[Owasp-modsecurity-core-rule-set] A Recommended Base Configuration - XML Request Body Parser

Ryan Barnett Fri, 08 Apr 2011 10:30:08 -0700

Reference Manual:
https://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#ctl


Current setting:
# Enable XML request body parser.
# Initiate XML Processor in case of xml content-type
#
SecRule REQUEST_HEADERS:Content-Type "text/xml" \
     "phase:1,t:none,t:lowercase,pass,nolog,ctl:requestBodyProcessor=XML"

Rationale:
This rule will enable the XML request body parser.  This is needed in order to 
create the XML:/* variable used in the OWASP CRS.

_______________________________________________
Owasp-modsecurity-core-rule-set mailing list
[email protected]
https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set

[Owasp-modsecurity-core-rule-set] A Recommended Base Configuration - XML Request Body Parser

Reply via email to