Description
This Macro Expansion support was discussed in #324, but I found that the example in that issue is not very convincing:
tag:'http://www.owasp.org/index.php?title=ModSecurity_CRS_RuleID-%{rule.id}
The rule id can be determined during writing this rule, so there is no need to get its value at run time.
I think we may cancel this Macro Expansion support to tag action because:
A. It impacts performance. If we remove this support, it can reduce the overhead of tag action with each hit rules, and SecRuleRemoveByTag/ruleRemoveByTag and SecRuleUpdateTargetByTag/ruleRemoveTargetByTag can be more efficient.
B. The scenario to use this Macro Expansion in tag is very rare. I only see two place in CRS:
# SecDefaultAction "phase:1,log,auditlog,redirect:'http://%{request_headers.host}/',tag:'Host: %{request_headers.host}'"
\ # SecDefaultAction "phase:2,log,auditlog,redirect:'http://%{request_headers.host}/',tag:'Host: %{request_headers.host}'"
C. If we do need this, we can use msg action instead which also supports Macro Expansion.
I can submit a PR if we decide to cancel Macro Expansion support to tag action eventually.