Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR introduces information regarding addresses to the diagnostics for each of the different features. This includes both required and optional addresses, for example:
This allows the WAF user to distinguish which addresses they actually need to provide (required) from those which are opportunistically used (optionals) . It also allows distinguishing addresses which are used in potentially disabled features, for example, the processors section would provide insights into the addresses used for schema extraction:
Unfortunately, it's not possible to distinguish which addresses correspond to the schema extraction processor, although if more processors are included in the future, this might be required.
Finally, this PR also renames
ddwaf_required_addresses
toddwaf_known_addresses
to better reflect the actual contents. This function now also returns optional addresses (processor mappings, object filter addresses) and required addresses (mainly condition addresses).Related Jira APPSEC-11125