diff --git a/docs/checkrules-bnf.md b/docs/checkrules-bnf.md index 666366b..ba12f6f 100644 --- a/docs/checkrules-bnf.md +++ b/docs/checkrules-bnf.md @@ -1,6 +1,6 @@ # Checkrules -CheckRules instruct naxsi to take an action (`LOG`, `BLOCK`, `DROP`, `ALLOW`) based on a specific score associated to the request. This _score_ has usually been set by one or several [rule(s)](rules-bnf). +CheckRules instruct naxsi to take an action (`LOG`, `BLOCK`, `DROP`, `ALLOW`) based on a specific score associated to the request. This _score_ has usually been set by one or several [rule(s)](rules-bnf.md). `CheckRule` must be present at location level. @@ -19,7 +19,7 @@ If the `$SQL` is equal or superior to '8', apply BLOCK flag to the request. Requ ### Other Usages `CheckRule(s)` can as well be used to mix white and black-lists. -Having a configuration mixing virtual-patching (see [rules](rules-bnf)) and `naxsi_core.rules`, it is possible to have : +Having a configuration mixing virtual-patching (see [rules](rules-bnf.md)) and `naxsi_core.rules`, it is possible to have : ``` CheckRule "$UWA >= 4" DROP; diff --git a/docs/directives.md b/docs/directives.md index 8199eb8..789aa90 100644 --- a/docs/directives.md +++ b/docs/directives.md @@ -43,7 +43,7 @@ LearningMode; ``` Keep in mind that internal rules (those with an `id` inferior to 1000) will drop the request even in learning mode, because it means that something fishy is going on, since naxsi can't correctly process the request. -You can of course apply [whitelist](whitelists-bnf) if those are false-positives. +You can of course apply [whitelist](whitelists-bnf.md) if those are false-positives. ## SecRulesEnabled * alias: rules_enabled @@ -61,36 +61,36 @@ You can of course apply [whitelist](whitelists-bnf) if those are false-positives * alias: check_rule * context: location -See [CheckRule](checkrules-bnf) +See [CheckRule](checkrules-bnf.md) ## BasicRule * alias: basic_rule * context: location -A directive used to declare a [rule](rules-bnf) or a [whitelist](whitelist-bnf). +A directive used to declare a [rule](rules-bnf.md) or a [whitelist](whitelist-bnf.md). ## MainRule * alias: main_rule * context: http -A directive used to declare a [rule](rule-bnf) or a [whitelist](whitelist-bnf). +A directive used to declare a [rule](rule-bnf.md) or a [whitelist](whitelist-bnf.md). ## LibInjectionXss * alias: libinjection_xss * context: location -A directive to enable [libinjection's xss detection](libinjection-integration) on *all* part of the http request. +A directive to enable [libinjection's xss detection](libinjection-integration.md) on *all* part of the http request. ## LibInjectionSql * alias: libinjection_sql * context: location -A directive to enable [libinjection's sqli detection](libinjection-integration) on *all* part of the http request. +A directive to enable [libinjection's sqli detection](libinjection-integration.md) on *all* part of the http request. ## naxsi_extensive_log * context: server -A flag that can be set at [runtime](runtime-modifiers) to enable [naxsi extensive logs](naxsilogs#naxsi_exlog). +A flag that can be set at [runtime](runtime-modifiers.md) to enable [naxsi extensive logs](naxsilogs.md#naxsi_exlog). ``` server { @@ -123,7 +123,7 @@ TODO DOCUMENTATION ## naxsi_flag_enable * context: server -A flag that can be set at [runtime](runtime-modifiers) to enable or disable naxsi. +A flag that can be set at [runtime](runtime-modifiers.md) to enable or disable naxsi. ``` server { @@ -137,7 +137,7 @@ server { ## naxsi_flag_learning * context: server -A flag that can be set at [runtime](runtime-modifiers) to enable or disable learning. +A flag that can be set at [runtime](runtime-modifiers.md) to enable or disable learning. ``` server { @@ -151,7 +151,7 @@ server { ## naxsi_flag_libinjection_sql * context: server -A flag that can be set at [runtime](runtime-modifiers) to enable or disable [libinjection's sql detection](libinjection-integration) +A flag that can be set at [runtime](runtime-modifiers.md) to enable or disable [libinjection's sql detection](libinjection-integration.md) ``` server { @@ -164,7 +164,7 @@ server { ## naxsi_flag_libinjection_xss -A flag that can be set at [runtime](runtime-modifiers) to enable or disable [libinjection's xss detection](libinjection-integration) +A flag that can be set at [runtime](runtime-modifiers.md) to enable or disable [libinjection's xss detection](libinjection-integration.md) ``` server { diff --git a/docs/index.md b/docs/index.md index f307c17..cb5a7bb 100644 --- a/docs/index.md +++ b/docs/index.md @@ -1,37 +1,37 @@ 1. Introduction - - [x] [README](../README) + - [x] [README](../README.md) 1. Setup - - [x] [compiling nginx+naxsi](naxsi-compile) - - [x] [Basic nginx/naxsi configuration](naxsi-setup) + - [x] [compiling nginx+naxsi](naxsi-compile.md) + - [x] [Basic nginx/naxsi configuration](naxsi-setup.md) 1. Naxsi Configuration Directives - - [x] [whitelists](whitelists-bnf) - - [x] [rules](rules-bnf) - - [x] [checkrules](checkrules-bnf) - - [x] [requestdenied](requestdenied-bnf) - - [x] [naxsi directives index](directives) - - [x] [zoom : matchzones](matchzones-bnf) + - [x] [whitelists](whitelists-bnf.md) + - [x] [rules](rules-bnf.md) + - [x] [checkrules](checkrules-bnf.md) + - [x] [requestdenied](requestdenied-bnf.md) + - [x] [naxsi directives index](directives.md) + - [x] [zoom : matchzones](matchzones-bnf.md) 1. Naxsi Extras - - [x] [Raw Body Parsing](rawbody) - - [x] [libinjection integration](libinjection-integration) - - [x] [json support](json) - - [x] [runtime modifiers](runtime-modifiers) + - [x] [Raw Body Parsing](rawbody.md) + - [x] [libinjection integration](libinjection-integration.md) + - [x] [json support](json.md) + - [x] [runtime modifiers](runtime-modifiers.md) 1. Examples - - [x] [whitelists examples](whitelists-examples) - - [x] [rules examples](rules-examples) + - [x] [whitelists examples](whitelists-examples.md) + - [x] [rules examples](rules-examples.md) 1. Going deeper - - [x] [Understanding naxsi logs](naxsilogs) - - [x] [Runtime Modifiers](runtime-modifiers) - - [x] [Naxsi internal rules](internal-rules) - - [x] [Contributing to naxsi](Contributing) - - [x] [Vulnerability management](olds-Security-Advisories) + - [x] [Understanding naxsi logs](naxsilogs.md) + - [x] [Runtime Modifiers](runtime-modifiers.md) + - [x] [Naxsi internal rules](internal-rules.md) + - [x] [Contributing to naxsi](Contributing.md) + - [x] [Vulnerability management](olds-Security-Advisories.md) 1. Integration - - [x] [Fail2Ban integration](integration-fail2ban) - - [x] [AppArmor profile for naxsi](integration-apparmor) + - [x] [Fail2Ban integration](integration-fail2ban.md) + - [x] [AppArmor profile for naxsi](integration-apparmor.md) 1. Naxsi rules mamagement - - [x] [installing nxapi](https://github.com/nbs-system/naxsi/tree/master/nxapi) - - [x] [nxapi/nxtool](https://github.com/nbs-system/naxsi/tree/master/nxapi) - - [x] [spike](http://github.com/nbs-system/spike) + - [x] [installing nxapi](https://github.com/nbs-system/naxsi/tree/master/nxapi.md) + - [x] [nxapi/nxtool](https://github.com/nbs-system/naxsi/tree/master/nxapi.md) + - [x] [spike](http://github.com/nbs-system/spike.md) - [ ] ES/Kibana 1. Legacy wiki - - [LEGACY WIKI](legacy) - - [Old FAQ](olds-faq) + - [LEGACY WIKI](legacy.md) + - [Old FAQ](olds-faq.md) diff --git a/docs/internal-rules.md b/docs/internal-rules.md index 27bf628..082154a 100644 --- a/docs/internal-rules.md +++ b/docs/internal-rules.md @@ -87,13 +87,13 @@ Raised when body is empty and/or content-length is zero. * id: 17 * action: ?? -See [libinjection](libinjection-integration). +See [libinjection](libinjection-integration.md). ## libinjection_xss * id: 18 * action: ?? -See [libinjection](libinjection-integration). +See [libinjection](libinjection-integration.md). ## no_rules * id: 19 diff --git a/docs/json.md b/docs/json.md index a67e122..4130f2b 100644 --- a/docs/json.md +++ b/docs/json.md @@ -6,7 +6,7 @@ POST/PUT request with content-type `application/json` will be handled by naxsi s * whitelists (or rules) for specific variable use the classic `$BODY_VAR:xx` -However for JSON, naxsi does not keep track of depth, and has [a hardcoded limit of 10 (depth)](internal-rules#invalid_json). +However for JSON, naxsi does not keep track of depth, and has [a hardcoded limit of 10 (depth)](internal-rules.md#invalid_json). A request : ``` diff --git a/docs/legacy.md b/docs/legacy.md index 1fd893f..c7a6151 100644 --- a/docs/legacy.md +++ b/docs/legacy.md @@ -9,21 +9,21 @@ please notify us via issues or help us moving it to current wiki. - * [fail2ban](olds-A-fail2ban-profile-for-Naxsi) - * [naxsilogs](olds-naxsilogs) - * [naxsivsobfuscated](olds-naxsivsobfuscated) - * [deniedurl](olds-deniedurl) - * [Knownbugs](olds-Knownbugs) - * [rulessyntax](olds-rulessyntax) - * [whitelists](olds-whitelists) - * [basicsetup](olds-basicsetup) - * [Security-Advisories](olds-Security-Advisories) - * [libinjection](olds-libinjection) - * [dynamicmodifiers](olds-dynamicmodifiers) - * [installation](olds-installation) - * [Philosophy](olds-Philosophy) - * [faq](olds-faq) - * [Home](olds-Home) - * [naxsivsappscan](olds-naxsivsappscan) - * [embedded_rules](olds-embedded_rules) - * [testing-and-stuff](olds-testing-and-stuff) + * [fail2ban](olds-A-fail2ban-profile-for-Naxsi.md) + * [naxsilogs](olds-naxsilogs.md) + * [naxsivsobfuscated](olds-naxsivsobfuscated.md) + * [deniedurl](olds-deniedurl.md) + * [Knownbugs](olds-Knownbugs.md) + * [rulessyntax](olds-rulessyntax.md) + * [whitelists](olds-whitelists.md) + * [basicsetup](olds-basicsetup.md) + * [Security-Advisories](olds-Security-Advisories.md) + * [libinjection](olds-libinjection.md) + * [dynamicmodifiers](olds-dynamicmodifiers.md) + * [installation](olds-installation.md) + * [Philosophy](olds-Philosophy.md) + * [faq](olds-faq.md) + * [Home](olds-Home.md) + * [naxsivsappscan](olds-naxsivsappscan.md) + * [embedded_rules](olds-embedded_rules.md) + * [testing-and-stuff](olds-testing-and-stuff.md) diff --git a/docs/libinjection-integration.md b/docs/libinjection-integration.md index 867ff9f..1cc0a13 100644 --- a/docs/libinjection-integration.md +++ b/docs/libinjection-integration.md @@ -6,7 +6,7 @@ ### Generic Detection -libinjection generic detection *must* be explicitely enabled using specific directives : [LibInjectionXss](directives#libinjectionxss) or [LibInjectionSql](directives#libinjectionsql). It can as well be enabled at runtime using [runtime modifiers](runtime-modifiers) : `naxsi_flag_libinjection_xss` and `naxsi_flag_libinjection_sql`. +libinjection generic detection *must* be explicitely enabled using specific directives : [LibInjectionXss](directives.md#libinjectionxss) or [LibInjectionSql](directives.md#libinjectionsql). It can as well be enabled at runtime using [runtime modifiers](runtime-modifiers.md) : `naxsi_flag_libinjection_xss` and `naxsi_flag_libinjection_sql`. * Generic libinjection_xss rule has internal id 18 and increases named score `$LIBINJECTION_XSS` of 8 per match. @@ -34,7 +34,7 @@ location / { } ``` -When generic detection is enabled, false positives can be whitelisted using id 17 ([libinjection_xss](internal-rules#libinjection_xss)) or 18 ([libinjection_sql](internal-rules#libinjection_sql)). +When generic detection is enabled, false positives can be whitelisted using id 17 ([libinjection_xss](internal-rules.md#libinjection_xss)) or 18 ([libinjection_sql](internal-rules.md#libinjection_sql)). Using runtime modifiers, it might look like : diff --git a/docs/naxsi-compile.md b/docs/naxsi-compile.md index 0252027..06e5a1e 100644 --- a/docs/naxsi-compile.md +++ b/docs/naxsi-compile.md @@ -165,7 +165,7 @@ server { } ``` -See [here](whitelists-bnf) and [here](whitelists-examples) for more informations about whitelists. +See [here](whitelists-bnf.md) and [here](whitelists-examples.md) for more informations about whitelists. #### Blacklist diff --git a/docs/naxsi-setup.md b/docs/naxsi-setup.md index 7a77939..b573ac4 100644 --- a/docs/naxsi-setup.md +++ b/docs/naxsi-setup.md @@ -5,13 +5,13 @@ * **http {}** level : `include naxsi_core.rules` * **server {}** level : - * [Dynamic modifiers](runtime-modifiers) + * [Dynamic modifiers](runtime-modifiers.md) * **location {}** level : - * [Enabled/Disabled directives](directives#secrulesenabled) - * [LearningMode-related directives](directives#learningmode) - * [Whitelists](whitelists-bnf) - * [CheckRules](checkrules-bnf) - * [RequestDenied](requestdenied-bnf) + * [Enabled/Disabled directives](directives.md#secrulesenabled) + * [LearningMode-related directives](directives.md#learningmode) + * [Whitelists](whitelists-bnf.md) + * [CheckRules](checkrules-bnf.md) + * [RequestDenied](requestdenied-bnf.md) * **location /RequestDenied** * return HTTP error code, post-processing ... @@ -61,7 +61,7 @@ http { The next step is learning; however, before jumping there, ensure that you have: * A nginx as a webserver or reverse proxy * Naxsi installed and running in learning mode - * If you perform a request such as `curl 'http://127.0.0.1:4242/?a=<>'`, you should see a [NAXSI_FMT](naxsilogs#naxsi_fmt) in your logs : + * If you perform a request such as `curl 'http://127.0.0.1:4242/?a=<>'`, you should see a [NAXSI_FMT](naxsilogs.md#naxsi_fmt) in your logs : `2016/07/12 13:27:04 [error] 14492#0: *1 NAXSI_FMT: ip=127.0.0.1&server=127.0.0.1&uri=/&learning=1&vers=0.55rc2&total_processed=1&total_blocked=1&block=1&cscore0=$XSS&score0=16&zone0=ARGS&id0=1302&var_name0=a&zone1=ARGS&id1=1303&var_name1=a, client: 127.0.0.1, server: localhost, request: "GET /?a=<> HTTP/1.1", host: "127.0.0.1:4242"` diff --git a/docs/naxsilogs.md b/docs/naxsilogs.md index 7cc11e6..9fd2196 100644 --- a/docs/naxsilogs.md +++ b/docs/naxsilogs.md @@ -31,7 +31,7 @@ Several groups of zone, id, var_name, cscore and score can be present in a singl ### NAXSI_EXLOG -NAXSI_EXLOG is a complement to [[naxsilogs]]. Along with exceptions, it contains actual content of the matched request. While NAXSI_FMT only contains IDs and location of exception, NAXSI_EXLOG provides actual content, allowing you to easily decide if it's a false positive or not. +NAXSI_EXLOG is a complement to [[naxsilogs.md]]. Along with exceptions, it contains actual content of the matched request. While NAXSI_FMT only contains IDs and location of exception, NAXSI_EXLOG provides actual content, allowing you to easily decide if it's a false positive or not. Learning tools uses this at his advantage. Extensive log is enabled by adding the following line in your server {} section but **out** of your location. @@ -50,7 +50,7 @@ This feature is provided by [[runtime-modifiers]]. "User defined" rules are supposed to have IDs > `1000`. -IDs inferior `1000` are reserved for [naxsi internal rules](internal-rules), which are usually related to protocol sanity and things that cannot be expressed through regular expressions or string matches. +IDs inferior `1000` are reserved for [naxsi internal rules](internal-rules.md), which are usually related to protocol sanity and things that cannot be expressed through regular expressions or string matches. Think twice before whitelisting one of those IDs, as it might partially/totally disable naxsi. @@ -58,4 +58,4 @@ Think twice before whitelisting one of those IDs, as it might partially/totally TODO DOCUMENTATION -[directives#naxsi_json_log](directives) +[directives.md#naxsi_json_log](directives) diff --git a/docs/rawbody.md b/docs/rawbody.md index 951fbca..1e8d163 100644 --- a/docs/rawbody.md +++ b/docs/rawbody.md @@ -2,7 +2,7 @@ RAW_BODY (>= 0.55rc0) is a feature to allow naxsi to match patterns in content it doesn't know to parse. -As stated in [internal rules](internal-rules), naxsi will bail out when it doesn't know content-type. If id:11 [bad content-type](internal-rules#uncommon_content_type) is whitelisted, then naxsi will go onto proceed all rules that are targeting `RAW_BODY`. +As stated in [internal rules](internal-rules.md), naxsi will bail out when it doesn't know content-type. If id:11 [bad content-type](internal-rules.md#uncommon_content_type) is whitelisted, then naxsi will go onto proceed all rules that are targeting `RAW_BODY`. ie. configuration : diff --git a/docs/rules-bnf.md b/docs/rules-bnf.md index 8516788..0631563 100644 --- a/docs/rules-bnf.md +++ b/docs/rules-bnf.md @@ -39,11 +39,11 @@ All strings *must* be lowercase, since naxsi's matches are case insensitive. **s** is the score section. You can create "named" counters: `s:$FOOBAR:4` will increase counter `$FOOBAR` value by 4. One rule can increase several scores: `s:$FOO:4,$BAR:8` will increase both `$FOO` by 4 and `$BAR` by 8. A rule can as well directly specifiy an action such a BLOCK (blocks the request in non-learning mode) or DROP (blocks the request **even** in learning mode) -Named scores are later handled by [CheckRules](checkrules-bnf). +Named scores are later handled by [CheckRules](checkrules-bnf.md). ### MatchZone (mz:...) -Please refer to [Match Zones](matchzones-bnf) for details. +Please refer to [Match Zones](matchzones-bnf.md) for details. **mz** is the match zone, defining which part of the request will be inspected by the rule. diff --git a/docs/rules-examples.md b/docs/rules-examples.md index dc77662..7991d0a 100644 --- a/docs/rules-examples.md +++ b/docs/rules-examples.md @@ -1,4 +1,4 @@ -Go to [Rules Explanation](rules-bnf) +Go to [Rules Explanation](rules-bnf.md) * [generic rules](#generic-rules) @@ -87,7 +87,7 @@ MainRule "rx:\.ph|\.asp|\.ht" "msg:asp/php file upload!" "mz:FILE_EXT" "s:$UPLOA ### Raw Body Raw Body zone is meant for the content-types that naxsi can't parse (XML, java serialized objects, unorthodox developments). -See [RAW_BODY](zoom-rawbody) for details on RAW_BODY behaviour. +See [RAW_BODY](rawbody.md) for details on RAW_BODY behaviour. ``` MainRule "id:4241" "s:DROP" "str:RANDOMTHINGS" "mz:RAW_BODY"; diff --git a/docs/runtime-modifiers.md b/docs/runtime-modifiers.md index 54f1f27..b0a5842 100644 --- a/docs/runtime-modifiers.md +++ b/docs/runtime-modifiers.md @@ -63,7 +63,7 @@ If `naxsi_flag_learning` variable is present, this value will override naxsi's c ### naxsi_flag_post_action -[post_action](http://wiki.nginx.org/HttpCoreModule#post_action) can be used by naxsi to literally forward a request to the [DeniedUrl](directives#deniedurl) location. It is on by default until naxsi 0.50 (a souvenir from ̀nx_intercept`) and is off by default since 0.51, because of the switch to [nxtool](https://github.com/nbs-system/naxsi/tree/master/nxapi). +[post_action](http://wiki.nginx.org/HttpCoreModule#post_action) can be used by naxsi to literally forward a request to the [DeniedUrl](directives.md#deniedurl) location. It is on by default until naxsi 0.50 (a souvenir from ̀nx_intercept`) and is off by default since 0.51, because of the switch to [nxtool](https://github.com/nbs-system/naxsi/tree/master/nxapi). Using this might lead to unpredictable behavior Can be set to 0 or 1 @@ -88,18 +88,18 @@ Because of a potential impact on performance, use this with caution. Naxsi will NAXSI_EXLOG: ip=%V&server=%V&uri=%V&id=%d&zone=%s&var_name=%V&content=%V ``` -See [naxsi logs](naxsilogs) for more details. +See [naxsi logs](naxsilogs.md) for more details. ### naxsi_flag_libinjection_sql -If set to "1", naxsi will pass every parsed content to [libinjection](libinjection-integration) and ask for SQL injection detection. -If the libinjection matches, internal rule [libinjection_sql is fired ](internal-rules#libinjection_sql). +If set to "1", naxsi will pass every parsed content to [libinjection](libinjection-integration.md) and ask for SQL injection detection. +If the libinjection matches, internal rule [libinjection_sql is fired ](internal-rules.md#libinjection_sql). ### naxsi_flag_libinjection_xss -If set to "1", naxsi will pass every parsed content to [libinjection](libinjection-integration) and ask for XSS detection. -If the libinjection matches, internal rule [libinjection_xss is fired ](internal-rules#libinjection_xss). +If set to "1", naxsi will pass every parsed content to [libinjection](libinjection-integration.md) and ask for XSS detection. +If the libinjection matches, internal rule [libinjection_xss is fired ](internal-rules.md#libinjection_xss). ### naxsi_json_log diff --git a/docs/whitelists-bnf.md b/docs/whitelists-bnf.md index 72c4040..dacce7d 100644 --- a/docs/whitelists-bnf.md +++ b/docs/whitelists-bnf.md @@ -26,7 +26,7 @@ _note: you can't mix negative and positive ID(s) in whitelists_ ### MatchZone (mz:...) -Please refer to [Match Zones](matchzones-bnf) for details. +Please refer to [Match Zones](matchzones-bnf.md) for details. *mz* is the match-zone, specifying in which part(s) of the request the specified ID(s) must be ignored. @@ -43,7 +43,7 @@ As for rules, `$URL*` in match-zone is not enough to specify the target zone. ### Notes - A zone (ARGS,BODY,HEADERS) can be suffixed with `|NAME`, meaning the rule matched in the name of the variable, but not its content. -- `RAW_BODY` whitelists are written just as any `BODY` whitelist, see [Whitelists Examples](whitelists-examples) +- `RAW_BODY` whitelists are written just as any `BODY` whitelist, see [Whitelists Examples](whitelists-examples.md) - A whitelist can't mix `_X` elements with `_VAR` or `$URL` items. ie: ``` @@ -52,4 +52,4 @@ $URL_X:^/foo$|$ARGS_VAR_X:^bar$ : GOOD ``` You can also whitelist by IP/CIDR and all the rules will not be blocked for these ips but logs will be generated. -For more details look here: [IgnoreIP and IgnoreCIDR](IgnoreIP-and-IgnoreCIDR) \ No newline at end of file +For more details look here: [IgnoreIP and IgnoreCIDR](IgnoreIP-and-IgnoreCIDR.md) \ No newline at end of file diff --git a/docs/whitelists-examples.md b/docs/whitelists-examples.md index 94b955d..029a1db 100644 --- a/docs/whitelists-examples.md +++ b/docs/whitelists-examples.md @@ -1,4 +1,4 @@ -Go to [Whitelists Explanation](whitelists-bnf) +Go to [Whitelists Explanation](whitelists-bnf.md) ### Static Whitelist Examples @@ -74,7 +74,7 @@ BasicRule wl:1000 "mz:$URL_X:^/foo|$ARGS_VAR_X:^[0-9]"; ### RAW_BODY whitelists -See [RAW_BODY](rawbody) specificites first. +See [RAW_BODY](rawbody.md) specificites first. Whitelists targeting RAW_BODY are written in the same way as any other BODY rule. @@ -90,7 +90,7 @@ BasicRule wl:4241 "mz:$URL:/|BODY"; ### FILE_EXT whitelists -See [FILE_EXT](zoom-fileext) specifities first. +See [FILE_EXT](zoom-fileext.md) specifities first. Whitelisting rule 1337 on URL /index.html for file name will be written : @@ -100,7 +100,7 @@ BasicRule wl:1337 "mz:$URL:/index.html|FILE_EXT"; ### JSON whitelists -See [JSON](zoom-json) specifities first. +See [JSON](json.md) specifities first. JSON is handled as normal BODY, and parsed into variable when possible :