sophie/nuke
1
0
Fork 0
Code Packages 1 Activity Actions

fix(lib): make Anubis less paranoid (#365)

Browse source 
Previously Anubis would aggressively make sure that the client cookie
matched exactly what it should. This has turned out to be too paranoid
in practice and has caused problems with Happy Eyeballs et. al.

This is a potential fix to #303 and #289.
This commit is contained in:
Xe Iaso 2025-04-25 15:02:55 -04:00 committed by GitHub
parent 24f8ba729b
commit c669b47b57
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 3 additions and 52 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/docs/admin/policies.mdx
View file

@ -241,6 +241,6 @@ In case your service needs it for risk calculation reasons, Anubis exposes infor
| :---------------- | :--------------------------------------------------- | :--------------- |
| `X-Anubis-Rule` | The name of the rule that was matched | `bot/lightpanda` |
| `X-Anubis-Action` | The action that Anubis took in response to that rule | `CHALLENGE` |
| `X-Anubis-Status` | The status and how strict Anubis was in its checks | `PASS-FULL` |
| `X-Anubis-Status` | The status and how strict Anubis was in its checks | `PASS` |
Policy rules are matched using [Go's standard library regular expressions package](https://pkg.go.dev/regexp). You can mess around with the syntax at [regex101.com](https://regex101.com), make sure to select the Golang option.