Don't README yet.
corazawaf / coraza.io Goto Github PK
View Code? Open in Web Editor NEWHome Page: https://coraza.io
License: Apache License 2.0
Home Page: https://coraza.io
License: Apache License 2.0
Don't README yet.
Currently seclang docs are manually maintained, which is a burden in maintenance and also gets outdated easily. We should generate this data from the code (like others do from protos) which would require to write a transpiler but will save a lot of work and will solve the outdated problem e.g. SecRequestBodyLimitAction isn't documented.
Unlike ModSecurity, REQUEST_XML
is an alias for XML
, as we also support RESPONSE_XML
. That’s because of response body processing. Coraza only supports two XPATH expressions, //@*
and /*
which are hardcoded. That’s because of the lack of libxml2 support.
Currently the documentation upgrade process is:
go get -u github.com/corazawaf/coraza/v3@<coraza-commit-or-tag>
go mod tidy
go run mage.go generate
git add -u
git commit -m <message>
and create a PR.
We should have a github action to do that so we can trigger it on demand using this
Describe the issue that you're seeing.
https://coraza.io/docs/seclang/execution-flow/#phases
image description is incorrect
Clear steps describing how to reproduce the issue. Please please please link to a demo project if possible, this makes your issue much easier to diagnose (seriously).
Add Response Headers
Add Request Headers
It is referenced in https://coraza.io/docs/seclang/directives/#secresponsebodyaccess but not documented.
Remember documentation should be added in https://github.com/corazawaf/coraza/blob/main/internal/seclang/directives.go and regenerated here.
Homepage's link to OWASP CRS is broken.
Go to the homepage and hover the link.
It should say https://coraza.io/docs/tutorials/coreruleset/
It says https://coraza.io/#
actions.md should be generated in the same way we do in directives.md. For that we need a generation tool that creates the actions.md
based on the godoc from functions, for example https://github.com/corazawaf/coraza/blob/main/internal/actions/allow.go#L39.
Coraza will use the first disruptive action based on syntactic order only.
This needs to be documented properly.
Include a basic example or links here.
Why are we doing this? What use cases does it support? What is the expected outcome?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.