Hi Christian, On Thu, Jun 01, 2017 at 11:53:37PM +0200, Christian Folini wrote: > Ervin, > > Thank you for that quick status. Looking forward to hear of your tests.
thanks, > On Thu, Jun 01, 2017 at 09:36:18PM +0200, Ervin Hegedüs wrote: > > > Validating the byte range in combination with UTF8 and friends is > > > something we might have to drop for PL1. We let ASCII 0 stay in the > > > default install, but maybe it has to go in light of this false positive > > > which I think is generic to many languages not using the standard latin > > > ascii set. > > > > sorry - what does it mean the "PL1"? > > Paranoia Level 1. Sorry for the insider language. :) you don't need to apologize :). I'm a beginner in WAF's - a few weeks/months ago I've started to work with HW WAF's (Imperva), and then I started to look the open-source/SW WAF's. So I'm totally new in this area of IT, but it's very interesting, and I'm really enjoying :). Thanks again for all for you, regards, a. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
