Closed
Description
Issue originally created by user csanders-git on date 2016-10-31 20:54:02.
Link to original issue: SpiderLabs/owasp-modsecurity-crs#638.
Apache and Nginx tend to be really annoying about automatically URL decoding certain things. Not all applications will in fact do this. There is currently a problem where URLDecoding twice is actually a bit of a nasty issue see #590. CRLF is actually quite easy to detect in non-urldecoded entities because valid use of /r or /n must be encoded. This was an issue in #633 and the reason we had to split the rule into a second PL.