Actions
Documentation #5485
openDocumentation #5182: userguide: better document rule keywords
userguide: explain that the http.header_names buffer is normalized
Affected Versions:
Effort:
Difficulty:
Label:
Description
libhtp normalizes the http.header_names buffer, as it resides in a structure that does not allow duplicates.
As someone inspecting Wireshark packet traffic may be expecting something different when writing a rule, make this behavior clear on our documentation.
Updated by Juliana Fajardini Reichow over 2 years ago
- Subject changed from userguide: explain that the http.header_names is normalized to userguide: explain that the http.header_names buffer is normalized
Updated by Jason Taylor 8 months ago
- Assignee changed from OISF Dev to Jason Taylor
This will be/is resolved with the work being done on ticket #3025
Updated by Brandon Murphy 8 months ago
looks like #6779 might be a duplicate of this.
Updated by Juliana Fajardini Reichow 8 months ago
- Related to Bug #6779: http.header_names behavior when encountering duplicate header names added
Updated by Juliana Fajardini Reichow 7 months ago
- Target version changed from TBD to 8.0.0-beta1
Actions