-
## Summary
Would it be possible to make the key middleware functions public. Specifically:
* [processRequest](https://github.com/corazawaf/coraza/blob/fc71a09e809b2d022bc44fe08806bcf8496b46bb/http…
-
### Motivation
We don't have a unified way of writing the id of the matching rule in our tests. Sometimes we use outside quoting (e.g. `"id rule-id"`), and others are quoting just the id (e.g. `i…
fzipi updated
7 months ago
-
## Summary
WithErrorCallback() callback should have access to a context related to the processed query in order to allow logging to be associated with the originating query.
This can be implemen…
-
### Description
Currently, I need to use apisix's sql injection and xss capabilities, I tried to integrate coraza-proxy-wasm, but failed,
here is my operation and configuration!
referer link:https…
-
## Description
I'm running the WAF v3.0.4 via the [http middleware](https://github.com/corazawaf/coraza/blob/main/http/middleware.go) in `DetectionOnly` mode, using the [coraza packaged core rulese…
-
Hello,
I don't know if I am just too bad to use the tool but I cannot manage to synchronize Directus custom collections and so on that are named in directus-sync snapshot and are exported in snapsh…
-
### Discussed in https://github.com/corazawaf/coraza/discussions/770
Originally posted by **dspeg** April 12, 2023
I am testing the Coraza Wasm Plugin on Envoy/Istio. I set up a SecRule to blo…
-
## Description
I'm encountering an issue with the Coraza WAF. When I set the `SecResponseBodyLimit` to 100K and also set `SecResponseBodyLimitAction` to `ProcessPartial`, I expected the WAF to chec…
-
## Summary
Using libcoraza, latest from Github. I created a small C program that started loading the Rule files from the latest OWASP.
```
Attaching log callback
coraza_rules_load_rules: rule…
-
A few days ago we had a discussion about adding methods to public interfaces that are not implementable, like Transaction. Technically speaking, adding a function would break API compatibility, and th…