Juan Pablo Tosso

icon company Harness icon location Spain icon location I'm a human

Results 48 issues of Juan Pablo Tosso

V3/core fixes

> Thank you for contributing to Coraza WAF, your effort is greatly appreciated > Before submitting check if what you want to add to `coraza` list meets [quality standards](https://github.com/corazawaf/coraza/blob/master/CONTRIBUTING.md#quality-standards) before...

Monthly meeting agenda (June 2022)

1 comment

- **Date:** _Wednesday, June 29 at 12 p.m. UTC_ - **Previous agenda:** https://github.com/corazawaf/coraza/issues/247 > This meeting will be a bit different, we will discuss the project status, and the rest...

stale
meeting

Custom URL encoded processor

1 comment

The custom URL processor must consider the [RFC3986](https://www.ietf.org/rfc/rfc3986.txt) A few additional details: - Decoding is non-strict: [See Modsecurity](https://github.com/SpiderLabs/ModSecurity/blob/4127c1bf52d2b30a5c2c3e641b8085fd9a720f43/src/utils/decode.cc) - There will be no exceptions, all URLs are valid. What to...

enhancement

CRS v4 compatibility issues

3 comment

Current status: ``` [ "934131-1" "941310-1" "941310-3" "942190-42" "944200-1" "951110-0" "951120-0" "951130-0" "951140-0" "951150-0" "951160-0" "951170-0" "951180-0" "951190-0" "951200-0" "951210-0" "951220-0" "951230-0" "951240-0" "951250-0" "951260-0" "954100-0" "959100-0" "959100-2" "980170-0" "980170-1"]...

bug
help wanted
coreruleset
stale

Add automatic benchmark comparison github action

3 comment

Performance is key for Coraza and we should display how each version is compared to the previous one. There are some features that are worth sacrificing performance but we must...

stale

Create automatic comment on PRs to describe failed CRS rules

5 comment

It would be nice to use the FTW output to create a comment if the action failed. Something like in the first comment.

enhancement
stale
gh-actions

HTTP Example error on transaction creation

2 comment

https://github.com/corazawaf/coraza/blob/f8e930d3a06ad40c10aa81088b3af3580b7b4ea3/examples/http-server/main.go#L45 NewTransaction should be inside the returned handler

stale

feat: flattened json audit format

1 comment

Following #266, new flattened JSON format. Friendly with SIEMs, and easy to process, the new struct is: You can use it like: ``` SecAuditLogFormat flatten ``` ```json { "messages.0.actionset": "",...

V2/update crs tests (DRAFT)

4 comment

This PR was created to track the progress of the latest CRS version compatibility across branches

Response Body Processor

6 comment

Seclang currently only supports body processing for request bodies. It's usually hard to handle response bodies because HTML payloads are huge but what about APIs? I think it's time to...

enhancement
stale
v3
roadmap