Christian Folini
Christian Folini
Still hoping somebody is picking this up.
During the monthly CRS chat, @theMiddleBlue volunteered to develop the proposed rule above into a working PR. Meeting minutes: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1671#issuecomment-584320407
@theMiddleBlue : Do you have an update here?
Nginx does not allow you to display arbitrary env variables in the logfile. About half of the useful information above can not be displayed via nginx. A workaround is to...
Same here with Whadda WPI400 3.5" (using the LCD35-show). Works on Raspberry 3 and 4.
Thank you for your swift response Martin. I thought I had seen status 500 with XML before but it was new with JSON for me. Then playing around I made...
+1 on the interpretation why this might be the case. That makes sense. As for the behaviour that is preferable, I agree. Providing a PR is probably outside my capability...
Wow, this is interesting. Maybe worth a separate feature! Did you or can you try out my curl call from above on 2.9.2?
Thank you very much for checking this for me, @RedXanadu.
I have just met this bug again and tried to fight it with `SecRequestBodyLimitAction Reject` But no effect. Debug Log: ``` ... Adding JSON argument 'glossary.GlossDiv.GlossList.GlossEntry.GlossSee' with value 'markup' Input...