Juan Pablo Tosso

For now just create an exception. `SecRuleUpdateTargetById "!ARGS:username"` That will disable the rule validation for the parameter.

I want to add something to this issue (I'm using 4653d87): ``` scope.go:225: nil reflect type panic: nil reflect type [recovered] panic: /Users/jptosso/go/src/github.com/jptosso/coraza-waf/vendor/go.uber.org/zap/logger.go:309:2: CFG post-order panic: nil reflect type goroutine...

Hey! thank you very much for your comment. Glad you enjoy the project. The error logs are compatible with the old ModSecurity format. They are consistent between versions, so you...

Reload is a caddy feature, technically Coraza is not aware of reloading. Could you provide the package you are using? or your daemon settings

The problem with this change is that we would be required to rename the seclang project into config, and use the config package to create the coraza.NewWafWithConfig() Other problem we...

The other problem we might face is how to handle seclang as an independent package. coraza package cannot consume seclang as it would create circular dependencies issues. Maybe we should...

Hey @zc2638 we are currently going through some seclang changes because of the new "immutable" pattern. Once we have the definitions closed I will make the changes and merge this....

> I think this shows where things are going in general. It defines a public API for actions plugins. Unfortunately it's a bit hard to know what the right API...

@anuraaga is this ready for review?

> > Reduce code complexity of modsecurity inherited transformations > > Would you elaborate a bit more on this? I have quoted a sample code: https://github.com/corazawaf/coraza/blob/v2/master/transformations/url_decode_uni.go Basically, there is C...