Christian Folini
Christian Folini
Yes, there are still a few gaps, true. Would you be interested to help us creating some tests for these?
Way to go man. We're happy to assist you, if you encounter any problems.
Sorry for the inconvenience. However, I can't reproduce your finding, so I'm closing this for now. However, I suggest you reproduce this yourself with curl and reopen this issue together...
Negative. Please provide your alert message.
This is very odd. I can't reproduce. @fgsch: Can you get this rule to trigger on said payload? Otherwise, it may be worth to upgrade to Apache and ModSec to...
Totally so. I would not be surprised to see an FP here. But I can't seem to reproduce despite the welcome curl call.
Results from the CRS project chat on March 2, 2020: We appreciate @theseion working on this. Thanks in advance! https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1683#issuecomment-593584538
Confirm. I can trigger this on 942100 as follows: ``` $> curl localhost -d "foo=2104 GRANT AVE #A" ```
Compared to the other issue you picked, this one is really big and complex as it touches on many different aspects of CRS. If you pick this, it will accompany...
I still plan to follow up on this.