Hi Ryan, are you planning to add this little fix to the 2.2.7? That would really be great!
Thank you! On Friday, November 9, 2012, rm4dillo D wrote: > Hi, > > The "base_rules/modsecurity_crs_41_xss_attacks.conf" rules file starts > with a smart rule that checks the presence of some keywords (Ex. script > javascript...) and depending on the result, it decides to run deeper rules > or just skip them. The problem is that the conditional "skip" never works > because it tests the "pm_xss_score" variable which is not initialized. > > SecRule TX:PM_XSS_SCORE "@eq 0" > "phase:2,id:'981018',t:none,pass,skipAfter:END_XSS_CHECK,nolog" > > To fix this, I just directive this at the beginning of the file: > > SecAction > "phase:2,rev:'2.2.5',t:none,pass,nolog,setvar:tx.pm_xss_score=0" > > It would be nice to fix this in the next core rule set release. > > Thank you in advance. > > Rm4dillo >
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
