Christian Folini
Christian Folini
Thank you @jptosso. Got you. And thank you for that explanation @azurit. I'm intrigued. And such a shame one has to go such lengths to do something ModSec is supposed...
Please elaborate on the "This could be feasible with a simpler selector like regexes."
Ah, got you. So as long as we target every element, we can select them via regex selection on `TX:/.../`? Neat thought.
Yes. On top: Not sure how FP handling integrates into this approach.
I see some real potential yes. So if you are interested, then please do. @studersi : What is your take? Any chance your customers would run this midterm?
Thank you for this balanced view. One option could be to offer both body processors and enabling one of them according to a local policy and information about the backend.
### CRS Bug Bounty PR assessment * **Rules affected** (list rules): 932200 * **Paranoia Level addressed** (1, 2, 3, 4, full or explain): 2 * **FTW passes** (yes or no)...
Wow, that's an impressive contribution. Thank you very much. You are also rewriting several of the existing rule exclusions. Could you explain why you are doing that and is this...
This is very likely accepted into the next release and it is now waiting for a review that was self-assigned to @azurit. Maybe we get an update if we ping...
@azurit: Any news here? We'd like to merge this. So where is your review standing?