Christian Folini
Christian Folini
> Nowadays non-latin unicode is widely used, does changing it to support non-latin-based languages and Unicode special characters cases make sense? Your remark is spot on. The change makes a...
fix(security): remove double URL decode (921151 PL2, 932190 PL3, 942441 PL2, 942442 PL2, 942460 PL3)
That would be annoying, but I see the IIS problem. It's double problematic since we have zero insight into the number of IIS installations out there. It is super exotic,...
fix(security): remove double URL decode (921151 PL2, 932190 PL3, 942441 PL2, 942442 PL2, 942460 PL3)
@azurit Yes, I think we ought to create an issue that describes the remaining IIS problem _after_ this PR is merged. Based on that issue we can then discuss a...
I quite like @M4tteoP's idea.
Thank you very much. There is no rush (since we do monthly releases) so I suggest we wait for your report and continue with the PR afterwards. Chances are other...
I'm not a fan of the remote rules and namely how it was being implemented, but commercial rule vendors do use this and I am sure there are people who...
Thank for your considered positions here. It's indeed hard to tell what the correct behavior is. It's unfortunate this was pushed without noticing the consequences for CRS. And now a...
So if I write a rule that carries a regex pattern in a variable, there is no macro expansion in Coraza (or no option to write my own rules)?
Custom Corpus example file in original corpus format with line number and tab. [custom-corpus.txt](https://github.com/user-attachments/files/17617648/custom-corpus.txt)
This is taken from this thread: https://twitter.com/intigriti/status/1772929816360050857 The idea was to take these ideas and detect them even if they are naked. If this is too cumbersome / too prone...