Closed franbuehler closed 4 years ago
Monthly Chat Meeting April: @franbuehler and @lifeforms will test this rule in production.
In the monthly chat meeting from May 4 we decided to merge this PR: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1749#issuecomment-623634756
Fix issue #1722 and expand content-type whitelisting.
action, type, start and start-info are allowed too. And these "flags" can appear several times.
I also added two regression tests that cover the new extensions and the false positives mentioned in the issue.