-
it could be interesting to integrate coraza (https://github.com/corazawaf/coraza) directly in fabio?
before starting the implementation I would like some feedback
-
Hello,
As per the discussion below and our slack chat, I open an issue to track this topic,
## What we want to do
We are looking to integrate Coraza within the crowdsec project. Concretely, i…
-
## Description
Coraza crashes if a rule use some (most ?) operators (`@contains` for example) and it ends with a `%` due to a bug in the macro expansion code.
It seems that everything that calls…
-
## Description
SecRequestBodyLimitAction Reject should reject TX if it has request body content-length **greater than** configured SecRequestBodyLimit.
### Steps to reproduce
**Set below conf…
-
I think that this `internal` folder that hides most of exported modules is an unfortunate situation.
Consider a use-case when someone wants to make a rules parser to help migrate off `libmodsecurit…
-
When I implemented the envoy proxy-wasm plugin, I found that if the response body is processed by gzip compression, a memory leak will occur. This problem also exists in the coraza-waf plugin. I suspe…
-
Currently, for both request and response bodies, we are relying on two different buffers:
- Envoy buffer: Calling [`return types.ActionPause`](https://github.com/corazawaf/coraza-proxy-wasm/blob/main…
-
Hi @senghoo ,
Thanks for all the awesome work you put into this library! I noticed in a couple of your comments (such as in #2) that you mentioned stopping work due to instabilities in libmodsecur…
-
## Summary
Corazas current AuditLog format in json has empty values for important fields and is overall less detailed compared to libmodsecurity3. Since the stated goal is to be a "drop in replacem…
-
## Summary
JSON is often used for request bodies, and this is scanned properly. However, the use of JSON is quickly growing in the contents of variables such as:
- cookies
- query arguments (a …