Open cwchristerw opened 3 years ago
Hi! I don't understand the log, what does it check?
Another question, if you put two keeweb versions into different folders, does one of them work?
It will work without Web Application Firewall
How is this WAF set up, what does it check and what it doesn't like?
Describe the bug Enabling OWASP CoreRuleSet in ModSecurity (WAF) will cause latest KeeWeb versions code to split into unusable code due to some reason (more in Logs)
To Reproduce I have copied gh-pages branch in to folder that served by antelle/keeweb docker container with own changes. There is Nginx with OWASP CoreRuleSet in ModSecurity enabled as load balancer/reverse proxy. You can find, how code looks when browser received it here – https://etherpad.cwinfo.org/p/fXOoO1qVDKLflR50feuA
Expected behavior Working correctly as in previous versions. Nothing else has changed except KeeWeb code.
Environment Nginx with OWASP CoreRuleSet in ModSecurity as reverse proxy
Logs