Ervin Hegedus

I reviewed the thread (congrats @M4tteoP for the good explanation), and tried the examples. I also checked the history of regex modifiers in v3, and realized unfortunately the "default" modifier...

> It appears to me that it should be possible to simplify the regular expression in 922110 by adding `t:removeWhiteSpace`, without impacting detection quality. Sorry, I don't understand this: should...

> My question about this one is: is there another place where this bug might affect rules? I assume yes, but we have to find some way to check. Eg....

> Using `t:removeWhiteSpace` means we can remove all whitespace matching tokens from the regex, mainly `\s*`. Oh, got it, thanks.

>``` > severity:'CRITICAL',\ > chain" > SecRule ARGS:_charset_ "@rx ^.*$" \ > "setvar:'tx.charset=|%{tx.0}|',\ > chain" > SecRule TX:charset "!@within %{tx.allowed_request_content_type_charset}" \ > "t:lowercase,\ >``` May be a `capture` is missing...

Hi @nuroji, please provide more details about your issue. It would be nice to fill [the issue template](https://github.com/coreruleset/coreruleset/issues/new?assignees=&labels=%3Aheavy_plus_sign%3A+False+Positive&projects=&template=01_false-positive.md&title=) (now you should copy the text in the textarea and insert here,...

Did #3338 solves this issue?

This is a valid request, I can add more step to check the rule has a tag `OWASP_CRS` - but please help me, how can we formally describe the rule,...

> Did we add something to the linter then? No, as I remember we haven't made any decision. My [question](https://github.com/coreruleset/coreruleset/issues/3573#issuecomment-1947944491) above is still relevant.

The new functions which check the existence of `tag:'OWASP_CRS'` and `ver` actions are done - but I need some help. I need a reference value which describe the current `ver`...