headers
Stephen Craig Evans | 4 Jul 08:31

Re: problem with my regex and single line HTMLcomment in RESPONSE_BODY

Hi,

I'm a little embarrassed about yesterday's outburst - I guess reading
debug files for so long made me a little nutso.

Ivan, back to your idea of a ModSecurity console...

I think a large part of my frustration (besides sucking at writing
regex's :-) comes from having to modify the .conf file, restart
Apache, run a test case, then wade through the debug log file just to
see if it worked or not.

In a couple of weeks after I've hit the 50% project completion
milestone and I compile and install 2.5.5, I'll look more closely at
the C functions in msc_pcre.c. Perhaps it won't be too difficult to
write a C program that can call those directly or call the function
calls that ModSecurity calls.

For now I would be happy with just a shell command line interface
where I can input the regex, then proceed by entering different
strings and knowing if they match or not.

I am writing many WebGoat sublesson-specific regex's and this would
save me a lot of time I believe.

Cheers,
Stephen

On Fri, Jul 4, 2008 at 8:55 AM, Ivan Ristic <ivanr <at> webkreator.com> wrote:
> Achim Hoffmann wrote:
>>
>> ...
>>
>>
>> Thanks for your in-depth examples, I'm going to analyze that but they
>> don't really answer what I asked for according PCRE_DOLLAR_ENDONLY and
>> PCRE_DOTALL and how ModSecurity passes "strings" to the regex engine.
>
> We pass them as they are. What is passed depends on the variable you use.
> Headers, which you mentioned in your previous emails, we get from Apache and
> pass them through. As far as I know it's just a string, because Apache will
> collapse folded headers.
>
> In other places (e.g. parameters) you will get newlines if they are there.
>
> Ivan
>
>

-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
Permalink | Reply |

Gmane