Conversation
Use Cloudflare's wirefilter engine (via zen-internals WASM) to
evaluate WAF rules against HTTP requests. Rules come from the
config API and get checked in the middleware per request.
Field names follow Cloudflare's conventions (http.request.method,
http.request.uri.path, ip.src, etc.) with operators like contains,
matches (regex), eq, and in {CIDR}.
![aikido-pr-checks[bot]](https://avatars.githubusercontent.com/in/898896?s=60&v=4){kind=small}
| query: query, | ||
| uri: url, | ||
| full_uri: `${host}${url}`, | ||
| user_agent: |
There was a problem hiding this comment.
Header extraction for user-agent, cookie, referer and x-forwarded-for repeats the same ternary logic; extract a small helper (e.g., getHeaderString(headers, key)) to avoid duplication.
Details
✨ AI Reasoning
Multiple header fields are extracted using the same ternary pattern and repeated inline: this repeats identical logic (check typeof header key is string ? use it : undefined) for user-agent, cookie, referer, and x-forwarded-for. Consolidating into a small helper would reduce repetitive code and the chance of inconsistent changes when adding more headers.
🔧 How do I fix it?
Delete extra code. Extract repeated code sequences into reusable functions or methods. Use loops or data structures to eliminate repetitive patterns.
Reply @AikidoSec feedback: [FEEDBACK] to get better review comments in the future.
Reply @AikidoSec ignore: [REASON] to ignore this issue.
More info
1 participant
Use Cloudflare's wirefilter engine (via zen-internals WASM) to evaluate WAF rules against HTTP requests. Rules come from the config API and get checked in the middleware per request.
Summary by Aikido
🚀 New Features
⚡ Enhancements
More info