headers
Stephen Craig Evans | 5 Jul 02:41

Re: problem with my regex and single line HTMLcomment in RESPONSE_BODY

That sounds very cool.

Do you guys ever sleep? :-)

Stephen

On Sat, Jul 5, 2008 at 2:02 AM, Brian Rectanus
<Brian.Rectanus <at> breach.com> wrote:
> Hi Stephen,
>
> I have a regression test suite coming out with ModSecurity 2.6 (no date
> yet), but I have debated backporting it to the next 2.5 release as well.
>  This is a framework for testing ModSeucrity directives and automates the
> conf file edit, restart, view the debug log process that may help you in
> testing.
>
> -B
>
> Stephen Craig Evans wrote:
>>
>> Hi,
>>
>> I'm a little embarrassed about yesterday's outburst - I guess reading
>> debug files for so long made me a little nutso.
>>
>> Ivan, back to your idea of a ModSecurity console...
>>
>> I think a large part of my frustration (besides sucking at writing
>> regex's :-) comes from having to modify the .conf file, restart
>> Apache, run a test case, then wade through the debug log file just to
>> see if it worked or not.
>>
>> In a couple of weeks after I've hit the 50% project completion
>> milestone and I compile and install 2.5.5, I'll look more closely at
>> the C functions in msc_pcre.c. Perhaps it won't be too difficult to
>> write a C program that can call those directly or call the function
>> calls that ModSecurity calls.
>>
>> For now I would be happy with just a shell command line interface
>> where I can input the regex, then proceed by entering different
>> strings and knowing if they match or not.
>>
>> I am writing many WebGoat sublesson-specific regex's and this would
>> save me a lot of time I believe.
>>
>> Cheers,
>> Stephen
>>
>> On Fri, Jul 4, 2008 at 8:55 AM, Ivan Ristic <ivanr <at> webkreator.com> wrote:
>>  > Achim Hoffmann wrote:
>>  >>
>>  >> ...
>>  >>
>>  >>
>>  >> Thanks for your in-depth examples, I'm going to analyze that but they
>>  >> don't really answer what I asked for according PCRE_DOLLAR_ENDONLY and
>>  >> PCRE_DOTALL and how ModSecurity passes "strings" to the regex engine.
>>  >
>>  > We pass them as they are. What is passed depends on the variable you
>> use.
>>  > Headers, which you mentioned in your previous emails, we get from
>> Apache and
>>  > pass them through. As far as I know it's just a string, because Apache
>> will
>>  > collapse folded headers.
>>  >
>>  > In other places (e.g. parameters) you will get newlines if they are
>> there.
>>  >
>>  > Ivan
>>  >
>>  >
>>
>
>

-------------------------------------------------------------------------
Sponsored by: SourceForge.net Community Choice Awards: VOTE NOW!
Studies have shown that voting for your favorite open source project,
along with a healthy diet, reduces your potential for chronic lameness
and boredom. Vote Now at http://www.sourceforge.net/community/cca08
Permalink | Reply |

Gmane