| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2018-07-23 | Improve a bit the default rules | jvoisin | |
| - Use plain values instead of regexp where possible - Reduce the number of false positives (*cough* `curl_exec` *cough*) | |||
| 2018-07-23 | Whitelist the inclusion of `.phtml` files | jvoisin | |
| This is the extension used by PhpMyAdmin | |||
| 2018-07-23 | Allow the inclusion of `.inc` files | jvoisin | |
| 2018-07-23 | Use SameSite on PHP's session cookie in the default rules | jvoisin | |
| 2018-07-23 | Activate more features in the default rules | jvoisin | |
| 2018-07-13 | Massively optimize how rules are handled | xXx-caillou-xXx | |
| This commit does a lot of things: - Use hashtables instead of lists to store the rules - Rules that can be applied at launch time won't be tried at runtime - Improve feedback when writing nonsensical rules - Make intensive use of `zend_string` instead of `char*` | |||
| 2018-03-09 | Improve the performances of our default rules | jvoisin | |
| 2018-03-05 | Improve a bit the performances (+10%) | jvoisin | |
| 2018-02-26 | Improve the previous commit | jvoisin | |
| 2018-02-26 | Add a rule to prevent various sandbox escapes | jvoisin | |
| This used to be private, but since it apparently isn't anymore, we should forbid it ;) | |||
| 2018-02-22 | Refactor a bit our rules | jvoisin | |
| 2018-01-17 | Our configuration files are ending in .rules, not .ini | jvoisin | |
| This commit fixes the documentation, our shipped configuration files, and the related tests. Thanks to @remicollet for the tip | |||
 |
index : snuffleupagus | |
| Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest! |
| summaryrefslogtreecommitdiff |