fix(921180, 921210, 921220): should be block not pass#4294
Conversation
|
📊 Quantitative test results for language: |
for more information, see https://pre-commit.ci
Updated rule to block HTTP Parameter Pollution attacks.
for more information, see https://pre-commit.ci
EsadCetiner
left a comment
There was a problem hiding this comment.
Nice catch, can you update 921180 disruptive action to block too?
|
Already done normally, did you see it ? |
|
@EsadCetiner Do you see how this could have slipped our attention before? How come it passed the tests? |
|
@dune73 The rules are still adding points to the anomaly score which should be enough for 949110 to block the request, so it's more an stylistic issue than an actual functional issue if your not using the self-contained mode. I clearly remember these rules blocking request before, but I'll double check to be sure. |
I just tested on both Apache and NGINX and I can confirm this behavior, this is only problematic if your using the self-contained mode. |
|
Yes, you're right. It does not really matter in standard deployments, since block is pass. But we should still have tests catching this. @airween is this a case for a linter extension? |
Actually the linter does not have any feature that catches this typo/issue. We should add that one, if it's necessary. I would like to work on linter during the retreat (I added that to tasks), so we can add soon. |
Hello
I guess it's a mistake, but maybe there is something i don't have in mind.