Re: [Mod-security-developers] API Usage and Descriptions?
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
Re: [Mod-security-developers] API Usage and Descriptions?
|
From: Felipe C. <FC...@tr...> - 2017-12-22 14:24:53
|
Hi Jai, The idea is to have a transaction for each HTTP request. So, msc_new_transaction() should be called every time that a new connection is established. In additional to the ModSecurity v2.x phases, ModSecurity v3 can also process rules for this additional URI phase. That is after you got the connection details and before you get the client headers. You can find more details about how to implement a connector in the Transaction code: - https://github.com/SpiderLabs/ModSecurity/blob/v3/master/src/transaction.cc You may also want to generate the doxygen docs: $ cd doc ; doxygen doxygen.cfg Notice that there is no phase on SecRules to hit the uri processing. At least not yet. We are aiming to support in upcoming versions. Br., Felipe “Zimmerle” Costa Security Researcher, Lead Developer ModSecurity. Trustwave | SMART SECURITY ON DEMAND www.trustwave.com<http://www.trustwave.com/> ________________________________ From: Jai Harpalani <jai...@mu...> Sent: Wednesday, December 20, 2017 3:52:27 PM To: mod...@li... Subject: [Mod-security-developers] API Usage and Descriptions? I have an application which already retrieves requests and responses from "the wire". I'm trying to add modSecurity to check the requests/responses for WAF errors using: msc_process_request_headers(); msc_process_request_body(); msc_process_response_headers(); msc_process_response_body(); I don't want WAF to necessarily take any action, just inform the caller if any problems were found. If this is possible, how is it done? Also, not sure what the purpose of the below APIs is for my specific application. msc_new_transaction(); msc_process_connection(t); msc_process_uri(); I was not able to locate a description of the above APIs. If detailed descriptions exist, please let me know where they are located. Thanks. |
