-
Notifications
You must be signed in to change notification settings - Fork 369
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AppSec: resist missing ruleset file #1948
Conversation
2ec2f05
to
33b4196
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems reasonable! Left a bunch of nitpicks, and in particular there seems to be a bunch of code on request_middleware.rb
that can be removed, and I also think there's quite a bit of repetition on processor_spec.rb
that would be nice to avoid.
Addressed some (though not all yet) of the review comments. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I gave it another pass. I think the specs can still be simplified / reduced duplication a bit, but otherwise I think this is in good shape so here sir take my approval 😄 .
Adjusts the behaviour from raising an exception to outputting an error and allow the app to continue running. This also generalises the error management beyond a ruleset file being missing and also takes into account various invalid ruleset cases or libddwaf unavailability. In these cases, in addition to the error, a warning is produced that alerts the user that AppSec is subsequently disabled.
5e09e4f
to
42a0752
Compare
Adjusts the behaviour from raising an exception to outputting an error and allow the app to continue running. This also generalises the error management beyond a ruleset file being missing and also takes into account various invalid ruleset cases or libddwaf unavailability.
In these cases, in addition to the error, a warning is produced that alerts the user that AppSec is subsequently disabled.