I want to complete my question, when I send a character in iso-8859 , something
like "ۨ" will transfer and I don't know how to make modsecurity to
understand this (decode it), it seems that I have to change iso-8859 to utf-8
maybe by t.urldecodeuni but I don't know how to transform it, also I don't know
what is the meaning of codes in the unicode.mapping somethng like 01e5:67,
anyone can explain their procedure? first I thought it is mapping 01e5 to 67
but when I was testing it my hypothesis rejected, even if it can map characters
what should we do with "&#"?
Sincerely yours
~IMAN
----- Forwarded Message -----
From: Iman Vakili <ivak...@yahoo.com>
To: "owasp-modsecurity-core-rule-set@lists.owasp.org"
<owasp-modsecurity-core-rule-set@lists.owasp.org>
Sent: Tuesday, September 4, 2012 8:36 AM
Subject: [Owasp-modsecurity-core-rule-set] Encoding
Hi friends,
I have set parameter matching in UTF8 encoding on modsecurity, but there is a
web application which using iso-8859-1 for its encoding, and the thing is
modsecurity will detect every parameter encoded in iso-8859-1 in the post and
get parameters as an attack, that is natural behavior but I wonder how we can
support other encoding such as iso-8859-1, also there are some functions which
I think are ambiguous, like t:urlDecodeUni, I couldn't detect any
transformation by this function, also SecUnicodeCodePage and SecUnicodeMapFile,
the thing is it is not clear what exactly mapping do,
I will be so thankful if you can guide me, do you think I have to change in the
developing level to support other encodings?
Thanks a lot,
All the best
~Iman
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
Owasp-modsecurity-core-rule-set@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
