Matteo Pace
Matteo Pace
thanks @azurit, I'll prioritize this.
Hey, based on the following quick try, Coraza is performing macro expansion only for some operators, not for regexes. ``` SecAction "id:1,phase:1,pass,setvar:'tx.var=foo|bar'" SecRule ARGS "@rx %{TX.var}" "id:2,phase:1,deny,status:405" SecRule ARGS "@contains...
Let question from my side: here we are enforcing a check that, as per the documentation, has always been expected to work this way. However, it would be a breaking...
And, for testing purposes, the new tag has to be added also here: https://github.com/corazawaf/coraza/blob/a4888598076b458cd79259cd3b3f348c5ab89fd3/magefile.go#L280-L286 🙇🏻‍♂️
Hey @nanchen114, could you please elaborate a bit more on the issue you are reporting? Based on the title looks like you are trying to set a variable, but I...
> @M4tteoP do you have any other comments? It is pretty extensive, so more eyes would be better, but looks good to me! Thanks for the effort @ricsirigu!
Thanks for raising this, by any chance, would you also be able to check how modsec v3 on nginx is behaving? It would be great if we could collect all...
> And I can see the other inconsistency now, for none-json representation (not sure how to name it) in coraza, we don't print out A and Z sections. Just linking...
If I'm fully getting the context, we have three issues. We should be able to isolate and address them individually: - [x] 1. `H` and `K` flags behavior. - `H`:...
Hey @tty2, correct. My PR is an alternative for https://github.com/corazawaf/coraza/pull/1304. I would prefer to merge this one and then iterate with separate PRs for the other two points (`nolog,auditlog` behavior...