Christian Folini
Christian Folini
Sounds leggit. Sorry I let this slip. I think it's my mistake.
I saw the base64 tricks that call for the audo-decode-plugin to be fought. You mean some transformation beyond the `t:urlDecodeUni`? @theMiddleBlue you worked on the Log4J stuff as well, did...
Thanks @theseion. Can we do the do this review ourselves or do we need to get support (very hard to come by ...).
Thanks for the confirmation. Unfortunately, my contacts into that area are very limited.
Chiming in from the OWASP ModSecurity Core Rule Set team: We are 100% behind this and we have also set aside some funds for this. It's not much, but it's...
I do not think the proxy action is in wide use. Adding to @theseion's use cases, the one I think the original author had in mind and the one I...
As a workaround, here is the question I sent : ``` Hi there, Releasing Pingora into the wild is very welcome. Does this, or will this also include WAF functionality?...
Thank you. I have created said River feature request at https://github.com/memorysafety/river/issues/8 I do not really have time to dig into pingora, but I can help to connect to the WAF...
No clue. But you may want to test with curl to be really sure what is sent across the wire.
Funny output for curl, but I confirm that a browser is very likely to ignore a Location header if it comes with status code 200. Also, I do not like...