You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This PR #2736 introduced a PCRE match limits which, when hit, sets the variable MSC_PCRE_LIMITS_EXCEEDED. This behavior is incompatible with ModSecurity v2, which is in the same situation setting variable TX:MSC_PCRE_LIMITS_EXCEEDED.
Expected behavior
Variable names must be unified to keep backward compatibility with v2. Please rename MSC_PCRE_LIMITS_EXCEEDED to TX:MSC_PCRE_LIMITS_EXCEEDED remove MSC_PCRE_LIMITS_EXCEEDED and set TX:MSC_PCRE_LIMITS_EXCEEDED instead in v3.
The text was updated successfully, but these errors were encountered:
It has been the position of the ModSecurity team that not every aspect of functionality in ModSecurity v2 must be replicated exactly in ModSecurity v3. Keep in mind that it is common in software for major version changes to indicate differences that might affect a seamless upgrade. Sometimes differences between v2 and v3 may mean a better way of doing things in v3, and that v2 oughtn't be slavishly imitated.
In this particular case, I am not convinced that changing the variable in question to be TX:MSC_PCRE_LIMITS_EXCEEDED would be an improvement.
Note that other error variables that may be set by the ModSecurity engine do not use TX: -- the engine sets REQBODY_ERROR and not TX:REQBODY_ERROR. Likewise with all of the MULTIPART error variables, and several others.
To my mind, it's potentially confusing to have all other error flags use non-TX names but to have pcre error flags require TX:.
Describe the bug
This PR #2736 introduced a PCRE match limits which, when hit, sets the variable
MSC_PCRE_LIMITS_EXCEEDED
. This behavior is incompatible with ModSecurity v2, which is in the same situation setting variableTX:MSC_PCRE_LIMITS_EXCEEDED
.Expected behavior
Variable names must be unified to keep backward compatibility with v2. Please
renameremoveMSC_PCRE_LIMITS_EXCEEDED
toTX:MSC_PCRE_LIMITS_EXCEEDED
MSC_PCRE_LIMITS_EXCEEDED
and setTX:MSC_PCRE_LIMITS_EXCEEDED
instead in v3.The text was updated successfully, but these errors were encountered: