Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Aligned Cookie parsing method to ModSecurity2 style #2023
May be it's not a bug, but the behavior is differ from ModSec v2. Here is an example, take a look to this header request:
But ModSec2 interprets this as there is a cookie with name "foo" with empty value.
This patch aligns the behavior of ModSec3.
airween left a comment
I didn't modified the affected code since, just make a small program to demonstrate the differences between old method and new one. Here is it:
I've merged the newest version from upstream to this branch.
Could we continue the discussion about the patch? First, please review the snippet:
The C++ code contains the old (current) and the new method of cookie parsing. You can pass the cookie string to the compiled binary as argument (see output.txt).
The first line is the output of current version, the second is the last product. The