On Fri, 2 Feb 2024 at 18:42, John Lauro <johnala...@gmail.com> wrote: > > Seems like a lint style checker that doesn't require AI. > For example, it could recognize that the / in /api isn't valid for > req.hdr(host) > [...] > The _ in path_beg is also questionable. You can have _ in dns names, > but are not valid in host names.
[ CCing the mailing list again ] A primary use-case for ACLs is to match invalid values and headers ( for example in case of zero days). We can't restrict ACLs to valid things only, that would defeat the purpose of ACLs. Lukas
