-
## Summary
WithErrorCallback() callback should have access to a context related to the processed query in order to allow logging to be associated with the originating query.
This can be implemen…
-
### Motivation
We don't have a unified way of writing the id of the matching rule in our tests. Sometimes we use outside quoting (e.g. `"id rule-id"`), and others are quoting just the id (e.g. `i…
fzipi updated
6 months ago
-
This is the Agenda for the two Monthly CRS Chats.
The general chat is going to happen on https://owasp.slack.com in the channel #coreruleset on Monday, 2024-05-06, at 20:30 CEST. That's the 1st Mon…
-
### Description
I have a (very) advanced setup of CRS.. I am using it via Coraza-WASM as a plugin to Envoy (configured by istio) inside a k8 cluster. I have enabled CRS rules on the edge at my ing…
-
## Description
I'm running the WAF v3.0.4 via the [http middleware](https://github.com/corazawaf/coraza/blob/main/http/middleware.go) in `DetectionOnly` mode, using the [coraza packaged core rulese…
-
### Description
Currently, I need to use apisix's sql injection and xss capabilities, I tried to integrate coraza-proxy-wasm, but failed,
here is my operation and configuration!
referer link:https…
-
Hello,
I don't know if I am just too bad to use the tool but I cannot manage to synchronize Directus custom collections and so on that are named in directus-sync snapshot and are exported in snapsh…
-
### Discussed in https://github.com/corazawaf/coraza/discussions/770
Originally posted by **dspeg** April 12, 2023
I am testing the Coraza Wasm Plugin on Envoy/Istio. I set up a SecRule to blo…
-
## Description
I'm encountering an issue with the Coraza WAF. When I set the `SecResponseBodyLimit` to 100K and also set `SecResponseBodyLimitAction` to `ProcessPartial`, I expected the WAF to chec…
-
### Description
When uploading a file in a multipart body, the rule '941330' denies the request.
The regex defined matches the "Content-Disposition" header in the body of the request in case it also…