In the case of a quote strings that has some prefix data, separate
the prefix from the value. For example:
content:!"Firefox/3.6.13"
would previous have a value of "!Firefox/3.6.13" which is incorrect,
now the value will be "Firefox/3.6.13" with the string before the
opening quote available in the prefix field.
In the case of a quote strings that has some prefix data, separate the prefix from the value. For example:
would previous have a value of "!Firefox/3.6.13" which is incorrect, now the value will be "Firefox/3.6.13" with the string before the opening quote available in the prefix field.
Github issue: https://github.com/jasonish/evebox/issues/176