V2 is a major rework of OWASP Coraza.
- Better APIs and linting
- Better plugin support
- Better performance
- Better compatibility
- Better logging
What's Changed
- fix(op): move operator to native utf8.ValidString method by @fzipi in #88
- fix(removewhitespace): move to golang funcs by @fzipi in #92
- fix(removenull): move to golang funcs by @fzipi in #91
- fix(utf8toUnicode): change to golang standard funcs by @fzipi in #90
- fix(lint): fixes golang linter errors by @fzipi in #89
- Add error log support by @jptosso in #93
- Add tx tests by @jptosso in #94
- Bump github.com/antchfx/xmlquery from 1.3.6 to 1.3.7 by @dependabot in #95
- Bump github.com/antchfx/xmlquery from 1.3.7 to 1.3.8 by @dependabot in #96
- Bump github.com/antchfx/jsonquery from 1.1.4 to 1.1.5 by @dependabot in #97
- V2/testing rework by @jptosso in #109
- V2/testing rework by @jptosso in #110
- V2/testing rework by @jptosso in #111
- V2/directive plugins by @jptosso in #120
- V2/fix byteranges by @jptosso in #123
- Rules refactor by @jptosso in #125
- V2/crs tests by @jptosso in #128
- V2/parser rework by @jptosso in #131
- V2/audit rework by @jptosso in #133
- V2/rc1 by @jptosso in #135
- V2/tx syncpool by @jptosso in #136
- build(deps): bump go.uber.org/zap from 1.19.1 to 1.20.0 by @dependabot in #139
- fix for auditlog by @ShiMing-Q in #140
- Fix for some config does not work by @ShiMing-Q in #142
- feat: integrate libinjection-go by @jptosso in #149
- V2/master code specification and remove some useless code by @bxlxx in #157
- V2/rc2 by @jptosso in #158
- fix: chain loop for #159 by @jptosso in #166
- update module name by @bxlxx in #169
- build(deps): bump go.uber.org/zap from 1.20.0 to 1.21.0 by @dependabot in #155
- fix for #176 by @bxlxx in #184
- fix MATCHED VARS issues by @jptosso in #189
- fix for #172 by @bxlxx in #188
- feat(operator): support SecRule "! ^some" as a valid rx negation by @bxlxx in #197
- fix(test): Update go-ftw action with new org by @jptosso in #201
- README: add owasp status, pre-commit and new org by @jptosso in #202
- fix: support array format for parsing json data in the body processor by @bxlxx in #205
- feat: use DirectiveOptions instead of waf.Config to share variables across directives by @bxlxx in #206
New Contributors
Full Changelog: v1.2.0...v2.0.0