into
+* the element with id = sajax_debug; if no such element exists in the document,
+* it is injected.
+*/
+function sajax_debug(text) {
+ if (!sajax_debug_mode) return false;
+
+ var e= document.getElementById('sajax_debug');
+
+ if (!e) {
+ e= document.createElement("p");
+ e.className= 'sajax_debug';
+ e.id= 'sajax_debug';
+
+ var b= document.getElementsByTagName("body")[0];
+
+ if (b.firstChild) b.insertBefore(e, b.firstChild);
+ else b.appendChild(e);
+ }
+
+ var m= document.createElement("div");
+ m.appendChild( document.createTextNode( text ) );
+
+ e.appendChild( m );
+
+ return true;
+}
+
+/**
+* compatibility wrapper for creating a new XMLHttpRequest object.
+*/
+function sajax_init_object() {
+ sajax_debug("sajax_init_object() called..")
+ var A;
+ try {
+ // Try the new style before ActiveX so we don't
+ // unnecessarily trigger warnings in IE 7 when
+ // set to prompt about ActiveX usage
+ A = new XMLHttpRequest();
+ } catch (e) {
+ try {
+ A=new ActiveXObject("Msxml2.XMLHTTP");
+ } catch (e) {
+ try {
+ A=new ActiveXObject("Microsoft.XMLHTTP");
+ } catch (oc) {
+ A=null;
+ }
+ }
+ }
+ if (!A)
+ sajax_debug("Could not create connection object.");
+
+ return A;
+}
+
+/**
+* Perform an ajax call to mediawiki. Calls are handeled by AjaxDispatcher.php
+* func_name - the name of the function to call. Must be registered in $wgAjaxExportList
+* args - an array of arguments to that function
+* target - the target that will handle the result of the call. If this is a function,
+* if will be called with the XMLHttpRequest as a parameter; if it's an input
+* element, its value will be set to the resultText; if it's another type of
+* element, its innerHTML will be set to the resultText.
+*
+* Example:
+* sajax_do_call('doFoo', [1, 2, 3], document.getElementById("showFoo"));
+*
+* This will call the doFoo function via MediaWiki's AjaxDispatcher, with
+* (1, 2, 3) as the parameter list, and will show the result in the element
+* with id = showFoo
+*/
+function sajax_do_call(func_name, args, target) {
+ var i, x, n;
+ var uri;
+ var post_data;
+ uri = wgServer +
+ ((wgScript == null) ? (wgScriptPath + "/index.php") : wgScript) +
+ "?action=ajax";
+ if (sajax_request_type == "GET") {
+ if (uri.indexOf("?") == -1)
+ uri = uri + "?rs=" + encodeURIComponent(func_name);
+ else
+ uri = uri + "&rs=" + encodeURIComponent(func_name);
+ for (i = 0; i < args.length; i++)
+ uri = uri + "&rsargs[]=" + encodeURIComponent(args[i]);
+ //uri = uri + "&rsrnd=" + new Date().getTime();
+ post_data = null;
+ } else {
+ post_data = "rs=" + encodeURIComponent(func_name);
+ for (i = 0; i < args.length; i++)
+ post_data = post_data + "&rsargs[]=" + encodeURIComponent(args[i]);
+ }
+ x = sajax_init_object();
+ if (!x) {
+ alert("AJAX not supported");
+ return false;
+ }
+
+ try {
+ x.open(sajax_request_type, uri, true);
+ } catch (e) {
+ if (window.location.hostname == "localhost") {
+ alert("Your browser blocks XMLHttpRequest to 'localhost', try using a real hostname for development/testing.");
+ }
+ throw e;
+ }
+ if (sajax_request_type == "POST") {
+ x.setRequestHeader("Method", "POST " + uri + " HTTP/1.1");
+ x.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
+ }
+ x.setRequestHeader("Pragma", "cache=yes");
+ x.setRequestHeader("Cache-Control", "no-transform");
+ x.onreadystatechange = function() {
+ if (x.readyState != 4)
+ return;
+
+ sajax_debug("received (" + x.status + " " + x.statusText + ") " + x.responseText);
+
+ //if (x.status != 200)
+ // alert("Error: " + x.status + " " + x.statusText + ": " + x.responseText);
+ //else
+
+ if ( typeof( target ) == 'function' ) {
+ target( x );
+ }
+ else if ( typeof( target ) == 'object' ) {
+ if ( target.tagName == 'INPUT' ) {
+ if (x.status == 200) target.value= x.responseText;
+ //else alert("Error: " + x.status + " " + x.statusText + " (" + x.responseText + ")");
+ }
+ else {
+ if (x.status == 200) target.innerHTML = x.responseText;
+ else target.innerHTML= "<div class='error'>Error: " + x.status + " " + x.statusText + " (" + x.responseText + ")</div>";
+ }
+ }
+ else {
+ alert("bad target for sajax_do_call: not a function or object: " + target);
+ }
+
+ return;
+ }
+
+ sajax_debug(func_name + " uri = " + uri + " / post = " + post_data);
+ x.send(post_data);
+ sajax_debug(func_name + " waiting..");
+ delete x;
+
+ return true;
+}
+
+/**
+ * @return boolean whether the browser supports XMLHttpRequest
+ */
+function wfSupportsAjax() {
+ var request = sajax_init_object();
+ var supportsAjax = request ? true : false;
+ delete request;
+ return supportsAjax;
+}
+
|
|
[-]
[+]
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files/commonPrint.css
^
|
| @@ -0,0 +1,267 @@
+/*
+** MediaWiki Print style sheet for CSS2-capable browsers.
+** Copyright Gabriel Wicke, http://www.aulinx.de/
+**
+** Derived from the plone (http://plone.org/) styles
+** Copyright Alexander Limi
+*/
+
+/* Thanks to A List Apart (http://alistapart.com/) for useful extras */
+a.stub,
+a.new{ color:#ba0000; text-decoration:none; }
+
+#toc {
+ /*border:1px solid #2f6fab;*/
+ border:1px solid #aaaaaa;
+ background-color:#f9f9f9;
+ padding:5px;
+}
+.tocindent {
+ margin-left: 2em;
+}
+.tocline {
+ margin-bottom: 0px;
+}
+
+/* images */
+div.floatright {
+ float: right;
+ clear: right;
+ margin: 0;
+ position:relative;
+ border: 0.5em solid White;
+ border-width: 0.5em 0 0.8em 1.4em;
+}
+div.floatright p { font-style: italic;}
+div.floatleft {
+ float: left;
+ margin: 0.3em 0.5em 0.5em 0;
+ position:relative;
+ border: 0.5em solid White;
+ border-width: 0.5em 1.4em 0.8em 0;
+}
+div.floatleft p { font-style: italic; }
+/* thumbnails */
+div.thumb {
+ margin-bottom: 0.5em;
+ border-style: solid; border-color: White;
+ width: auto;
+ overflow: hidden;
+}
+div.thumb div {
+ border:1px solid #cccccc;
+ padding: 3px !important;
+ background-color:#f9f9f9;
+ font-size: 94%;
+ text-align: center;
+}
+div.thumb div a img {
+ border:1px solid #cccccc;
+}
+div.thumb div div.thumbcaption {
+ border: none;
+ padding: 0.3em 0 0.1em 0;
+}
+div.magnify { display: none; }
+div.tright {
+ float: right;
+ clear: right;
+ border-width: 0.5em 0 0.8em 1.4em;
+}
+div.tleft {
+ float: left;
+ margin-right:0.5em;
+ border-width: 0.5em 1.4em 0.8em 0;
+}
+img.thumbborder {
+ border: 1px solid #dddddd;
+}
+
+/* table standards */
+table.rimage {
+ float:right;
+ width:1pt;
+ position:relative;
+ margin-left:1em;
+ margin-bottom:1em;
+ text-align:center;
+}
+
+body {
+ background: White;
+ /*font-size: 11pt !important;*/
+ color: Black;
+ margin: 0;
+ padding: 0;
+}
+
+.noprint,
+div#jump-to-nav,
+div.top,
+div#column-one,
+#colophon,
+.editsection,
+.toctoggle,
+.tochidden,
+div#f-poweredbyico,
+div#f-copyrightico,
+li#viewcount,
+li#about,
+li#disclaimer,
+li#privacy {
+ /* Hides all the elements irrelevant for printing */
+ display: none;
+}
+
+ul {
+ list-style-type: square;
+}
+
+#content {
+ background: none;
+ border: none ! important;
+ padding: 0 ! important;
+ margin: 0 ! important;
+}
+#footer {
+ background : white;
+ color : black;
+ border-top: 1px solid black;
+}
+
+h1, h2, h3, h4, h5, h6 {
+ font-weight: bold;
+}
+
+p, .documentDescription {
+ margin: 1em 0 ! important;
+ line-height: 1.2em;
+}
+
+.tocindent p {
+ margin: 0 0 0 0 ! important;
+}
+
+pre {
+ border: 1pt dashed black;
+ white-space: pre;
+ font-size: 8pt;
+ overflow: auto;
+ padding: 1em 0;
+ background : white;
+ color : black;
+}
+
+table.listing,
+table.listing td {
+ border: 1pt solid black;
+ border-collapse: collapse;
+}
+
+a {
+ color: Black !important;
+ background: none !important;
+ padding: 0 !important;
+}
+
+a:link, a:visited {
+ color: #520;
+ background: transparent;
+ text-decoration: underline;
+}
+
+#content a.external.text:after, #content a.external.autonumber:after {
+ /* Expand URLs for printing */
+ content: " (" attr(href) ") ";
+}
+
+#globalWrapper {
+ width: 100% !important;
+ min-width: 0 !important;
+}
+
+#content {
+ background : white;
+ color : black;
+}
+
+#column-content {
+ margin: 0 !important;
+}
+
+#column-content #content {
+ padding: 1em;
+ margin: 0 !important;
+}
+/* MSIE/Win doesn't understand 'inherit' */
+a, a.external, a.new, a.stub {
+ color: black ! important;
+ text-decoration: none ! important;
+}
+
+/* Continue ... */
+a, a.external, a.new, a.stub {
+ color: inherit ! important;
+ text-decoration: inherit ! important;
+}
+
+img { border: none; }
+img.tex { vertical-align: middle; }
+span.texhtml { font-family: serif; }
+
+#siteNotice { display: none; }
+
+table.gallery {
+ border: 1px solid #cccccc;
+ margin: 2px;
+ padding: 2px;
+ background-color:#ffffff;
+}
+
+table.gallery tr {
+ vertical-align:top;
+}
+
+div.gallerybox {
+ border: 1px solid #cccccc;
+ margin: 2px;
+ background-color:#f9f9f9;
+ width: 150px;
+}
+
+div.gallerybox div.thumb {
+ text-align: center;
+ border: 1px solid #cccccc;
+ margin: 2px;
+}
+
+div.gallerytext {
+ font-size: 94%;
+ padding: 2px 4px;
+}
+
+/*
+** Diff rendering
+*/
+table.diff { background:white; }
+td.diff-otitle { background:#ffffff; }
+td.diff-ntitle { background:#ffffff; }
+td.diff-addedline {
+ background:#ccffcc;
+ font-size: smaller;
+ border: solid 2px black;
+}
+td.diff-deletedline {
+ background:#ffffaa;
+ font-size: smaller;
+ border: dotted 2px black;
+}
+td.diff-context {
+ background:#eeeeee;
+ font-size: smaller;
+}
+.diffchange {
+ color: silver;
+ font-weight: bold;
+ text-decoration: underline;
+}
|
|
[-]
[+]
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files/index.css
^
|
| @@ -0,0 +1 @@
+/* CSS placed here will affect the print output */
\ No newline at end of file
|
|
[-]
[+]
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files/index.php
^
|
| @@ -0,0 +1,8 @@
+/* generated javascript */
+var skin = 'sourceforge';
+var stylepath = '/apps/mediawiki/mod-security/skins';
+
+/* MediaWiki:Common.js */
+/* Any JavaScript here will be loaded for all users on every page load. */
+
+/* MediaWiki:Sourceforge.js */
|
|
[-]
[+]
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files/index_002.css
^
|
| @@ -0,0 +1,2 @@
+/* generated user stylesheet */
+a.new, #quickbar a.new { color: #CC2200; }
|
|
[-]
[+]
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files/index_003.css
^
|
| @@ -0,0 +1 @@
+/* CSS placed here will be applied to all skins */
\ No newline at end of file
|
|
[-]
[+]
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files/index_004.css
^
|
| @@ -0,0 +1 @@
+/* Empty */
\ No newline at end of file
|
|
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files/poweredby_mediawiki_88x31.png
^
|
|
[-]
[+]
|
Added |
modsecurity-apache_2.6.3.tar.bz2/doc/Reference_Manual_files/wikibits.js
^
|
| @@ -0,0 +1,1000 @@
+// MediaWiki JavaScript support functions
+
+var clientPC = navigator.userAgent.toLowerCase(); // Get client info
+var is_gecko = /gecko/.test( clientPC ) &&
+ !/khtml|spoofer|netscape\/7\.0/.test(clientPC);
+var webkit_match = clientPC.match(/applewebkit\/(\d+)/);
+if (webkit_match) {
+ var is_safari = clientPC.indexOf('applewebkit') != -1 &&
+ clientPC.indexOf('spoofer') == -1;
+ var is_safari_win = is_safari && clientPC.indexOf('windows') != -1;
+ var webkit_version = parseInt(webkit_match[1]);
+}
+var is_khtml = navigator.vendor == 'KDE' ||
+ ( document.childNodes && !document.all && !navigator.taintEnabled );
+// For accesskeys; note that FF3+ is included here!
+var is_ff2 = /firefox\/[2-9]|minefield\/3/.test( clientPC );
+var is_ff2_ = /firefox\/2/.test( clientPC );
+// These aren't used here, but some custom scripts rely on them
+var is_ff2_win = is_ff2 && clientPC.indexOf('windows') != -1;
+var is_ff2_x11 = is_ff2 && clientPC.indexOf('x11') != -1;
+if (clientPC.indexOf('opera') != -1) {
+ var is_opera = true;
+ var is_opera_preseven = window.opera && !document.childNodes;
+ var is_opera_seven = window.opera && document.childNodes;
+ var is_opera_95 = /opera\/(9.[5-9]|[1-9][0-9])/.test( clientPC );
+}
+
+// Global external objects used by this script.
+/*extern ta, stylepath, skin */
+
+// add any onload functions in this hook (please don't hard-code any events in the xhtml source)
+var doneOnloadHook;
+
+if (!window.onloadFuncts) {
+ var onloadFuncts = [];
+}
+
+function addOnloadHook(hookFunct) {
+ // Allows add-on scripts to add onload functions
+ if(!doneOnloadHook) {
+ onloadFuncts[onloadFuncts.length] = hookFunct;
+ } else {
+ hookFunct(); // bug in MSIE script loading
+ }
+}
+
+function hookEvent(hookName, hookFunct) {
+ addHandler(window, hookName, hookFunct);
+}
+
+function importScript(page) {
+ var uri = wgScript + '?title=' +
+ encodeURIComponent(page.replace(/ /g,'_')).replace('%2F','/').replace('%3A',':') +
+ '&action=raw&ctype=text/javascript';
+ return importScriptURI(uri);
+}
+
+var loadedScripts = {}; // included-scripts tracker
+function importScriptURI(url) {
+ if (loadedScripts[url]) {
+ return null;
+ }
+ loadedScripts[url] = true;
+ var s = document.createElement('script');
+ s.setAttribute('src',url);
+ s.setAttribute('type','text/javascript');
+ document.getElementsByTagName('head')[0].appendChild(s);
+ return s;
+}
+
+function importStylesheet(page) {
+ return importStylesheetURI(wgScript + '?action=raw&ctype=text/css&title=' + encodeURIComponent(page.replace(/ /g,'_')));
+}
+
+function importStylesheetURI(url) {
+ return document.createStyleSheet ? document.createStyleSheet(url) : appendCSS('@import "' + url + '";');
+}
+
+function appendCSS(text) {
+ var s = document.createElement('style');
+ s.type = 'text/css';
+ s.rel = 'stylesheet';
+ if (s.styleSheet) s.styleSheet.cssText = text //IE
+ else s.appendChild(document.createTextNode(text + '')) //Safari sometimes borks on null
+ document.getElementsByTagName('head')[0].appendChild(s);
+ return s;
+}
+
+// special stylesheet links
+if (typeof stylepath != 'undefined' && typeof skin != 'undefined') {
+ if (is_opera_preseven) {
+ importStylesheetURI(stylepath+'/'+skin+'/Opera6Fixes.css');
+ } else if (is_opera_seven && !is_opera_95) {
+ importStylesheetURI(stylepath+'/'+skin+'/Opera7Fixes.css');
+ } else if (is_opera_95) {
+ importStylesheetURI(stylepath+'/'+skin+'/Opera9Fixes.css');
+ } else if (is_khtml) {
+ importStylesheetURI(stylepath+'/'+skin+'/KHTMLFixes.css');
+ } else if (is_ff2_) {
+ importStylesheetURI(stylepath+'/'+skin+'/FF2Fixes.css');
+ }
+}
+
+if (wgBreakFrames) {
+ // Un-trap us from framesets
+ if (window.top != window) {
+ window.top.location = window.location;
+ }
+}
+
+function showTocToggle() {
+ if (document.createTextNode) {
+ // Uses DOM calls to avoid document.write + XHTML issues
+
+ var linkHolder = document.getElementById('toctitle');
+ if (!linkHolder) {
+ return;
+ }
+
+ var outerSpan = document.createElement('span');
+ outerSpan.className = 'toctoggle';
+
+ var toggleLink = document.createElement('a');
+ toggleLink.id = 'togglelink';
+ toggleLink.className = 'internal';
+ toggleLink.href = 'javascript:toggleToc()';
+ toggleLink.appendChild(document.createTextNode(tocHideText));
+
+ outerSpan.appendChild(document.createTextNode('['));
+ outerSpan.appendChild(toggleLink);
+ outerSpan.appendChild(document.createTextNode(']'));
+
+ linkHolder.appendChild(document.createTextNode(' '));
+ linkHolder.appendChild(outerSpan);
+
+ var cookiePos = document.cookie.indexOf("hidetoc=");
+ if (cookiePos > -1 && document.cookie.charAt(cookiePos + 8) == 1) {
+ toggleToc();
+ }
+ }
+}
+
+function changeText(el, newText) {
+ // Safari work around
+ if (el.innerText) {
+ el.innerText = newText;
+ } else if (el.firstChild && el.firstChild.nodeValue) {
+ el.firstChild.nodeValue = newText;
+ }
+}
+
+function toggleToc() {
+ var toc = document.getElementById('toc').getElementsByTagName('ul')[0];
+ var toggleLink = document.getElementById('togglelink');
+
+ if (toc && toggleLink && toc.style.display == 'none') {
+ changeText(toggleLink, tocHideText);
+ toc.style.display = 'block';
+ document.cookie = "hidetoc=0";
+ } else {
+ changeText(toggleLink, tocShowText);
+ toc.style.display = 'none';
+ document.cookie = "hidetoc=1";
+ }
+}
+
+var mwEditButtons = [];
+var mwCustomEditButtons = []; // eg to add in MediaWiki:Common.js
+
+function escapeQuotes(text) {
+ var re = new RegExp("'","g");
+ text = text.replace(re,"\\'");
+ re = new RegExp("\\n","g");
+ text = text.replace(re,"\\n");
+ return escapeQuotesHTML(text);
+}
+
+function escapeQuotesHTML(text) {
+ var re = new RegExp('&',"g");
+ text = text.replace(re,"&");
+ re = new RegExp('"',"g");
+ text = text.replace(re,""");
+ re = new RegExp('<',"g");
+ text = text.replace(re,"<");
+ re = new RegExp('>',"g");
+ text = text.replace(re,">");
+ return text;
+}
+
+
+/**
+ * Set the accesskey prefix based on browser detection.
+ */
+var tooltipAccessKeyPrefix = 'alt-';
+if (is_opera) {
+ tooltipAccessKeyPrefix = 'shift-esc-';
+} else if (!is_safari_win && is_safari && webkit_version > 526) {
+ tooltipAccessKeyPrefix = 'ctrl-alt-';
+} else if (!is_safari_win && (is_safari
+ || clientPC.indexOf('mac') != -1
+ || clientPC.indexOf('konqueror') != -1 )) {
+ tooltipAccessKeyPrefix = 'ctrl-';
+} else if (is_ff2) {
+ tooltipAccessKeyPrefix = 'alt-shift-';
+}
+var tooltipAccessKeyRegexp = /\[(ctrl-)?(alt-)?(shift-)?(esc-)?(.)\]$/;
+
+/**
+ * Add the appropriate prefix to the accesskey shown in the tooltip.
+ * If the nodeList parameter is given, only those nodes are updated;
+ * otherwise, all the nodes that will probably have accesskeys by
+ * default are updated.
+ *
+ * @param Array nodeList -- list of elements to update
+ */
+function updateTooltipAccessKeys( nodeList ) {
+ if ( !nodeList ) {
+ // skins without a "column-one" element don't seem to have links with accesskeys either
+ var columnOne = document.getElementById("column-one");
+ if ( columnOne )
+ updateTooltipAccessKeys( columnOne.getElementsByTagName("a") );
+ // these are rare enough that no such optimization is needed
+ updateTooltipAccessKeys( document.getElementsByTagName("input") );
+ updateTooltipAccessKeys( document.getElementsByTagName("label") );
+ return;
+ }
+
+ for ( var i = 0; i < nodeList.length; i++ ) {
+ var element = nodeList[i];
+ var tip = element.getAttribute("title");
+ if ( tip && tooltipAccessKeyRegexp.exec(tip) ) {
+ tip = tip.replace(tooltipAccessKeyRegexp,
+ "["+tooltipAccessKeyPrefix+"$5]");
+ element.setAttribute("title", tip );
+ }
+ }
+}
+
+/**
+ * Add a link to one of the portlet menus on the page, including:
+ *
+ * p-cactions: Content actions (shown as tabs above the main content in Monobook)
+ * p-personal: Personal tools (shown at the top right of the page in Monobook)
+ * p-navigation: Navigation
+ * p-tb: Toolbox
+ *
+ * This function exists for the convenience of custom JS authors. All
+ * but the first three parameters are optional, though providing at
+ * least an id and a tooltip is recommended.
+ *
+ * By default the new link will be added to the end of the list. To
+ * add the link before a given existing item, pass the DOM node of
+ * that item (easily obtained with document.getElementById()) as the
+ * nextnode parameter; to add the link _after_ an existing item, pass
+ * the node's nextSibling instead.
+ *
+ * @param String portlet -- id of the target portlet ("p-cactions", "p-personal", "p-navigation" or "p-tb")
+ * @param String href -- link URL
+ * @param String text -- link text (will be automatically lowercased by CSS for p-cactions in Monobook)
+ * @param String id -- id of the new item, should be unique and preferably have the appropriate prefix ("ca-", "pt-", "n-" or "t-")
+ * @param String tooltip -- text to show when hovering over the link, without accesskey suffix
+ * @param String accesskey -- accesskey to activate this link (one character, try to avoid conflicts)
+ * @param Node nextnode -- the DOM node before which the new item should be added, should be another item in the same list
+ *
+ * @return Node -- the DOM node of the new item (an LI element) or null
+ */
+function addPortletLink(portlet, href, text, id, tooltip, accesskey, nextnode) {
+ var node = document.getElementById(portlet);
+ if ( !node ) return null;
+ node = node.getElementsByTagName( "ul" )[0];
+ if ( !node ) return null;
+
+ var link = document.createElement( "a" );
+ link.appendChild( document.createTextNode( text ) );
+ link.href = href;
+
+ var item = document.createElement( "li" );
+ item.appendChild( link );
+ if ( id ) item.id = id;
+
+ if ( accesskey ) {
+ link.setAttribute( "accesskey", accesskey );
+ tooltip += " ["+accesskey+"]";
+ }
+ if ( tooltip ) {
+ link.setAttribute( "title", tooltip );
+ }
+ if ( accesskey && tooltip ) {
+ updateTooltipAccessKeys( new Array( link ) );
+ }
+
+ if ( nextnode && nextnode.parentNode == node )
+ node.insertBefore( item, nextnode );
+ else
+ node.appendChild( item ); // IE compatibility (?)
+
+ return item;
+}
+
+function getInnerText(el) {
+ if (typeof el == "string") return el;
+ if (typeof el == "undefined") { return el };
+ if (el.textContent) return el.textContent; // not needed but it is faster
+ if (el.innerText) return el.innerText; // IE doesn't have textContent
+ var str = "";
+
+ var cs = el.childNodes;
+ var l = cs.length;
+ for (var i = 0; i < l; i++) {
+ switch (cs[i].nodeType) {
+ case 1: //ELEMENT_NODE
+ str += ts_getInnerText(cs[i]);
+ break;
+ case 3: //TEXT_NODE
+ str += cs[i].nodeValue;
+ break;
+ }
+ }
+ return str;
+}
+
+
+/**
+ * Set up accesskeys/tooltips from the deprecated ta array. If doId
+ * is specified, only set up for that id. Note that this function is
+ * deprecated and will not be supported indefinitely -- use
+ * updateTooltipAccessKey() instead.
+ *
+ * @param mixed doId string or null
+ */
+function akeytt( doId ) {
+ // A lot of user scripts (and some of the code below) break if
+ // ta isn't defined, so we make sure it is. Explictly using
+ // window.ta avoids a "ta is not defined" error.
+ if (!window.ta) window.ta = new Array;
+
+ // Make a local, possibly restricted, copy to avoid clobbering
+ // the original.
+ var ta;
+ if ( doId ) {
+ ta = [doId];
+ } else {
+ ta = window.ta;
+ }
+
+ // Now deal with evil deprecated ta
+ var watchCheckboxExists = document.getElementById( 'wpWatchthis' ) ? true : false;
+ for (var id in ta) {
+ var n = document.getElementById(id);
+ if (n) {
+ var a = null;
+ var ak = '';
+ // Are we putting accesskey in it
+ if (ta[id][0].length > 0) {
+ // Is this object a object? If not assume it's the next child.
+
+ if (n.nodeName.toLowerCase() == "a") {
+ a = n;
+ } else {
+ a = n.childNodes[0];
+ }
+ // Don't add an accesskey for the watch tab if the watch
+ // checkbox is also available.
+ if (a && ((id != 'ca-watch' && id != 'ca-unwatch') || !watchCheckboxExists)) {
+ a.accessKey = ta[id][0];
+ ak = ' ['+tooltipAccessKeyPrefix+ta[id][0]+']';
+ }
+ } else {
+ // We don't care what type the object is when assigning tooltip
+ a = n;
+ ak = '';
+ }
+
+ if (a) {
+ a.title = ta[id][1]+ak;
+ }
+ }
+ }
+}
+
+var checkboxes;
+var lastCheckbox;
+
+function setupCheckboxShiftClick() {
+ checkboxes = [];
+ lastCheckbox = null;
+ var inputs = document.getElementsByTagName('input');
+ addCheckboxClickHandlers(inputs);
+}
+
+function addCheckboxClickHandlers(inputs, start) {
+ if ( !start) start = 0;
+
+ var finish = start + 250;
+ if ( finish > inputs.length )
+ finish = inputs.length;
+
+ for ( var i = start; i < finish; i++ ) {
+ var cb = inputs[i];
+ if ( !cb.type || cb.type.toLowerCase() != 'checkbox' )
+ continue;
+ var end = checkboxes.length;
+ checkboxes[end] = cb;
+ cb.index = end;
+ cb.onclick = checkboxClickHandler;
+ }
+
+ if ( finish < inputs.length ) {
+ setTimeout( function () {
+ addCheckboxClickHandlers(inputs, finish);
+ }, 200 );
+ }
+}
+
+function checkboxClickHandler(e) {
+ if (typeof e == 'undefined') {
+ e = window.event;
+ }
+ if ( !e.shiftKey || lastCheckbox === null ) {
+ lastCheckbox = this.index;
+ return true;
+ }
+ var endState = this.checked;
+ var start, finish;
+ if ( this.index < lastCheckbox ) {
+ start = this.index + 1;
+ finish = lastCheckbox;
+ } else {
+ start = lastCheckbox;
+ finish = this.index - 1;
+ }
+ for (var i = start; i <= finish; ++i ) {
+ checkboxes[i].checked = endState;
+ }
+ lastCheckbox = this.index;
+ return true;
+}
+
+function toggle_element_activation(ida,idb) {
+ if (!document.getElementById) {
+ return;
+ }
+ document.getElementById(ida).disabled=true;
+ document.getElementById(idb).disabled=false;
+}
+
+function toggle_element_check(ida,idb) {
+ if (!document.getElementById) {
+ return;
+ }
+ document.getElementById(ida).checked=true;
+ document.getElementById(idb).checked=false;
+}
+
+/*
+ Written by Jonathan Snook, http://www.snook.ca/jonathan
+ Add-ons by Robert Nyman, http://www.robertnyman.com
+ Author says "The credit comment is all it takes, no license. Go crazy with it!:-)"
+ From http://www.robertnyman.com/2005/11/07/the-ultimate-getelementsbyclassname/
+*/
+function getElementsByClassName(oElm, strTagName, oClassNames){
+ var arrReturnElements = new Array();
+ if ( typeof( oElm.getElementsByClassName ) == "function" ) {
+ /* Use a native implementation where possible FF3, Saf3.2, Opera 9.5 */
+ var arrNativeReturn = oElm.getElementsByClassName( oClassNames );
+ if ( strTagName == "*" )
+ return arrNativeReturn;
+ for ( var h=0; h < arrNativeReturn.length; h++ ) {
+ if( arrNativeReturn[h].tagName.toLowerCase() == strTagName.toLowerCase() )
+ arrReturnElements[arrReturnElements.length] = arrNativeReturn[h];
+ }
+ return arrReturnElements;
+ }
+ var arrElements = (strTagName == "*" && oElm.all)? oElm.all : oElm.getElementsByTagName(strTagName);
+ var arrRegExpClassNames = new Array();
+ if(typeof oClassNames == "object"){
+ for(var i=0; i<oClassNames.length; i++){
+ arrRegExpClassNames[arrRegExpClassNames.length] =
+ new RegExp("(^|\\s)" + oClassNames[i].replace(/\-/g, "\\-") + "(\\s|$)");
+ }
+ }
+ else{
+ arrRegExpClassNames[arrRegExpClassNames.length] =
+ new RegExp("(^|\\s)" + oClassNames.replace(/\-/g, "\\-") + "(\\s|$)");
+ }
+ var oElement;
+ var bMatchesAll;
+ for(var j=0; j<arrElements.length; j++){
+ oElement = arrElements[j];
+ bMatchesAll = true;
+ for(var k=0; k<arrRegExpClassNames.length; k++){
+ if(!arrRegExpClassNames[k].test(oElement.className)){
+ bMatchesAll = false;
+ break;
+ }
+ }
+ if(bMatchesAll){
+ arrReturnElements[arrReturnElements.length] = oElement;
+ }
+ }
+ return (arrReturnElements)
+}
+
+function redirectToFragment(fragment) {
+ var match = navigator.userAgent.match(/AppleWebKit\/(\d+)/);
+ if (match) {
+ var webKitVersion = parseInt(match[1]);
+ if (webKitVersion < 420) {
+ // Released Safari w/ WebKit 418.9.1 messes up horribly
+ // Nightlies of 420+ are ok
+ return;
+ }
+ }
+ if (is_gecko) {
+ // Mozilla needs to wait until after load, otherwise the window doesn't scroll
+ addOnloadHook(function () {
+ if (window.location.hash == "")
+ window.location.hash = fragment;
+ });
+ } else {
+ if (window.location.hash == "")
+ window.location.hash = fragment;
+ }
+}
+
+/*
+ * Table sorting script based on one (c) 1997-2006 Stuart Langridge and Joost
+ * de Valk:
+ * http://www.joostdevalk.nl/code/sortable-table/
+ * http://www.kryogenix.org/code/browser/sorttable/
+ *
+ * @todo don't break on colspans/rowspans (bug 8028)
+ * @todo language-specific digit grouping/decimals (bug 8063)
+ * @todo support all accepted date formats (bug 8226)
+ */
+
+var ts_image_path = stylepath+"/common/images/";
+var ts_image_up = "sort_up.gif";
+var ts_image_down = "sort_down.gif";
+var ts_image_none = "sort_none.gif";
+var ts_europeandate = wgContentLanguage != "en"; // The non-American-inclined can change to "true"
+var ts_alternate_row_colors = false;
+var ts_number_transform_table = null;
+var ts_number_regex = null;
+
+function sortables_init() {
+ var idnum = 0;
+ // Find all tables with class sortable and make them sortable
+ var tables = getElementsByClassName(document, "table", "sortable");
+ for (var ti = 0; ti < tables.length ; ti++) {
+ if (!tables[ti].id) {
+ tables[ti].setAttribute('id','sortable_table_id_'+idnum);
+ ++idnum;
+ }
+ ts_makeSortable(tables[ti]);
+ }
+}
+
+function ts_makeSortable(table) {
+ var firstRow;
+ if (table.rows && table.rows.length > 0) {
+ if (table.tHead && table.tHead.rows.length > 0) {
+ firstRow = table.tHead.rows[table.tHead.rows.length-1];
+ } else {
+ firstRow = table.rows[0];
+ }
+ }
+ if (!firstRow) return;
+
+ // We have a first row: assume it's the header, and make its contents clickable links
+ for (var i = 0; i < firstRow.cells.length; i++) {
+ var cell = firstRow.cells[i];
+ if ((" "+cell.className+" ").indexOf(" unsortable ") == -1) {
+ cell.innerHTML += ' '
+ + '<a href="#" class="sortheader" '
+ + 'onclick="ts_resortTable(this);return false;">'
+ + '<span class="sortarrow">'
+ + '<img src="'
+ + ts_image_path
+ + ts_image_none
+ + '" alt="↓"/></span></a>';
+ }
+ }
+ if (ts_alternate_row_colors) {
+ ts_alternate(table);
+ }
+}
+
+function ts_getInnerText(el) {
+ return getInnerText( el );
+}
+
+function ts_resortTable(lnk) {
+ // get the span
+ var span = lnk.getElementsByTagName('span')[0];
+
+ var td = lnk.parentNode;
+ var tr = td.parentNode;
+ var column = td.cellIndex;
+
+ var table = tr.parentNode;
+ while (table && !(table.tagName && table.tagName.toLowerCase() == 'table'))
+ table = table.parentNode;
+ if (!table) return;
+
+ if (table.rows.length <= 1) return;
+
+ // Generate the number transform table if it's not done already
+ if (ts_number_transform_table == null) {
+ ts_initTransformTable();
+ }
+
+ // Work out a type for the column
+ // Skip the first row if that's where the headings are
+ var rowStart = (table.tHead && table.tHead.rows.length > 0 ? 0 : 1);
+
+ var itm = "";
+ for (var i = rowStart; i < table.rows.length; i++) {
+ if (table.rows[i].cells.length > column) {
+ itm = ts_getInnerText(table.rows[i].cells[column]);
+ itm = itm.replace(/^[\s\xa0]+/, "").replace(/[\s\xa0]+$/, "");
+ if (itm != "") break;
+ }
+ }
+
+ // TODO: bug 8226, localised date formats
+ var sortfn = ts_sort_generic;
+ var preprocessor = ts_toLowerCase;
+ if (/^\d\d[\/. -][a-zA-Z]{3}[\/. -]\d\d\d\d$/.test(itm)) {
+ preprocessor = ts_dateToSortKey;
+ } else if (/^\d\d[\/.-]\d\d[\/.-]\d\d\d\d$/.test(itm)) {
+ preprocessor = ts_dateToSortKey;
+ } else if (/^\d\d[\/.-]\d\d[\/.-]\d\d$/.test(itm)) {
+ preprocessor = ts_dateToSortKey;
+ // pound dollar euro yen currency cents
+ } else if (/(^[\u00a3$\u20ac\u00a4\u00a5]|\u00a2$)/.test(itm)) {
+ preprocessor = ts_currencyToSortKey;
+ } else if (ts_number_regex.test(itm)) {
+ preprocessor = ts_parseFloat;
+ }
+
+ var reverse = (span.getAttribute("sortdir") == 'down');
+
+ var newRows = new Array();
+ var staticRows = new Array();
+ for (var j = rowStart; j < table.rows.length; j++) {
+ var row = table.rows[j];
+ if((" "+row.className+" ").indexOf(" unsortable ") < 0) {
+ var keyText = ts_getInnerText(row.cells[column]);
+ var oldIndex = (reverse ? -j : j);
+ var preprocessed = preprocessor( keyText );
+
+ newRows[newRows.length] = new Array(row, preprocessed, oldIndex);
+ } else staticRows[staticRows.length] = new Array(row, false, j-rowStart);
+ }
+
+ newRows.sort(sortfn);
+
+ var arrowHTML;
+ if (reverse) {
+ arrowHTML = '<img src="'+ ts_image_path + ts_image_down + '" alt="↓"/>';
+ newRows.reverse();
+ span.setAttribute('sortdir','up');
+ } else {
+ arrowHTML = '<img src="'+ ts_image_path + ts_image_up + '" alt="↑"/>';
+ span.setAttribute('sortdir','down');
+ }
+
+ for (var i = 0; i < staticRows.length; i++) {
+ var row = staticRows[i];
+ newRows.splice(row[2], 0, row);
+ }
+
+ // We appendChild rows that already exist to the tbody, so it moves them rather than creating new ones
+ // don't do sortbottom rows
+ for (var i = 0; i < newRows.length; i++) {
+ if ((" "+newRows[i][0].className+" ").indexOf(" sortbottom ") == -1)
+ table.tBodies[0].appendChild(newRows[i][0]);
+ }
+ // do sortbottom rows only
+ for (var i = 0; i < newRows.length; i++) {
+ if ((" "+newRows[i][0].className+" ").indexOf(" sortbottom ") != -1)
+ table.tBodies[0].appendChild(newRows[i][0]);
+ }
+
+ // Delete any other arrows there may be showing
+ var spans = getElementsByClassName(tr, "span", "sortarrow");
+ for (var i = 0; i < spans.length; i++) {
+ spans[i].innerHTML = '<img src="'+ ts_image_path + ts_image_none + '" alt="↓"/>';
+ }
+ span.innerHTML = arrowHTML;
+
+ if (ts_alternate_row_colors) {
+ ts_alternate(table);
+ }
+}
+
+function ts_initTransformTable() {
+ if ( typeof wgSeparatorTransformTable == "undefined"
+ || ( wgSeparatorTransformTable[0] == '' && wgDigitTransformTable[2] == '' ) )
+ {
+ digitClass = "[0-9,.]";
+ ts_number_transform_table = false;
+ } else {
+ ts_number_transform_table = {};
+ // Unpack the transform table
+ // Separators
+ ascii = wgSeparatorTransformTable[0].split("\t");
+ localised = wgSeparatorTransformTable[1].split("\t");
+ for ( var i = 0; i < ascii.length; i++ ) {
+ ts_number_transform_table[localised[i]] = ascii[i];
+ }
+ // Digits
+ ascii = wgDigitTransformTable[0].split("\t");
+ localised = wgDigitTransformTable[1].split("\t");
+ for ( var i = 0; i < ascii.length; i++ ) {
+ ts_number_transform_table[localised[i]] = ascii[i];
+ }
+
+ // Construct regex for number identification
+ digits = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', ',', '\\.'];
+ maxDigitLength = 1;
+ for ( var digit in ts_number_transform_table ) {
+ // Escape regex metacharacters
+ digits.push(
+ digit.replace( /[\\\\$\*\+\?\.\(\)\|\{\}\[\]\-]/,
+ function( s ) { return '\\' + s; } )
+ );
+ if (digit.length > maxDigitLength) {
+ maxDigitLength = digit.length;
+ }
+ }
+ if ( maxDigitLength > 1 ) {
+ digitClass = '[' + digits.join( '', digits ) + ']';
+ } else {
+ digitClass = '(' + digits.join( '|', digits ) + ')';
+ }
+ }
+
+ // We allow a trailing percent sign, which we just strip. This works fine
+ // if percents and regular numbers aren't being mixed.
+ ts_number_regex = new RegExp(
+ "^(" +
+ "[+-]?[0-9][0-9,]*(\\.[0-9,]*)?(E[+-]?[0-9][0-9,]*)?" + // Fortran-style scientific
+ "|" +
+ "[+-]?" + digitClass + "+%?" + // Generic localised
+ ")$", "i"
+ );
+}
+
+function ts_toLowerCase( s ) {
+ return s.toLowerCase();
+}
+
+function ts_dateToSortKey(date) {
+ // y2k notes: two digit years less than 50 are treated as 20XX, greater than 50 are treated as 19XX
+ if (date.length == 11) {
+ switch (date.substr(3,3).toLowerCase()) {
+ case "jan": var month = "01"; break;
+ case "feb": var month = "02"; break;
+ case "mar": var month = "03"; break;
+ case "apr": var month = "04"; break;
+ case "may": var month = "05"; break;
+ case "jun": var month = "06"; break;
+ case "jul": var month = "07"; break;
+ case "aug": var month = "08"; break;
+ case "sep": var month = "09"; break;
+ case "oct": var month = "10"; break;
+ case "nov": var month = "11"; break;
+ case "dec": var month = "12"; break;
+ // default: var month = "00";
+ }
+ return date.substr(7,4)+month+date.substr(0,2);
+ } else if (date.length == 10) {
+ if (ts_europeandate == false) {
+ return date.substr(6,4)+date.substr(0,2)+date.substr(3,2);
+ } else {
+ return date.substr(6,4)+date.substr(3,2)+date.substr(0,2);
+ }
+ } else if (date.length == 8) {
+ yr = date.substr(6,2);
+ if (parseInt(yr) < 50) {
+ yr = '20'+yr;
+ } else {
+ yr = '19'+yr;
+ }
+ if (ts_europeandate == true) {
+ return yr+date.substr(3,2)+date.substr(0,2);
+ } else {
+ return yr+date.substr(0,2)+date.substr(3,2);
+ }
+ }
+ return "00000000";
+}
+
+function ts_parseFloat( s ) {
+ if ( !s ) {
+ return 0;
+ }
+ if (ts_number_transform_table != false) {
+ var newNum = '', c;
+
+ for ( var p = 0; p < s.length; p++ ) {
+ c = s.charAt( p );
+ if (c in ts_number_transform_table) {
+ newNum += ts_number_transform_table[c];
+ } else {
+ newNum += c;
+ }
+ }
+ s = newNum;
+ }
+
+ num = parseFloat(s.replace(/,/g, ""));
+ return (isNaN(num) ? 0 : num);
+}
+
+function ts_currencyToSortKey( s ) {
+ return ts_parseFloat(s.replace(/[^0-9.,]/g,''));
+}
+
+function ts_sort_generic(a, b) {
+ return a[1] < b[1] ? -1 : a[1] > b[1] ? 1 : a[2] - b[2];
+}
+
+function ts_alternate(table) {
+ // Take object table and get all it's tbodies.
+ var tableBodies = table.getElementsByTagName("tbody");
+ // Loop through these tbodies
+ for (var i = 0; i < tableBodies.length; i++) {
+ // Take the tbody, and get all it's rows
+ var tableRows = tableBodies[i].getElementsByTagName("tr");
+ // Loop through these rows
+ // Start at 1 because we want to leave the heading row untouched
+ for (var j = 0; j < tableRows.length; j++) {
+ // Check if j is even, and apply classes for both possible results
+ var oldClasses = tableRows[j].className.split(" ");
+ var newClassName = "";
+ for (var k = 0; k < oldClasses.length; k++) {
+ if (oldClasses[k] != "" && oldClasses[k] != "even" && oldClasses[k] != "odd")
+ newClassName += oldClasses[k] + " ";
+ }
+ tableRows[j].className = newClassName + (j % 2 == 0 ? "even" : "odd");
+ }
+ }
+}
+
+/*
+ * End of table sorting code
+ */
+
+
+/**
+ * Add a cute little box at the top of the screen to inform the user of
+ * something, replacing any preexisting message.
+ *
+ * @param String -or- Dom Object message HTML to be put inside the right div
+ * @param String className Used in adding a class; should be different for each
+ * call to allow CSS/JS to hide different boxes. null = no class used.
+ * @return Boolean True on success, false on failure
+ */
+function jsMsg( message, className ) {
+ if ( !document.getElementById ) {
+ return false;
+ }
+ // We special-case skin structures provided by the software. Skins that
+ // choose to abandon or significantly modify our formatting can just define
+ // an mw-js-message div to start with.
+ var messageDiv = document.getElementById( 'mw-js-message' );
+ if ( !messageDiv ) {
+ messageDiv = document.createElement( 'div' );
+ if ( document.getElementById( 'column-content' )
+ && document.getElementById( 'content' ) ) {
+ // MonoBook, presumably
+ document.getElementById( 'content' ).insertBefore(
+ messageDiv,
+ document.getElementById( 'content' ).firstChild
+ );
+ } else if ( document.getElementById('content')
+ && document.getElementById( 'article' ) ) {
+ // Non-Monobook but still recognizable (old-style)
+ document.getElementById( 'article').insertBefore(
+ messageDiv,
+ document.getElementById( 'article' ).firstChild
+ );
+ } else {
+ return false;
+ }
+ }
+
+ messageDiv.setAttribute( 'id', 'mw-js-message' );
+ messageDiv.style.display = 'block';
+ if( className ) {
+ messageDiv.setAttribute( 'class', 'mw-js-message-'+className );
+ }
+
+ if (typeof message === 'object') {
+ while (messageDiv.hasChildNodes()) // Remove old content
+ messageDiv.removeChild(messageDiv.firstChild);
+ messageDiv.appendChild (message); // Append new content
+ }
+ else {
+ messageDiv.innerHTML = message;
+ }
+ return true;
+}
+
+/**
+ * Inject a cute little progress spinner after the specified element
+ *
+ * @param element Element to inject after
+ * @param id Identifier string (for use with removeSpinner(), below)
+ */
+function injectSpinner( element, id ) {
+ var spinner = document.createElement( "img" );
+ spinner.id = "mw-spinner-" + id;
+ spinner.src = stylepath + "/common/images/spinner.gif";
+ spinner.alt = spinner.title = "...";
+ if( element.nextSibling ) {
+ element.parentNode.insertBefore( spinner, element.nextSibling );
+ } else {
+ element.parentNode.appendChild( spinner );
+ }
+}
+
+/**
+ * Remove a progress spinner added with injectSpinner()
+ *
+ * @param id Identifier string
+ */
+function removeSpinner( id ) {
+ var spinner = document.getElementById( "mw-spinner-" + id );
+ if( spinner ) {
+ spinner.parentNode.removeChild( spinner );
+ }
+}
+
+function runOnloadHook() {
+ // don't run anything below this for non-dom browsers
+ if (doneOnloadHook || !(document.getElementById && document.getElementsByTagName)) {
+ return;
+ }
+
+ // set this before running any hooks, since any errors below
+ // might cause the function to terminate prematurely
+ doneOnloadHook = true;
+
+ updateTooltipAccessKeys( null );
+ akeytt( null );
+ setupCheckboxShiftClick();
+ sortables_init();
+
+ // Run any added-on functions
+ for (var i = 0; i < onloadFuncts.length; i++) {
+ onloadFuncts[i]();
+ }
+}
+
+/**
+ * Add an event handler to an element
+ *
+ * @param Element element Element to add handler to
+ * @param String attach Event to attach to
+ * @param callable handler Event handler callback
+ */
+function addHandler( element, attach, handler ) {
+ if( window.addEventListener ) {
+ element.addEventListener( attach, handler, false );
+ } else if( window.attachEvent ) {
+ element.attachEvent( 'on' + attach, handler );
+ }
+}
+
+/**
+ * Add a click event handler to an element
+ *
+ * @param Element element Element to add handler to
+ * @param callable handler Event handler callback
+ */
+function addClickHandler( element, handler ) {
+ addHandler( element, 'click', handler );
+}
+
+/**
+ * Removes an event handler from an element
+ *
+ * @param Element element Element to remove handler from
+ * @param String remove Event to remove
+ * @param callable handler Event handler callback to remove
+ */
+function removeHandler( element, remove, handler ) {
+ if( window.removeEventListener ) {
+ element.removeEventListener( remove, handler, false );
+ } else if( window.detachEvent ) {
+ element.detachEvent( 'on' + remove, handler );
+ }
+}
+//note: all skins should call runOnloadHook() at the end of html output,
+// so the below should be redundant. It's there just in case.
+hookEvent("load", runOnloadHook);
|
|
[-]
[+]
|
Changed |
modsecurity-apache_2.6.3.tar.bz2/tests/tfn/hexDecode.t
^
|
| @@ -21,7 +21,7 @@
type => "tfn",
name => "hexDecode",
input => "546573740043617365",
- output => "Test00Case",
+ output => "Test\0Case",
ret => 1,
},
@@ -31,20 +31,20 @@
type => "tfn",
name => "hexDecode",
input => "01234567890a0z01234567890a",
- output => "01#Eg890a0z01#Eg890a",
+ output => "\x01#Eg\x89\x0a#\x01#Eg\x89\x0a",
ret => 1,
},
{
type => "tfn",
name => "hexDecode",
input => "01234567890az",
- output => "01#Eg890az",
+ output => "\x01#Eg\x89\x0a",
ret => 1,
},
{
type => "tfn",
name => "hexDecode",
input => "01234567890a0",
- output => "01#Eg890a0",
+ output => "\x01#Eg\x89\x0a",
ret => 1,
},
|
