search

corazawaf / coraza-caddy

OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities
https://www.coraza.io/
Apache License 2.0
290 stars 35 forks source link

chore: keep the handler error instead of trying to hijack it as it breaks the user experience. #85

Closed jcchavezs closed 1 year ago

jcchavezs commented 1 year ago

Currently when a later in the chain middleware returned an error with a certain status code, we attempted to wrap that error with an own error which lead to misleading behaviours

Closes https://github.com/corazawaf/coraza-caddy/issues/83.

Ping @rasschaert

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

jptosso commented 1 year ago

It is working: https://tosso.io/experiment/basicauth username: foouser, password: foopassword

image

My settings:

    handle /experiment/basicauth {
        basicauth * {
            # not the actual credentials, just an example for github
            foouser $2a$14$EUkRdDpsoURnFJtZz3KhLuIIAirpmYdMYyetZI0uDR08ok3ZWp3I.
        }
        respond "It worked :)"
    }