fix CVE-2021-20205 and examples update

2021-04-26 17:00:23 +02:00
parent 1a7abab570
commit a98dae1fb6
34 changed files with 268 additions and 12 deletions
--- a/examples/gogs/modsec-crs-confs/gogs.conf
+++ b/examples/gogs/modsec-crs-confs/gogs.conf
@@ -0,0 +1,7 @@
+SecAction \
+ "id:900220,\
+  phase:1,\
+  nolog,\
+  pass,\
+  t:none,\
+  setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/x-amf| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json| |application/octet-stream| |application/csp-report| |application/xss-auditor-report| |text/plain| |application/x-git-upload-pack-request| |application/x-git-receive-pack-request|'"