Marc Stern
Marc Stern
Thanks a lot for this PM. I hope it will be accepted. About the syntax, why not simplifying it: "@Pm| single_word| |trailing_space " Also, would this be supported? "@Pm/ single_word/...
Indeed, a space is mandatory after the operator
Any chance to have this merged? Thanks
Running in prod on 60+ servers for more than 1 year. It definitely solves a technical problem that could be critical in some environments. Why isn't it accepted?
@martinhsv: you mean that the fix in re_operators.c is already included now, so you cannot merge this PR anymore. So you need a PR with only msc_pcre.c. Is that correct?
Any chance to implement this? Issue #903 is another way to solve HTTP parameter pollution but this could be a very interesting generic feature
From my example above: `SecRule ... "setvar:'TX.HPP_%{MATCHED_VAR_NAME}=%{TX.HPP_%{MATCHED_VAR_NAME}},%{MATCHED_VAR}'"` This would require double (recursive) macro replacement: %{TX.HPP_%{MATCHED_VAR_NAME}} This obviously doesn't work. Note that the first part works (TX.HPP_%{MATCHED_VAR_NAME}=). However, by having a...
That's great. Any chance to have it in 2.9.x?
There's one case where we return before cleaning up. It's in case of a memory allocation problem, so it should hopefully not happen often. However, in the case we add...
Example (very simplified): # Store name of all ARGS containing % SecRule ARGS "%" "phase:1,setvar:tx.percentArgs=%{tx.percentArgs}|%{MATCHED_VAR_NAME},..." # Exclude all ARGS not containing % for rules tagged with "PERCENT" SecRule ARGS @unconditionalMatch...