nbs-system / naxsi

NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
GNU General Public License v3.0
4.8k stars 606 forks source link

how to add whitelist special cookie name? #589

Closed mhf-ir closed 2 years ago

mhf-ir commented 2 years ago
BasicRule wl:0 "mz:$HEADERS_VAR:cookie";

It's seems exclude all cookies.

curl -H 'Cookie: itsok=../traverse; idono=SELECT * FROM'

how to just whitelist itsok ?

vncloudsco commented 2 years ago

@mhf-ir using sample

BasicRule wl:0 "mz:$HEADERS_VAR:itsok";