Skip to content

[WAF] Clarify leaked credentials behavior #20913

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Mar 18, 2025
Merged

[WAF] Clarify leaked credentials behavior #20913

merged 3 commits into from
Mar 18, 2025

Conversation

@pedrosousa
Copy link
Contributor

@pedrosousa pedrosousa commented Mar 18, 2025

Summary

Closes #20903.

@pedrosousa pedrosousa requested review from a team as code owners March 18, 2025 12:46
@hyperlint-ai
Copy link
Contributor

hyperlint-ai bot commented Mar 18, 2025

Howdy and thanks for contributing to our repo. The Cloudflare team reviews new, external PRs within two (2) weeks. If it's been two weeks or longer without any movement, please tag the PR Assignees in a comment.

We review internal PRs within 1 week. If it's something urgent or has been sitting without a comment, start a thread in the Developer Docs space internally.

PR Change Summary

Clarified the behavior of leaked credentials detection in the WAF documentation.

  • Updated the explanation of how leaked credentials are detected and the implications for users.
  • Added information about the handling of plaintext passwords during credential checks.
  • Clarified the purpose of the Exposed-Credential-Check request header.

Modified Files

  • src/content/docs/waf/detections/leaked-credentials/index.mdx
How can I customize these reviews?

Check out the Hyperlint AI Reviewer docs for more information on how to customize the review.

If you just want to ignore it on this PR, you can add the hyperlint-ignore label to the PR. Future changes won't trigger a Hyperlint review.

Note specifically for link checks, we only check the first 30 links in a file and we cache the results for several hours (for instance, if you just added a page, you might experience this). Our recommendation is to add hyperlint-ignore to the PR to ignore the link check for this PR.

What is Hyperlint?

Hyperlint is an AI agent that helps you write, edit, and maintain your documentation.

Learn more about the Hyperlint AI reviewer and the checks that we can run on your documentation.

@github-actions
Copy link
Contributor

github-actions bot commented Mar 18, 2025
edited
Loading

Preview URL: https://4b9e9a5f.preview.developers.cloudflare.com
Preview Branch URL: https://pedro-issue20903-waf-clarify-lcc.preview.developers.cloudflare.com

Files with changes (up to 15)

Original Link Updated Link
https://developers.cloudflare.com/waf/detections/leaked-credentials/ https://pedro-issue20903-waf-clarify-lcc.preview.developers.cloudflare.com/waf/detections/leaked-credentials/

@pedrosousa pedrosousa merged commit 55ad66c into production Mar 18, 2025
11 checks passed
@pedrosousa pedrosousa deleted the pedro/issue20903-waf-clarify-lcc branch March 18, 2025 16:04
daisyfaithauma pushed a commit that referenced this pull request Mar 18, 2025
@pedrosousa @daisyfaithauma
[WAF] Clarify leaked credentials behavior (#20913)
e4151cf
RebeccaTamachiro pushed a commit that referenced this pull request Apr 21, 2025
@pedrosousa @RebeccaTamachiro
[WAF] Clarify leaked credentials behavior (#20913)
9e65f6b
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marciocloudflare marciocloudflare marciocloudflare approved these changes

Assignees

No one assigned

Labels

product:waf size/xs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Leaked Credentials Detection docs needs better explanation and more safety reassurances

2 participants

@pedrosousa @marciocloudflare