azurit
commented
6 months ago @EsadCetiner What is the purpose of splitting exclusions into rules 9508311, 9508312, 9508313 and 9508314? Seems like all of them are matching the same URLs.
Closed EsadCetiner closed 5 months ago
azurit
commented
6 months ago @EsadCetiner What is the purpose of splitting exclusions into rules 9508311, 9508312, 9508313 and 9508314? Seems like all of them are matching the same URLs.
EsadCetiner
commented
6 months ago @azurit Those rule exclude rules for individual token used in Nextcloud's markdown text editor. All of these rule exclusions could be done in one rule, but then you won't be able to easily implement character whitelisting (which is currently the case).
EsadCetiner
commented
6 months ago @azurit everything good to merge?
EsadCetiner
commented
5 months ago @theseion I'm trying to use the REQUEST_BODY_LENGTH variable to check if there's no response body then disable rule 200002 since that's causing the XML parser to fail, but the linter doesn't think that's a valid variable. It's supported on both ModSec v2/v3 and Coraza so I don't know why it's marked as invalid.
theseion
commented
5 months ago Wow, wouldn't have expected that. But your right, there's a mistake in the parser model.
I've opened an issue: https://github.com/coreruleset/secrules_parsing/issues/70. @airween, any idea how to fix that one? I wasn't able to.
airween
commented
5 months ago There is still a workflow issue, but I'm afraid that's an ftw problem. @theseion could you take a look at it?
theseion
commented
5 months ago All the checks are good now. @airween, you need to approve the changes, then we can merge.
Nextcloud 28 has made a fair few changes and some of these have resulted in new false positives. Most of these false positives are at PL-2 or higher or they they affect features that will only be used on occasion.