Merge pull request #772 from dune73/fix-719-messup

csanders-git · web-flow · commit bc5dc8e2f59b · 2017-05-10T19:07:37.000-04:00
Fix 719 messup by removing debug rule
diff --git a/CHANGES b/CHANGES
@@ -5,6 +5,10 @@
   or the CRS mailinglist at
 * https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
 
+== Version 3.0.2 - 5/FIXME/2017 ==
+
+ * Remove debug rule that popped up in 3.0.1 (Christian Folini)
+
 == Version 3.0.1 - 5/9/2017 ==
 
  * SECURITY: Removed insecure handling of X-Forwarded-For header;
diff --git a/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf b/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf
@@ -497,7 +497,6 @@ SecRule TX:CRS_VALIDATE_UTF8_ENCODING "@eq 1" \
 # https://www.checkpoint.com/defense/advisories/public/2007/cpai-2007-201.html
 # https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/719
 #
-SecRule REQUEST_URI "(.*)" "msg:'got %{tx.0}',id:22,capture"
 SecRule REQUEST_URI|REQUEST_BODY "\%u[fF]{2}[0-9a-fA-F]{2}" \
   "msg:'Unicode Full/Half Width Abuse Attack Attempt',\
    id:920260,\

Original file line number	Diff line number	Diff line change
`@@ -497,7 +497,6 @@ SecRule TX:CRS_VALIDATE_UTF8_ENCODING "@eq 1" \`
`497`	`497`	`# https://www.checkpoint.com/defense/advisories/public/2007/cpai-2007-201.html`
`498`	`498`	`# https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/719`
`499`	`499`	`#`
`500`		`-SecRule REQUEST_URI "(.*)" "msg:'got %{tx.0}',id:22,capture"`
`501`	`500`	`SecRule REQUEST_URI\|REQUEST_BODY "\%u[fF]{2}[0-9a-fA-F]{2}" \`
`502`	`501`	`"msg:'Unicode Full/Half Width Abuse Attack Attempt',\`
`503`	`502`	`id:920260,\`