Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

HAProxy SPOA result message #21

Open
sts opened this issue Jun 15, 2022 · 1 comment
Open

HAProxy SPOA result message #21

sts opened this issue Jun 15, 2022 · 1 comment

Comments

@sts
Copy link
Contributor

sts commented Jun 15, 2022

Currently the variable returned by coraza-spoa to inform HAProxy to perform a waf block, is called fail. The term fail is confusing and should be replaced.

  • Additionally types.Interruption exposes more variables (Action, Data, RuleID & Status), which should also be exposed to HAProxy.
    • Other actions such as Redirect, Deny, Drop, could also be handled correctly in the example HAProxy configuration.

Looking at other modules:

@sts
Copy link
Contributor Author

sts commented Aug 5, 2022

Redirect implemented in coraza v3, it.Action still needs exposure to haproxy.

Note: Redirect status cannot be determined by it.Status because of HAProxy short comings. Retrieving the status code by looking up a variable results in a haproxy parsing error, otherwise this works:

http-request redirect code 302 location %[var(txn.coraza.data)] if { var(txn.coraza.action) -m str redirect }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant