Max Leske

icon company Xovis.com

Results 149 comments of Max Leske

Rule exclusions for dynamically changing sections of home page not working. Please help a noob with Rule Exclusions! Site is live!

As for the manual rule exclusions, you could try the following. I've replaced the parts of the URI that I assume are dynamic with regular expression patterns. This is untested...

Rule exclusions for dynamically changing sections of home page not working. Please help a noob with Rule Exclusions! Site is live!

The plugin won't fix all of your issues. You should take @azurit's advice and exclude those cookies. That should get you a lot closer to your goal.

[CI] Pharo13: Need SmalltalkCi support for Pharo13

Well... they only fail for Pharo 13 ;)

[CI] Pharo13: Need SmalltalkCi support for Pharo13

The PR has been merged.

Pharo 12 CI - Error: "Instance of Time class did not understand #millisecondsToRun:"

I think something went wrong. The latest commit on the Pharo12 branch is 3ffc5637840a873d5f1a74453d8855a418813a0f but the build version is stuck at a commit from December: 1645336259151e603fddc9b8aeba8ac67378a2f5. When I download a...

Pharo 12 CI - Error: "Instance of Time class did not understand #millisecondsToRun:"

You're right. The issue appears to be with Pharo Launcher. And that method is gone indeed.

Feature request: Limit the number of rules processed per request

I'm not sure that the engine should stop processing rules. In CRS, the rule for blocking based on score is one of the last rules, so stopping to process would...

% sign in URI must not be interpreted (other than for URI encoding)

Thanks, I'll check.

% sign in URI must not be interpreted (other than for URI encoding)

This is the same issue as https://github.com/owasp-modsecurity/ModSecurity/pull/3016. Unfortunately, the patch somehow never made it into the release branch: https://github.com/owasp-modsecurity/ModSecurity/blob/5f44383236b94ef8066529861d0b4d603f9b3bcb/src/utils/decode.cc#L102.