summaryrefslogtreecommitdiff
path: root/src (follow)
AgeCommit message (Collapse)Author
2018-01-18Bump the changelogjvoisin
2018-01-18Simplify the previous commitjvoisin
2018-01-18Clean up a bit the glob codejvoisin
2018-01-18Minor code improvements in sp_execute.cjvoisin
2018-01-18add missing globfree()Sebastien Blot
2018-01-18Add globbing support for configuration file path (closes #125)Sebastien Blot
2018-01-18Improve the way we're dealing with filtering on parameter positionsjvoisin
This should close #127
2018-01-17Bump a bit the coveragejvoisin
2018-01-17Remove useless "head" member in our linked lists implementationsimon MAGNIN-FEYSOT
This should close #85
2018-01-17Fix a minor warningjvoisin
2018-01-17remove src from path (#126)Remi Collet
2018-01-17Bump a bit our coveragejvoisin
2018-01-17Our configuration files are ending in .rules, not .inijvoisin
This commit fixes the documentation, our shipped configuration files, and the related tests. Thanks to @remicollet for the tip
2018-01-17Make the build system a bit more portablejvoisin
2018-01-15Minor simplificationjvoisin
2018-01-15Fix an other off-by-onejvoisin
2018-01-15Fix an off-by-onejvoisin
2018-01-15Fix some memleaksjvoisin
2018-01-15Minor code cleanupjvoisin
2018-01-12Refactor to improve the scopingjvoisin
2018-01-12Fix a memory leakjvoisin
2018-01-12Minor factorization and symbol exposure reductionjvoisin
2018-01-12Minor refactoringjvoisin
2018-01-12do not prepend $ to the var name if there is one alreadySebastien Blot
2018-01-12Add an ugly hack to our parser to make the writing of configuration rules ↵jvoisin
more obvious.
2018-01-11Remove some legacy codejvoisin
2018-01-10Rework the priority of bl/wl in evaljvoisin
2018-01-10Minor constificationjvoisin
2018-01-10Eval whitelistjvoisin
Implement whitelist in eval
2018-01-08Hopefully fix a crashjvoisin
This should close #115
2018-01-08Add a test to see what happens when no configuration file is givenjvoisin
2018-01-06Ignore a test when running the testsuite as rootjvoisin
2018-01-05Fix a bypass in our eval blacklistjvoisin
2018-01-04Eval blacklistjvoisin
Add support for eval filtering, only blacklist for now
2018-01-04Bump a bit the coveragejvoisin
2018-01-03Handle correctly configuration files with Windows EOLjvoisin
Thanks to @fr33tux for the bug report ♥
2018-01-03Remove some dead codejvoisin
2018-01-02Remove some useless code in the testsuitejvoisin
2017-12-29Fix two broken testsjvoisin
2017-12-28Add two test to prove that we're not prone to old-school bypassesjvoisin
2017-12-28Bump again the coveragejvoisin
2017-12-28Clang-format passThibault "bui" Koechlin
- `clang-format --style="{BasedOnStyle: google, SortIncludes: false}" -i snuffleu*.c sp_*.c sp_*.h` - Update the documentation accordingly
2017-12-28Show in the phpinfo() is the config is validjvoisin
This should close #39
2017-12-28Fix a non-working testjvoisin
2017-12-28Bump a bit the coveragejvoisin
2017-12-28re-integrate simulation token for cookiesbui
2017-12-28Implement regexp support for cookies encryptionThibault "bui" Koechlin
It's now possible to encrypt cookies matching a specific regexp. This should close #106
2017-12-28Add two tests to verify that we can hook indirect callsjvoisin
This should close #104
2017-12-28Implement hooking on user-defined functions return valuesjvoisin
This should close #99, thanks to @blotus for the implementation idea!
2017-12-27Implement simulation mode for cookies (de/en)cryptionjvoisin
This should close #102 This commit can be useful for two use-cases: 1. When deploying Snuffleupagus on big CMS like Magento, and not knowing what cookies are modified via javascript. 2. When deploying Snuffleupagus on big websites: you don't want to disconnect every single user at once. When simulation is enabled, if the decryption fails, a log message is now issued, and the cookie value taken as it (since odds are that it's non-encrypted).