TW - Vincent
TW - Vincent
We don’t have the statistical data here to quickly isolate the exclusions related only to PL1 - it’s true that this volume is mainly due to the fact that we...
@fzipi .pac ([lfi-os-files.data](https://github.com/coreruleset/coreruleset/pull/4299/files#diff-0c245f6dd8de17e1a76beaa7f54228f69f186865b7f9e3d65a91e04c4885e48c)) was in lfi-os-files.data which has a broader scope : https://github.com/coreruleset/coreruleset/blob/dc750a6c12da1614c4fbcb80c766f424e3fa6acb/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf#L99
``` curl -H "x-format-output: txt-matched-rules" -H "x-crs-paranoia-level:4" "https://sandbox.coreruleset.org/" -d 'searchValue=%22select%20specialty%20hospital%22' 920273 PL4 Invalid character in request (outside of very strict set) 920273 PL4 Invalid character in request (outside of very...
Hi @airween Because, from what I understand from the documentation, these variables are only available when the URLENCODED processor is used, which limits far too much of the operational scope...
@airween I already tried it over HTTPS - I should have mentioned it in the initial issue. It’s the same result. `curl -v --http2 "https://sandbox.coreruleset.org/"` * Trying 52.4.200.1:443... * Connected...
I have PR and a corrupted unit test incoming once i get time. You will understand why.
https://github.com/coreruleset/coreruleset/blob/main/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf#L241
Not for my use case. We will speak about this later when my PR is done.
In the PrestaShop ecosystem, it’s not uncommon to come across code segments like this: ```php $ipaddress = ''; if (isset($_SERVER['HTTP_CLIENT_IP'])) { $ipaddress = $_SERVER['HTTP_CLIENT_IP']; } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ipaddress =...
This rule is a true nightmare to stabilize as soon as ad networks are involved - Matomo’s cookies (pk_ref) are just one among hundreds that cause issues. It’s likely that...