Hi @TimDiam0nd,

thanks for the PR.

First of all, could you take a look at this lintian error? Seems like the platform-platform-internet-explorer is missing from the list.

(But perhaps this is a typo, I'm not sure you want to add a tag with name platform-platform 😃)

Hey, apologies about that, that should be fixed now (i initially wasnt aware of the approved tags list). Happy to rename the nodejs tag to something else if you would like

Hey, apologies about that, that should be fixed now (i initially wasnt aware of the approved tags list). Happy to rename the nodejs tag to something else if you would like

No worries, thanks for contributing.

platform-node-js suits me, but you've added another tag (for eg.) here. All used tags must listen in file APPROVED_TAGS.

But what would be good to explain in the PR's summary is how did you collect the rules what need to have these tags.

but you've added another tag (for eg.) here.

Sorry, now I see that tag had already added.

But what would be good to explain in the PR's summary is how did you collect the rules what need to have these tags.

PR Summary updated as per above

Open questions from today's issues meeting:

• The references to "IE XSS filters": is it just that those XSS-matching regular expressions came from Microsoft? And they put them into IE 8 many, many years ago?
• What do we mean by a 'platform' tag? The target of the attack we are detecting? The source of the knowledge to write the rule? The user agent for a would-be attack/vulnerability?

I'll dig in a bit further and try to answer some of these questions. A lot of this was implemented before, I think, any of the current devs were involved in CRS, so it might involve some CRS archaeology 🕵️ 🔎

Re-opening as this is unresolved and we decided to investigate it further.

📊 Quantitative test results for language: eng, year: 2023, size: 10K, paranoia level: 1:
🚀 Quantitative testing did not detect new false positives