summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2018-01-15Fix an other off-by-onejvoisin
2018-01-15Fix an off-by-onejvoisin
2018-01-15Fix some memleaksjvoisin
2018-01-15Minor code cleanupjvoisin
2018-01-15Add a note about session cookies handling.jvoisin
2018-01-12Refactor to improve the scopingjvoisin
2018-01-12Fix a memory leakjvoisin
2018-01-12Minor factorization and symbol exposure reductionjvoisin
2018-01-12Minor refactoringjvoisin
2018-01-12do not prepend $ to the var name if there is one alreadySebastien Blot
2018-01-12Add an ugly hack to our parser to make the writing of configuration rules ↵jvoisin
more obvious.
2018-01-12Massive overhaul of the documentationjvoisin
2018-01-12Improve a bit the documentationjvoisin
2018-01-11Remove some legacy codejvoisin
2018-01-10Rework the priority of bl/wl in evaljvoisin
2018-01-10Minor constificationjvoisin
2018-01-10Eval whitelistjvoisin
Implement whitelist in eval
2018-01-08Hopefully fix a crashjvoisin
This should close #115
2018-01-08Add a test to see what happens when no configuration file is givenjvoisin
2018-01-06Ignore a test when running the testsuite as rootjvoisin
2018-01-05Fix a bypass in our eval blacklistjvoisin
2018-01-04Eval blacklistjvoisin
Add support for eval filtering, only blacklist for now
2018-01-04Bump a bit the coveragejvoisin
2018-01-03Handle correctly configuration files with Windows EOLjvoisin
Thanks to @fr33tux for the bug report ♥
2018-01-03Merge pull request #110 from nbs-system/document_debugThibault "bui" Koechlin
Document how to debug Snuffleupagus, specifically providing a stacktrace
2018-01-03Remove some dead codejvoisin
2018-01-03Update debug.rstThibault "bui" Koechlin
2018-01-03syntaxThibault "bui" Koechlin
2018-01-03Document how to debug Snuffleupagusjvoisin
2018-01-03Add a twitter badgejvoisin
2018-01-02Remove some useless code in the testsuitejvoisin
2017-12-29Fix two broken testsjvoisin
2017-12-28Add two test to prove that we're not prone to old-school bypassesjvoisin
2017-12-28Bump again the coveragejvoisin
2017-12-28Clang-format passThibault "bui" Koechlin
- `clang-format --style="{BasedOnStyle: google, SortIncludes: false}" -i snuffleu*.c sp_*.c sp_*.h` - Update the documentation accordingly
2017-12-28Show in the phpinfo() is the config is validjvoisin
This should close #39
2017-12-28Fix a non-working testjvoisin
2017-12-28Bump a bit the coveragejvoisin
2017-12-28re-integrate simulation token for cookiesbui
2017-12-28Implement regexp support for cookies encryptionThibault "bui" Koechlin
It's now possible to encrypt cookies matching a specific regexp. This should close #106
2017-12-28Add two tests to verify that we can hook indirect callsjvoisin
This should close #104
2017-12-28Implement hooking on user-defined functions return valuesjvoisin
This should close #99, thanks to @blotus for the implementation idea!
2017-12-27Minor documentation improvementjvoisin
2017-12-27Implement simulation mode for cookies (de/en)cryptionjvoisin
This should close #102 This commit can be useful for two use-cases: 1. When deploying Snuffleupagus on big CMS like Magento, and not knowing what cookies are modified via javascript. 2. When deploying Snuffleupagus on big websites: you don't want to disconnect every single user at once. When simulation is enabled, if the decryption fails, a log message is now issued, and the cookie value taken as it (since odds are that it's non-encrypted).
2017-12-27Fix the debian packageblotus
Add a default ini file to enable snuffleupagus to the debian package
2017-12-26Improve the portability of our ipv6 supportjvoisin
Apparently, the in6_addr can have different fields in its union, making it a bit non-portable. We're solving this via macros. This should close #100, thanks to @fichtner for the report ♥
2017-12-26Add a link to a blogpostjvoisin
2017-12-26Add a link to our blackalps talkjvoisin
2017-12-22Fix a typo spotted by @xxx-caillou-xxxjvoisin
2017-12-21Mention the release in the changelogjvoisin