SecGeoLookupDb directive support #170
Conversation
| @@ -34,11 +34,11 @@ func (o *eq) Init(data string) error { | |||
| } | |||
|
|
|||
| func (o *eq) Evaluate(tx *coraza.Transaction, value string) bool { | |||
| d1, err := strconv.Atoi(o.data.Expand(tx)) | |||
| d1, err := strconv.ParseFloat(o.data.Expand(tx), 64) | |||
There was a problem hiding this comment.
Are you sure ge, eq, lt, etc... support floats instead of ints?
There was a problem hiding this comment.
Yeah! Using float64 can support the comparison of positive and negative numbers, and the memory occupied on 64 bit machines is the same as that of int type(most machines should be 64 bit)
|
Kudos, SonarCloud Quality Gate passed! |
|
Also, looks like there are some conflicts in the go.mod file 🤔 |
|
Can we transform this into a plugin until we find how to manage the databases? It will be an official plugin with official support. I think we must keep it simple, in the meantime we can use the waf.Config.Get("geoip") interface to store the database for each engine (one plugin per engine) I have created this as a sample: https://github.com/corazawaf/coraza-geoip |
Sure! Thank you very much! |
Note: that go.mod and go.sum can only be modified for tested dependency updates or justified new features.
Make sure that you've checked the boxes below before you submit PR:
Thanks for your PR ❤️