[Owasp-modsecurity-core-rule-set] gwt-rpc form data parsing in modsecurity
kcoward at infozen.com
Mon May 3 17:05:58 EDT 2010
I have questions regarding the response to a previous response regarding content types supported by ModSecurity.
"ModSecurity only supports HTTP form based and XML based RPC nativly[sic].
However, if you have developers, you can add an extension to ModSecurity to parse about anything."
First, is the suggested mode of mod_security extension "configuration-based" or "code-/module-based"?
Is it possible to "extend" the available types parsed by ModSecurity via configuration? (Candidate configuration rule follows):
# Parse requests with Content-Type "text/plain" as URLENCODED
SecRule REQUEST_CONTENT_TYPE ^text/plain nolog,pass,ctl:requestBodyProcessor=URLENCODED
Finally, could the solution require something as involved as writing a custom Apache module defining a custom type of REQUESTBODY_PROCESSOR as an "operator" extension?
I am ultimately trying to use mod_security to parse GWT-RPC form data to leverage existing core and custom rules.
Any explicit guidance on this would be considered helpful.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-modsecurity-core-rule-set