Download Latest Version
v3.7.0 source code.tar.gz (446.0 kB)
Get an email when there's a new version of Coraza
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| README.md | 2026-04-06 | 2.3 kB | |
| v3.7.0 source code.tar.gz | 2026-04-06 | 446.0 kB | |
| v3.7.0 source code.zip | 2026-04-06 | 693.9 kB | |
| Totals: 3 Items | 1.1 MB | 1 | |
What's Changed
🆕 Features
- feat: implement audit log Part J (uploaded files) by @fzipi in https://github.com/corazawaf/coraza/pull/1591
- feat: adds SecRxPreFilter directive to control @rx prefiltering by @M4tteoP in https://github.com/corazawaf/coraza/pull/1589
Fixes
- fix: recognize braced hex escapes in matchesArbitraryBytes by @fzipi in https://github.com/corazawaf/coraza/pull/1584
- fix: use Audit flag for audit log message filtering by @fzipi in https://github.com/corazawaf/coraza/pull/1587
- fix: ProcessPartial when DetectionOnly, revisits
coraza.conf-recommendedby @M4tteoP in https://github.com/corazawaf/coraza/pull/1588 - fix: align HIGHEST_SEVERITY with ModSecurity behavior by @majiayu000 in https://github.com/corazawaf/coraza/pull/1569
- fix: prevent superfluous WriteHeader and use structured logging by @fzipi in https://github.com/corazawaf/coraza/pull/1593
- fix: disruptive action chain validation by @soujanyanmbri in https://github.com/corazawaf/coraza/pull/1603
🚀 Performance enhancements
- perf: store transformationValue by value in cache map by @jptosso in https://github.com/corazawaf/coraza/pull/1528
- perf: skip matchedVars.Reset() when map is already empty by @fzipi in https://github.com/corazawaf/coraza/pull/1599
Other changes
- bumps CRS to 4.25, improves ftw testing by @M4tteoP in https://github.com/corazawaf/coraza/pull/1580
- chore(golangci): add quality parameters to golangci by @jptosso in https://github.com/corazawaf/coraza/pull/1204
- chore: change renovatebot config source from local to GitHub by @fzipi in https://github.com/corazawaf/coraza/pull/1592
- test: add nolog, auditlog test by @jcchavezs in https://github.com/corazawaf/coraza/pull/1307
- tests: move one ignore to overrides by @M4tteoP in https://github.com/corazawaf/coraza/pull/1586
- docs: strengthen SECURITY.md with mandatory PoC and anti-LLM reporting policy by @Copilot in https://github.com/corazawaf/coraza/pull/1585
- fix(docs): closes code block and nits by @M4tteoP in https://github.com/corazawaf/coraza/pull/1598
New Contributors
- @majiayu000 made their first contribution in https://github.com/corazawaf/coraza/pull/1569
Full Changelog: https://github.com/corazawaf/coraza/compare/v3.6.0...v3.7.0
