Closed chepurko closed 7 years ago
I would AND it with a URL zone, but the problem is infinite scrolling works on the homepage as well as all other places with the blogroll. So I believe the URL zone doesn't do me any good here.
I also thought I'd be able to just match the URL /?infinity=scrolling
as this is the request showing up in the NAXSI logs:
2017/05/27 15:53:12 [error] 198#198: *17497 NAXSI_FMT: ... request: "POST /?infinity=scrolling HTTP/1.1"...
But obviously the URL zone is for everything before the question mark.
Hello,
I don't just want to allow "mz:$BODY_VAR:scripts[]|NAME", I want to allow "mz:$URL:/|$BODY_VAR:infinity|$BODY_VAR:scripts[]|NAME", but this results in the error
"mz:$URL:/|$BODY_VAR:scripts[]|NAME"
seems to be the correct syntax :)
So is there a way to target parameter names with square brackets only when the parameter ?infinity=scrolling is present?
: unfortunately no :(
If you are running into trouble, please submit a naxsi_fmt :)
I am trying to whitelist some rules (1310,1311) in WordPress to let Jetpack infinite scroll work. The problem is there is a whole bunch of URL params to match. See image:
I don't just want to allow
"mz:$BODY_VAR:scripts[]|NAME"
, I want to allow"mz:$URL:/|$BODY_VAR:infinity|$BODY_VAR:scripts[]|NAME"
, but this results in the error[emerg] 214#214: whitelist can't target more than one BODY item.
.So is there a way to target parameter names with square brackets only when the parameter
?infinity=scrolling
is present?If I just do
"mz:$BODY_VAR:infinity|NAME"
this also doesn't match because there aren't any square brackets in that query anyway...