Marc Stern
Marc Stern
Here is the a centralized function we're using for years: ``` char* get_username(apr_pool_t* mp) { char* username; apr_uid_t uid; apr_gid_t gid; int rc = apr_uid_current(&uid, &gid, mp); if (rc !=...
This is a duplicate of https://github.com/SpiderLabs/ModSecurity/pull/2046
`/req?p=cmd&p=/c&p=...` The previous line leads to "p=cmd,/c,..." is ASP (and others) which can be used to perform an attack (in this concrete example, the comma is a valid separator in...
As I explained, if you try (like in the CRS rules) to do it on unsorted ARGS, you can evade it. This is why we need (also) a sorted collection....
You're correct about the my request @zimmerle. It would allow to specify "12/36" You're also correct that it would accept the "xx/y" syntax. Currently, it checks the syntax and, if...
@zimmerle: in case you're waiting for the use case, sorry, I forgot about it. When you have tokens (like JWT) that are very long, you may want to get something...
I understand that I didn't explain the whole issue. When working with Visual Studio on a solution with several dozens projects, if you need to track a memeory leak, you...
Any chance to make this trivial change? Thanks a lot
Could anyone look at this? Thanks a lot
This would definitely makes this add-on one of the most useful ones! Currently, it's very difficult for me to use it as it breaks my own developments. I hope you'll...