Christian Folini
Christian Folini
Thank you @fzipi. We can take it from here.
I agree. Besides there is the audo-decode plugin (that we need to advertise a bit more).
Good thinking @azurit. These additional file extensions - nice set @gwen001 - are all problematic, but they are more likely to cause false positives / be acceptable than the existing...
Please notice that `JW2SU88A` is also covered in PR #2560.
### CRS Bug Bounty PR assessment * **Rules affected** (list rules): 920440 * **Paranoia Level addressed** (1, 2, 3, 4, full or explain): 1 * **FTW passes** (yes or no)...
@RedXanadu The best option was @azurit's proposal at https://github.com/coreruleset/coreruleset/pull/2562#issuecomment-1128841375 The `.axd` should still be part of the original list. Where I am unsure is whether the restricted file extensions _extension_...
Meeting decision (https://github.com/coreruleset/project-chat-archive/blob/master/chat-archive-2022-07-18.md): We'll go with a new rule at PL2 and a separate variable.
Could you elaborate, please, @RedXanadu. When we talked about it on Monday, it all seemed settled.
I think the following items would profit from `@`. ``` ash bridge bundler ... column dd docker finger genie gimp install latex ```
I agree on the idea to move and update afterwards. And it is already broken for NGINX. So moving won't change a thing and if we get a workaround afterwards,...