Renaming tx.blocking_early to tx.early_blocking #2414
Conversation
There was a problem hiding this comment.
Small thing, but in https://github.com/coreruleset/coreruleset/blob/v3.4/dev/CONTRIBUTING.md#general-formatting-guidelines-for-rules-contributions, we say that SecMarker should be quoted. Other than that, LGTM.
|
Thank you. Fixed. |
|
Yes, we kind of need a way to test with changed config items. A docker container where every config item can be submitted as HTTP header? |
|
No, we can't do that in the pipeline. But we can run specific tests with different configuration. I guess that approach is reasonable. In the end if we only run |
|
Makes sense. But I do not understand why we can't have a container that accepts config items as HTTP headers. Thanks for approving. Need this for blog post. |
|
That sounds a lot like the sandbox. And the sandbox has a frontend that need additional code to decide on where to send you based on headers. We cannot reconfigure on the fly a container to behave differently based on inputs on a web service. 🤷 . |
|
But it's only a handful or rules you add during the setup of the container prior to the test. Thought that must be easy. |
|
That is the easy part. But then you are in early blocking mode or you aren't. And you cannot select that based on headers, right? |
|
A3A2
Setting this via header is exactly the rule I would want to add to the testing container. |
|
Then you are either in default (-> off), or you set a header "X-early-blocking: 1". |
This var name is more in line with the documentation and the name of the feature "early blocking" that we use.