SQL injection protection - enable turn off #95

Jarek-Rolski · 2024-07-17T09:57:29Z

I wrapped up sql injection statement into dynamic block.
The block can be turned off with variable from main rapid module.

MotwaniM · 2024-07-23T16:51:41Z

infrastructure/modules/ui/variables.tf

@@ -59,3 +59,9 @@ variable "geo_restriction_locations" {
  type        = list(string)
  default     = ["GB"]
 }
+
+variable "sql_injection_protection" {
+  description = "Wheather to add SQL injection protection to WAF."


Spelling issue + would you be okay adding a bit of text to flag that this disables some rules in the WAF that add protection to the overall application. Ok with this is in principle, just want users to be aware of the risks.

MotwaniM · 2024-07-24T09:03:42Z

Looks good! We'll merge it as part of our next release

enable sql injection protection turn off with var

f6228a4

Jarek-Rolski mentioned this pull request Jul 17, 2024

JSON Decode Error and possible cause #94

Open

MotwaniM requested changes Jul 23, 2024

View reviewed changes

fix var description

c1170f8

Jarek-Rolski requested a review from MotwaniM July 24, 2024 09:02

MotwaniM approved these changes Jul 24, 2024

View reviewed changes

MotwaniM changed the base branch from main to release/7.12.0 October 30, 2024 11:20

MotwaniM merged commit f0bf895 into no10ds:release/7.12.0 Nov 7, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SQL injection protection - enable turn off #95

SQL injection protection - enable turn off #95

Jarek-Rolski commented Jul 17, 2024

MotwaniM Jul 23, 2024

MotwaniM commented Jul 24, 2024

SQL injection protection - enable turn off #95

SQL injection protection - enable turn off #95

Conversation

Jarek-Rolski commented Jul 17, 2024

MotwaniM Jul 23, 2024

Choose a reason for hiding this comment

MotwaniM commented Jul 24, 2024