Skip to content

Implement support to the SCRIPT_* variables in libmodsecurity #1017

New issue
New issue
Closed
Closed
Implement support to the SCRIPT_* variables in libmodsecurity#1017
Labels
RIP - libmodsec - missing variablesRIP - libmodsecurity
Milestone
 
v3.0.0 feature complete
@zimmerle

Description

@zimmerle
zimmerle
opened on Dec 9, 2015
Contributor

The following variables needs to be implemented inside libModSecurity:

  • SCRIPT_BASENAME
  • SCRIPT_FILENAME
  • SCRIPT_GID
  • SCRIPT_GROUPNAME
  • SCRIPT_MODE
  • SCRIPT_UID
  • SCRIPT_USERNAME

More information about these variables can be found at ModSecurity reference manual: https://github.com/SpiderLabs/ModSecurity/wiki/Reference-Manual

Activity

zimmerle
added
RIP - libmodsecurity
RIP - libmodsec - missing variables
on Dec 9, 2015
zimmerle
added this to the v3.0.0 milestone on Dec 9, 2015
zimmerle
modified the milestones: v3.0.0 owasp compatible, v3.0.0 feature complete on Mar 28, 2016
zimmerle
modified the milestones: v3.0.0 feature complete, v3.0.0 - OWASP CRS Compatible on May 19, 2016
zimmerle

zimmerle commented on Oct 26, 2017

@zimmerle
zimmerle
on Oct 26, 2017
ContributorAuthor

The set of variables SCRIPTS opens a very interesting discussion. Within v3 and it seamless approach, the rules while executed [should] produce the same response regardless of the server that is hosting the content or server configuration. That is not the case for the set of variables SCRIPTS, where the need of understanding server configuration (path, permission and so on) are needed. I also think that those variables could be replaced for different ones, within representation in the request itself, not on the server configuration. With that said, I am marking this issue as closed.

zimmerle
closed this as completedon Oct 26, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    RIP - libmodsec - missing variablesRIP - libmodsecurity

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @zimmerle

        Issue actions
          Implement support to the SCRIPT_* variables in libmodsecurity · Issue #1017 · owasp-modsecurity/ModSecurity