deploy: 473aa62

docs/reference/internals/index.html

@@ -1,4 +1,4 @@
-<!doctype html><html lang=en-US><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="ie=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=preload as=font href=https://coraza.io/fonts/vendor/jost/jost-v4-latin-regular.woff2 type=font/woff2 crossorigin><link rel=preload as=font href=https://coraza.io/fonts/vendor/jost/jost-v4-latin-500.woff2 type=font/woff2 crossorigin><link rel=preload as=font href=https://coraza.io/fonts/vendor/jost/jost-v4-latin-700.woff2 type=font/woff2 crossorigin><script>(()=>{var t=window.matchMedia&&window.matchMedia("(prefers-color-scheme: dark)").matches,e=localStorage.getItem("theme");t&&e===null&&(localStorage.setItem("theme","dark"),document.documentElement.setAttribute("data-dark-mode","")),t&&e==="dark"&&document.documentElement.setAttribute("data-dark-mode",""),e==="dark"&&document.documentElement.setAttribute("data-dark-mode","")})()</script><link rel=stylesheet href=https://coraza.io/main.237e16aa52ac48f5215210c868c67e15f6d3ce87cc775393f94d3a66aa84482a3898f81451ae801fe74f36e4f3c3641e91241de87f47f1d51f8e6742e6861699.css integrity="sha512-I34WqlKsSPUhUhDIaMZ+FfbTzofMd1OT+U06ZqqESCo4mPgUUa6AH+dPNuTzw2QekSQd6H9H8dUfjmdC5oYWmQ==" crossorigin=anonymous><noscript><style>img.lazyload{display:none}</style></noscript><meta name=robots content="index, follow"><meta name=googlebot content="index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1"><meta name=bingbot content="index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1"><title>Internals - OWASP Coraza</title>
+<!doctype html><html lang=en-US><head><meta charset=utf-8><meta http-equiv=x-ua-compatible content="ie=edge"><meta name=viewport content="width=device-width,initial-scale=1,shrink-to-fit=no"><link rel=preload as=font href=https://coraza.io/fonts/vendor/jost/jost-v4-latin-regular.woff2 type=font/woff2 crossorigin><link rel=preload as=font href=https://coraza.io/fonts/vendor/jost/jost-v4-latin-500.woff2 type=font/woff2 crossorigin><link rel=preload as=font href=https://coraza.io/fonts/vendor/jost/jost-v4-latin-700.woff2 type=font/woff2 crossorigin><script>(()=>{var t=window.matchMedia&&window.matchMedia("(prefers-color-scheme: dark)").matches,e=localStorage.getItem("theme");t&&e===null&&(localStorage.setItem("theme","dark"),document.documentElement.setAttribute("data-dark-mode","")),t&&e==="dark"&&document.documentElement.setAttribute("data-dark-mode",""),e==="dark"&&document.documentElement.setAttribute("data-dark-mode","")})()</script><link rel=stylesheet href=https://coraza.io/main.0fbd12f474dcfc4d512bdfbe34bd926d1747470d2ab0c95508cf442d94d4670934ebc995fd719ce693b95483dc397d8d0197103c024ecadcb06fce9c0d351aaa.css integrity="sha512-D70S9HTc/E1RK9++NL2SbRdHRw0qsMlVCM9ELZTUZwk068mV/XGc5pO5VIPcOX2NAZcQPAJOytywb86cDTUaqg==" crossorigin=anonymous><noscript><style>img.lazyload{display:none}</style></noscript><meta name=robots content="index, follow"><meta name=googlebot content="index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1"><meta name=bingbot content="index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1"><title>Internals - OWASP Coraza</title>
 <meta name=description content="WAF Engine # Waf is the main interface used to store settings, rules and create transactions, most directives will set variables for Waf instances. A coraza implementation might have unlimited Waf instances and each Waf might process unlimited transactions.
 Transactions # Transactions are an instance of an url call for a Waf instance, transactions are created with wafinstance.NewTransaction(). Transactions hold collections and configurations that may be updated using rules.
 Macro Expansion # Macro expansions are a function available for transactions, a macro expansion will compile a string and provide variables data to the current context. Macro expansion is performed by running a regular expression that will find %{request_headers.test} and replace the value using:
@@ -26,4 +26,4 @@
     ]
 }
 </code></pre><p>Some helpers may be used for this cases, like <code>tx.GetCollection(variables.RequestHeaders).GetFirstString("")</code>.</p><p>Variables are compiled in runtime in order to support Regex(precompiled) and XML, the function <code>tx.GetField(variable)</code>. Using RuleVariable.Exceptions and []exceptions might seem redundant but both are different, the list of exception is complemented from the rule. In case of Regex, <code>GetField</code> will use <code>RuleVariable.Regex</code> to match data instead of <code>RuleVariable.Key</code>.</p><p><strong>Note:</strong> Collections are not concurrent-safe, don&rsquo;t share transactions between routines.</p><h2 id=phases>Phases <a href=#phases class=anchor aria-hidden=true>#</a></h2><p>Phases are used by <code>RuleGroup</code> to filter between execution phases on HTTP/1.1 and HTTP/1.0.</p><p><strong>Phase 1: Request Headers</strong></p><p>This phase process theorically consists in three phases:</p><ul><li>Connection (<code>tx.ProcessConnection()</code>): Request address and port</li><li>Request line (<code>tx.ProcessURI()</code>): Request URL, does not include GET arguments</li><li>Request headers (<code>tx.ProcessRequestHeaders()</code>) Will evaluate phase 1</li></ul><p><strong>Phase 2: Request Body</strong></p><p>This phase only runs when <code>RequestBodyAcces</code> is <code>On</code>, otherwise we will skip to phase 3. This phase will do one of the following:</p><ul><li>Reject transaction if the request body is too long and <code>RequestBodyLimitAction</code> is set to <code>Reject</code></li><li>If <code>URLENCODED</code>: set POST arguments and request_Body</li><li>If <code>MULTIPART</code>: Parse files and set FILES variables</li><li>If <code>JSON</code>: Not implemented yet</li><li>If none of the above was met and <code>ForceRequestBodyVariable</code> is set to true, URLENCODED will be forced</li></ul><p>See <strong>Body Handling</strong> for more info.</p><p><strong>Phase 3: Response Headers</strong></p><p><strong>Phase 4: Response Body</strong></p><p><strong>Phase 5: Logging</strong></p><p>This is a special phase, it will always run but it must be handled by the client. For example, if there is any error reported by Coraza, the client must at least implement a <code>defer tx.ProcessLogging()</code>. This phase will close handlers, save persistent collections and write audit loggers, in order to write the audit loggers the following conditions must be met:</p><ul><li>Transaction was marked with <code>auditlog</code> action</li><li>There must be at least one audit logger (<code>SecAuditLog</code>)</li><li><code>AuditEngine</code> must be <code>On</code> or <code>RelevantOnly</code></li><li>If <code>AuditEngine</code> was set to <code>RelevantOnly</code> the response status must match <code>AuditLogRelevantStatus</code></li></ul><h2 id=body-handling>Body handling <a href=#body-handling class=anchor aria-hidden=true>#</a></h2><p>BodyBuffer is a struct that will manage the request or response buffer and store the data to temprary files if required. BodyBuffer will apply a few rules to decide whether to buffer the data in memory or write a temporary file, it will also return a <code>Reader</code> to the memory buffer or the temporary file created. Temporary files must be deleted by <code>tx.ProccessLoging</code>.</p><h2 id=persistent-collections>Persistent Collections <a href=#persistent-collections class=anchor aria-hidden=true>#</a></h2><p>Not working yet.</p><h2 id=the-txprocessrequestreq-helper>The <code>tx.ProcessRequest(req)</code> helper <a href=#the-txprocessrequestreq-helper class=anchor aria-hidden=true>#</a></h2><div class="page-footer-meta d-flex flex-column flex-md-row justify-content-between"><div class=edit-page><a href=https://github.com/corazawaf/coraza.io/content/en/docs/reference/internals.md><svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-2"><path d="M17 3a2.828 2.828.0 114 4L7.5 20.5 2 22l1.5-5.5L17 3z"/></svg>
-Edit this page on</a></div></div><div class="docs-navigation d-flex justify-content-between"><a href=https://coraza.io/docs/tutorials/coreruleset/><div class="card my-1"><div class="card-body py-2">&larr; OWASP Core Ruleset</div></div></a><a class=ms-auto href=https://coraza.io/docs/tutorials/using-plugins/><div class="card my-1"><div class="card-body py-2">Using Plugins &rarr;</div></div></a></div></main></div></div></div><footer class="footer text-muted"><div class=container-xxl><div class=row><div class="col-lg-8 order-last order-lg-first"><ul class=list-inline><li class=list-inline-item>Powered by a lot of love ❤️ (and code) - By Juan Pablo Tosso and Coraza Contributors</li></ul></div><div class="col-lg-8 order-first order-lg-last text-lg-end"><ul class=list-inline></ul></div></div></div></footer><script src=https://coraza.io/js/bootstrap.min.b1ee91c7960e86e62953cedb0d5ff98d2cf52b34b0cee7dd04cb14b35902686f62c79d72a75051e02037f324b26a0877332d19d7769ce8061bc2dbbe298ee69b.js integrity="sha512-se6Rx5YOhuYpU87bDV/5jSz1KzSwzufdBMsUs1kCaG9ix51yp1BR4CA38ySyagh3My0Z13ac6AYbwtu+KY7mmw==" crossorigin=anonymous defer></script><script src=https://coraza.io/js/highlight.min.86beb544fe09c932e7d01490675d38341a1986f7782726a5edad74025e4a0f885c60e18ddaee0a483160d2b3af97274830f9fe127b750d503b7d16ecb34cab57.js integrity="sha512-hr61RP4JyTLn0BSQZ104NBoZhvd4Jyal7a10Al5KD4hcYOGN2u4KSDFg0rOvlydIMPn+Ent1DVA7fRbss0yrVw==" crossorigin=anonymous defer></script><script src=https://coraza.io/main.min.bfa65cedd6250da819d42442541d2515f4bc08872cc860fbda3fd95f9183125b3418e48c5ebfee53f1ec729b29ddd1ec7be9990ad33785624c81b9268ea2fe6b.js integrity="sha512-v6Zc7dYlDagZ1CRCVB0lFfS8CIcsyGD72j/ZX5GDEls0GOSMXr/uU/Hscpsp3dHse+mZCtM3hWJMgbkmjqL+aw==" crossorigin=anonymous defer></script><script src=https://coraza.io/index.min.a01e6070ee796f67d9dbe8dc04819ef2281b6083231db70f97acecf2c6c0e57fdbc3612a4ee82ce805fe8c36bc046233de20b140d79164a934aa45e1a4a09a38.js integrity="sha512-oB5gcO55b2fZ2+jcBIGe8igbYIMjHbcPl6zs8sbA5X/bw2EqTugs6AX+jDa8BGIz3iCxQNeRZKk0qkXhpKCaOA==" crossorigin=anonymous defer></script><div class="d-flex fixed-bottom pb-4 pb-lg-5 pe-4 pe-lg-5"><a id=toTop href=# class="btn btn-outline-primary rounded-circle ms-auto p-2"><span class=visually-hidden>Top</span><svg width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-chevron-up"><polyline points="18 15 12 9 6 15"/></svg></a></div></body></html>
+Edit this page on</a></div></div><div class="docs-navigation d-flex justify-content-between"><a href=https://coraza.io/docs/tutorials/coreruleset/><div class="card my-1"><div class="card-body py-2">&larr; OWASP Core Ruleset</div></div></a><a class=ms-auto href=https://coraza.io/docs/tutorials/using-plugins/><div class="card my-1"><div class="card-body py-2">Using Plugins &rarr;</div></div></a></div></main></div></div></div><footer class="footer text-muted"><div class=container-xxl><div class=row><div class="col-lg-8 order-last order-lg-first"><ul class=list-inline><li class=list-inline-item>Powered by a lot of love ❤️ (and code) - By Juan Pablo Tosso and Coraza Contributors</li></ul></div><div class="col-lg-8 order-first order-lg-last text-lg-end"><ul class=list-inline></ul></div></div></div></footer><script src=https://coraza.io/js/bootstrap.min.b1ee91c7960e86e62953cedb0d5ff98d2cf52b34b0cee7dd04cb14b35902686f62c79d72a75051e02037f324b26a0877332d19d7769ce8061bc2dbbe298ee69b.js integrity="sha512-se6Rx5YOhuYpU87bDV/5jSz1KzSwzufdBMsUs1kCaG9ix51yp1BR4CA38ySyagh3My0Z13ac6AYbwtu+KY7mmw==" crossorigin=anonymous defer></script><script src=https://coraza.io/js/highlight.min.3fad8f30a015b158548e09d8ef6b17060443eb3b52ca175cba7e316335b52541272a3857bf56cca828516a81699558a85ab2474b6ee4c1df2d2231efafe52aae.js integrity="sha512-P62PMKAVsVhUjgnY72sXBgRD6ztSyhdcun4xYzW1JUEnKjhXv1bMqChRaoFplVioWrJHS27kwd8tIjHvr+Uqrg==" crossorigin=anonymous defer></script><script src=https://coraza.io/main.min.c4966a03e9ec0dcecee7eaa7d77d4fc0ee1a46b1ddf1d8b2bf83b8ff62213b9e1110153a8cc1526898ffc681cea3fa3d6be62dfd46c097dac1a4c238dd055e73.js integrity="sha512-xJZqA+nsDc7O5+qn131PwO4aRrHd8diyv4O4/2IhO54REBU6jMFSaJj/xoHOo/o9a+Yt/UbAl9rBpMI43QVecw==" crossorigin=anonymous defer></script><script src=https://coraza.io/index.min.a01e6070ee796f67d9dbe8dc04819ef2281b6083231db70f97acecf2c6c0e57fdbc3612a4ee82ce805fe8c36bc046233de20b140d79164a934aa45e1a4a09a38.js integrity="sha512-oB5gcO55b2fZ2+jcBIGe8igbYIMjHbcPl6zs8sbA5X/bw2EqTugs6AX+jDa8BGIz3iCxQNeRZKk0qkXhpKCaOA==" crossorigin=anonymous defer></script><div class="d-flex fixed-bottom pb-4 pb-lg-5 pe-4 pe-lg-5"><a id=toTop href=# class="btn btn-outline-primary rounded-circle ms-auto p-2"><span class=visually-hidden>Top</span><svg width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentcolor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-chevron-up"><polyline points="18 15 12 9 6 15"/></svg></a></div></body></html>