From 02472969f8c41a26965b887f1a4c1b95a641863f Mon Sep 17 00:00:00 2001 From: GoEdgeLab Date: Wed, 15 Nov 2023 15:12:58 +0800 Subject: [PATCH] =?UTF-8?q?WAF=E4=BA=BA=E6=9C=BA=E8=AF=86=E5=88=AB?= =?UTF-8?q?=E5=AE=9E=E7=8E=B0=E7=82=B9=E5=87=BB=E9=AA=8C=E8=AF=81=E5=92=8C?= =?UTF-8?q?=E6=BB=91=E5=8A=A8=E8=A7=A3=E9=94=81=E9=AA=8C=E8=AF=81/?= =?UTF-8?q?=E5=8D=95=E4=B8=AA=E7=BD=91=E7=AB=99=E5=8F=AF=E4=BB=A5=E8=AE=BE?= =?UTF-8?q?=E7=BD=AE=E9=BB=98=E8=AE=A4=E7=9A=84=E4=BA=BA=E6=9C=BA=E8=AF=86?= =?UTF-8?q?=E5=88=AB=E6=96=B9=E5=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/gen/generate.go | 24 +++++++--- internal/web/actions/default/ui/components.go | 24 +++++++--- .../http-firewall-captcha-options-viewer.js | 17 +++++-- .../server/http-firewall-captcha-options.js | 45 ++++++++++++++++--- .../server/http-firewall-config-box.js | 21 +++++++-- .../servers/components/waf/policy.html | 2 +- .../servers/components/waf/update.html | 2 +- 7 files changed, 107 insertions(+), 28 deletions(-) diff --git a/internal/gen/generate.go b/internal/gen/generate.go index bba6e7b4..aacaa626 100644 --- a/internal/gen/generate.go +++ b/internal/gen/generate.go @@ -63,7 +63,7 @@ func generateComponentsJSFile() error { } else { buffer.WriteString("window.REQUEST_COND_COMPONENTS = ") buffer.Write(typesJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // 条件操作符 @@ -73,7 +73,7 @@ func generateComponentsJSFile() error { } else { buffer.WriteString("window.REQUEST_COND_OPERATORS = ") buffer.Write(requestOperatorsJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // 请求变量 @@ -83,7 +83,7 @@ func generateComponentsJSFile() error { } else { buffer.WriteString("window.REQUEST_VARIABLES = ") buffer.Write(requestVariablesJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // 指标 @@ -93,7 +93,7 @@ func generateComponentsJSFile() error { } else { buffer.WriteString("window.METRIC_HTTP_KEYS = ") buffer.Write(metricHTTPKeysJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // IP地址阈值项目 @@ -103,7 +103,7 @@ func generateComponentsJSFile() error { } else { buffer.WriteString("window.IP_ADDR_THRESHOLD_ITEMS = ") buffer.Write(ipAddrThresholdItemsJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // IP地址阈值动作 @@ -113,7 +113,7 @@ func generateComponentsJSFile() error { } else { buffer.WriteString("window.IP_ADDR_THRESHOLD_ACTIONS = ") buffer.Write(ipAddrThresholdActionsJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // WAF操作符 @@ -123,7 +123,17 @@ func generateComponentsJSFile() error { } else { buffer.WriteString("window.WAF_RULE_OPERATORS = ") buffer.Write(wafOperatorsJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) + } + + // WAF验证码类型 + captchaTypesJSON, err := json.Marshal(firewallconfigs.FindAllCaptchaTypes()) + if err != nil { + logs.Println("ComponentsAction marshal captcha types failed: " + err.Error()) + } else { + buffer.WriteString("window.WAF_CAPTCHA_TYPES = ") + buffer.Write(captchaTypesJSON) + buffer.Write([]byte{';', '\n', '\n'}) } fp, err := os.OpenFile(filepath.Clean(Tea.PublicFile("/js/components.src.js")), os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0777) diff --git a/internal/web/actions/default/ui/components.go b/internal/web/actions/default/ui/components.go index a8533f5d..5140ffdb 100644 --- a/internal/web/actions/default/ui/components.go +++ b/internal/web/actions/default/ui/components.go @@ -71,7 +71,7 @@ func (this *ComponentsAction) RunGet(params struct{}) { } else { buffer.WriteString("window.REQUEST_COND_COMPONENTS = ") buffer.Write(typesJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // 条件操作符 @@ -81,7 +81,7 @@ func (this *ComponentsAction) RunGet(params struct{}) { } else { buffer.WriteString("window.REQUEST_COND_OPERATORS = ") buffer.Write(requestOperatorsJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // 请求变量 @@ -91,7 +91,7 @@ func (this *ComponentsAction) RunGet(params struct{}) { } else { buffer.WriteString("window.REQUEST_VARIABLES = ") buffer.Write(requestVariablesJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // 指标 @@ -101,7 +101,7 @@ func (this *ComponentsAction) RunGet(params struct{}) { } else { buffer.WriteString("window.METRIC_HTTP_KEYS = ") buffer.Write(metricHTTPKeysJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // IP地址阈值项目 @@ -111,7 +111,7 @@ func (this *ComponentsAction) RunGet(params struct{}) { } else { buffer.WriteString("window.IP_ADDR_THRESHOLD_ITEMS = ") buffer.Write(ipAddrThresholdItemsJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // IP地址阈值动作 @@ -121,7 +121,7 @@ func (this *ComponentsAction) RunGet(params struct{}) { } else { buffer.WriteString("window.IP_ADDR_THRESHOLD_ACTIONS = ") buffer.Write(ipAddrThresholdActionsJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) } // WAF操作符 @@ -131,7 +131,17 @@ func (this *ComponentsAction) RunGet(params struct{}) { } else { buffer.WriteString("window.WAF_RULE_OPERATORS = ") buffer.Write(wafOperatorsJSON) - buffer.Write([]byte{'\n', '\n'}) + buffer.Write([]byte{';', '\n', '\n'}) + } + + // WAF验证码类型 + captchaTypesJSON, err := json.Marshal(firewallconfigs.FindAllCaptchaTypes()) + if err != nil { + logs.Println("ComponentsAction marshal captcha types failed: " + err.Error()) + } else { + buffer.WriteString("window.WAF_CAPTCHA_TYPES = ") + buffer.Write(captchaTypesJSON) + buffer.Write([]byte{';', '\n', '\n'}) } componentsData = buffer.Bytes() diff --git a/web/public/js/components/server/http-firewall-captcha-options-viewer.js b/web/public/js/components/server/http-firewall-captcha-options-viewer.js index e6550f4a..440c7516 100644 --- a/web/public/js/components/server/http-firewall-captcha-options-viewer.js +++ b/web/public/js/components/server/http-firewall-captcha-options-viewer.js @@ -25,7 +25,8 @@ Vue.component("http-firewall-captcha-options-viewer", { } return { options: options, - summary: "" + summary: "", + captchaTypes: window.WAF_CAPTCHA_TYPES } }, methods: { @@ -43,8 +44,18 @@ Vue.component("http-firewall-captcha-options-viewer", { if (this.options.failBlockScopeAll) { summaryList.push("全局封禁") } - if (this.options.uiIsOn) { - summaryList.push("定制UI") + let that = this + let typeDef = this.captchaTypes.$find(function (k, v) { + return v.code == that.options.captchaType + }) + if (typeDef != null) { + summaryList.push("默认验证方式:" + typeDef.name) + } + + if (this.options.captchaType == "default") { + if (this.options.uiIsOn) { + summaryList.push("定制UI") + } } if (summaryList.length == 0) { this.summary = "默认配置" diff --git a/web/public/js/components/server/http-firewall-captcha-options.js b/web/public/js/components/server/http-firewall-captcha-options.js index 54686f3b..7adb8b5c 100644 --- a/web/public/js/components/server/http-firewall-captcha-options.js +++ b/web/public/js/components/server/http-firewall-captcha-options.js @@ -7,6 +7,7 @@ Vue.component("http-firewall-captcha-options", { let options = this.vCaptchaOptions if (options == null) { options = { + captchaType: "default", countLetters: 0, life: 0, maxFails: 0, @@ -27,11 +28,17 @@ Vue.component("http-firewall-captcha-options", { if (options.countLetters <= 0) { options.countLetters = 6 } + + if (options.captchaType == null || options.captchaType.length == 0) { + options.captchaType = "default" + } + return { options: options, isEditing: false, summary: "", - uiBodyWarning: "" + uiBodyWarning: "", + captchaTypes: window.WAF_CAPTCHA_TYPES } }, watch: { @@ -73,6 +80,9 @@ Vue.component("http-firewall-captcha-options", { "options.failBlockScopeAll": function (v) { this.updateSummary() }, + "options.captchaType": function (v) { + this.updateSummary() + }, "options.uiIsOn": function (v) { this.updateSummary() }, @@ -102,9 +112,21 @@ Vue.component("http-firewall-captcha-options", { if (this.options.failBlockScopeAll) { summaryList.push("全局封禁") } - if (this.options.uiIsOn) { - summaryList.push("定制UI") + + let that = this + let typeDef = this.captchaTypes.$find(function (k, v) { + return v.code == that.options.captchaType + }) + if (typeDef != null) { + summaryList.push("默认验证方式:" + typeDef.name) } + + if (this.options.captchaType == "default") { + if (this.options.uiIsOn) { + summaryList.push("定制UI") + } + } + if (summaryList.length == 0) { this.summary = "默认配置" } else { @@ -121,6 +143,15 @@ Vue.component("http-firewall-captcha-options", {
+ + + + - + + - + + - + - + + + + + - + diff --git a/web/views/@default/servers/components/waf/update.html b/web/views/@default/servers/components/waf/update.html index 3d999298..94da3584 100644 --- a/web/views/@default/servers/components/waf/update.html +++ b/web/views/@default/servers/components/waf/update.html @@ -42,7 +42,7 @@ - +
默认验证方式 + +

{{captchaDef.description}}

+
有效时间 @@ -158,7 +189,8 @@ Vue.component("http-firewall-captcha-options", {

是否在失败时全局封禁,默认为只封禁对单个网站的访问。
验证码中数字个数
定制UI
页面标题 diff --git a/web/public/js/components/server/http-firewall-config-box.js b/web/public/js/components/server/http-firewall-config-box.js index 53e9dae1..8fba73ef 100644 --- a/web/public/js/components/server/http-firewall-config-box.js +++ b/web/public/js/components/server/http-firewall-config-box.js @@ -7,14 +7,20 @@ Vue.component("http-firewall-config-box", { isPrior: false, isOn: false, firewallPolicyId: 0, - ignoreGlobalRules: false + ignoreGlobalRules: false, + defaultCaptchaType: "none" } } + if (firewall.defaultCaptchaType == null || firewall.defaultCaptchaType.length == 0) { + firewall.defaultCaptchaType = "none" + } + return { firewall: firewall, moreOptionsVisible: false, - execGlobalRules: !firewall.ignoreGlobalRules + execGlobalRules: !firewall.ignoreGlobalRules, + captchaTypes: window.WAF_CAPTCHA_TYPES } }, watch: { @@ -46,7 +52,7 @@ Vue.component("http-firewall-config-box", {
启用WAF启用Web防火墙

选中后,表示启用当前网站的WAF功能。

@@ -55,6 +61,15 @@ Vue.component("http-firewall-config-box", {
人机识别验证方式 + +
启用系统全局规则 diff --git a/web/views/@default/servers/components/waf/policy.html b/web/views/@default/servers/components/waf/policy.html index 377c4068..7c9e274c 100644 --- a/web/views/@default/servers/components/waf/policy.html +++ b/web/views/@default/servers/components/waf/policy.html @@ -33,7 +33,7 @@
验证码动作设置人机识别动作配置
验证码动作配置人机识别动作配置