I've been testing naxsi for our new proxies, but am running into an issue with whitelisting some stuff.
I am probably misunderstanding something, but I can't get my whitelist rules for ARGS to work.
I use the basic core rules and added have the following config in my location block:
I've been testing naxsi for our new proxies, but am running into an issue with whitelisting some stuff. I am probably misunderstanding something, but I can't get my whitelist rules for ARGS to work.
I use the basic core rules and added have the following config in my location block:
Now if I do a request with [ ] in a get variable, so for instance localhost/foo?param[bar]=baz it blocks that based on Main rules 1310 & 1311:
If I change the basic rules and add |NAME to ARGS, it works as expected.
What am I doing wrong here? Do I need to white list for ARGS & ARGS|NAME seperatly?