Fix 920440 "URL file extension is restricted by policy" regex
See original GitHub issue_Issue for tracking original pull request created by user theMiddleBlue on date 2019-01-28 09:58:27. Link to original PR: https://github.com/SpiderLabs/owasp-modsecurity-crs/pull/1297._
HEAD is: 03b0b408b5032f7fda3697475cf408df2f32bf70
BASE is: 4ad894096c4100a8a3813b24cd47d51ac8d50cbd
Referring to #1296 this fix the 920440 regex to \.[^\.]+$
preventing to make it match something like .com.sql
instead of .sql
.
Issue Analytics
- State:
- Created 3 years ago
- Comments:5
Top Results From Across the Web
Bug on 920440 restricted extension · Issue #1296 - GitHub
There's a problem on the 920440 regex. This rule uses \.(.*)$ for matching file extensions like .sql. The problem is that it doesn't...
Read more >[Owasp-modsecurity-core-rule-set] Issues with tx ...
Im having some issues with some of my requests being blocked based on extension , I do not have .php or .html on...
Read more >WAF Rule - File Extension to be blocked - Kemp Support
1- Disable the Rule 920440 from that VS and allow all extensions · 2 - Create an equivalent rules to allow the file...
Read more >CRS rule groups and rules - Azure Web Application Firewall
920440, URL file extension is restricted by policy. 920450, HTTP header is restricted by policy (%{MATCHED_VAR}).
Read more >Including OWASP ModSecurity Core Rule Set - netnea
ModSecurity Core Rule Set Inclusion Include /apache/conf/crs/rules/*.conf ... 224 920440 URL file extension is restricted by policy 245 941110 XSS Filter ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
User theMiddleBlue commented on date 2019-01-28 16:17:20:
fgsch I think I’ve done with rebase. Could you check if it’s ok?
User theMiddleBlue commented on date 2019-01-28 11:06:20:
thanks fgsch I try to commit it without escape