Add nested rules
Add backend action, allow wildcard in backends
Remove poison from tree, update README with action table
Allow defining pass/fail actions on challenge,
Remove redirect/referer parameters on backend pass
Set challenge cookie tied to host
Rewrite DNSBL condition into a challenge
Allow passing an arbitrary path for assets to js challenges
Optimize programs exhaustively on compilation
Activation instead of map for CEL context, faster map access, new network override
Return valid host on cookie setting in case Host is an IP address.
bug: does not work with IPv6, see https://github.com/golang/go/issues/65521
Apply TLS fingerprinter on GetConfigForClient instead of GetCertificate
Cleanup go-away cookies before passing to backend
Code action for specifically replying with an HTTP code
