WAF策略增加“最多检查内容尺寸“选项

2025-11-14 12:20:27 +08:00 · 2023-08-02 16:58:45 +08:00
parent c018691899
commit ad83c052ad
6 changed files with 168 additions and 119 deletions
--- a/internal/web/actions/default/servers/components/waf/policy.go
+++ b/internal/web/actions/default/servers/components/waf/policy.go
@@ -1,6 +1,7 @@
 package waf
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils/numberutils"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
@@ -98,6 +99,8 @@ func (this *PolicyAction) RunGet(params struct {
 		"useLocalFirewall":         firewallPolicy.UseLocalFirewall,
 		"synFlood":                 firewallPolicy.SYNFlood,
 		"log":                      firewallPolicy.Log,
 		"maxRequestBodySize":       firewallPolicy.MaxRequestBodySize,
 		"maxRequestBodySizeFormat": numberutils.FormatBytes(firewallPolicy.MaxRequestBodySize),
 	}
 	// 正在使用此策略的集群
--- a/internal/web/actions/default/servers/components/waf/update.go
+++ b/internal/web/actions/default/servers/components/waf/update.go
@@ -9,6 +9,7 @@ import (
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/firewallconfigs"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
 	"github.com/iwind/TeaGo/types"
 	"net/http"
 )
@@ -74,6 +75,7 @@ func (this *UpdateAction) RunGet(params struct {
 		"useLocalFirewall":   firewallPolicy.UseLocalFirewall,
 		"synFloodConfig":     firewallPolicy.SYNFlood,
 		"log":                firewallPolicy.Log,
 		"maxRequestBodySize": types.String(firewallPolicy.MaxRequestBodySize),
 	}
 	// 预置分组
@@ -110,6 +112,7 @@ func (this *UpdateAction) RunPost(params struct {
 	UseLocalFirewall   bool
 	SynFloodJSON       []byte
 	LogJSON            []byte
 	MaxRequestBodySize int64
 	Must *actions.Must
 }) {
@@ -134,6 +137,11 @@ func (this *UpdateAction) RunPost(params struct {
 		this.Fail("验证码动作参数校验失败：" + err.Error())
 	}
 	// 最大内容尺寸
 	if params.MaxRequestBodySize < 0 {
 		params.MaxRequestBodySize = 0
 	}
 	_, err = this.RPC().HTTPFirewallPolicyRPC().UpdateHTTPFirewallPolicy(this.AdminContext(), &pb.UpdateHTTPFirewallPolicyRequest{
 		HttpFirewallPolicyId: params.FirewallPolicyId,
 		IsOn:                 params.IsOn,
@@ -146,6 +154,7 @@ func (this *UpdateAction) RunPost(params struct {
 		UseLocalFirewall:     params.UseLocalFirewall,
 		SynFloodJSON:         params.SynFloodJSON,
 		LogJSON:              params.LogJSON,
 		MaxRequestBodySize:   params.MaxRequestBodySize,
 	})
 	if err != nil {
 		this.ErrorPage(err)
--- a/web/views/@default/servers/components/waf/createPopup.html
+++ b/web/views/@default/servers/components/waf/createPopup.html
@@ -30,7 +30,7 @@
 				</td>
 			</tr>
 		 	<tr>
-				<td>是否启用</td>
+				<td>启用当前策略</td>
 				<td>
 					<div class="ui checkbox">
 						<input type="checkbox" name="isOn" value="1" checked="checked"/>
--- a/web/views/@default/servers/components/waf/policy.html
+++ b/web/views/@default/servers/components/waf/policy.html
@@ -74,6 +74,13 @@
            <span v-else>不记录</span>
        </td>
    </tr>
    <tr>
        <td>最多检查内容尺寸</td>
        <td>
            <span v-if="firewallPolicy.maxRequestBodySize == 0" class="disabled">使用默认</span>
            <span v-else>{{firewallPolicy.maxRequestBodySizeFormat}}</span>
        </td>
    </tr>
    <tr>
        <td>描述</td>
        <td>
--- a/web/views/@default/servers/components/waf/update.html
+++ b/web/views/@default/servers/components/waf/update.html
@@ -82,6 +82,17 @@
                    <p class="comment">选中后，表示在访问日志中记录区域封禁（地区和省份）事件。</p>
                </td>
            </tr>
            <tr>
                <td>最多检查内容尺寸</td>
                <td>
                    <input type="hidden" name="maxRequestBodySize" v-model="maxRequestBodySize"/>
                    <div class="ui input right labeled">
                        <input type="text" style="width: 10em" maxlength="10" v-model="firewallPolicy.maxRequestBodySize" @input="changeMaxRequestBodySize(firewallPolicy.maxRequestBodySize)"/>
                        <span class="ui label">字节</span>
                    </div>
                    <p class="comment"><span v-if="maxRequestBodySize > 0">当前：{{maxRequestBodySizeFormat}}。</span>WAF能够分析的最大文件内容尺寸，0表示默认，默认为1MB；此值越大，对应使用的系统内存越多，除非特殊情况，否则请谨慎修改。</p>
                </td>
            </tr>
            <tr>
                <td>描述</td>
                <td>
@@ -89,7 +100,7 @@
                </td>
            </tr>
            <tr>
-                    <td>是否启用</td>
+                <td>启用当前策略</td>
                <td>
                    <div class="ui checkbox">
                        <input type="checkbox" name="isOn" value="1" v-model="firewallPolicy.isOn"/>
--- a/web/views/@default/servers/components/waf/update.js
+++ b/web/views/@default/servers/components/waf/update.js
@@ -1,3 +1,22 @@
 Tea.context(function () {
 	this.success = NotifySuccess("保存成功", "/servers/components/waf/policy?firewallPolicyId=" + this.firewallPolicyId)
 	this.maxRequestBodySize = this.firewallPolicy.maxRequestBodySize
 	this.maxRequestBodySizeFormat = teaweb.formatBytes(this.maxRequestBodySize)
 	if (this.maxRequestBodySize == 0) {
 		this.maxRequestBodySizeFormat = ""
 	}
 	this.changeMaxRequestBodySize = function (v) {
 		if (v.toString().length == 0) {
 			this.maxRequestBodySize = 0
 			this.maxRequestBodySizeFormat = teaweb.formatBytes(this.maxRequestBodySize)
 			return
 		}
 		let size = parseInt(v)
 		if (!isNaN(size) && size >= 0) {
 			this.maxRequestBodySize = size
 			this.maxRequestBodySizeFormat = teaweb.formatBytes(this.maxRequestBodySize)
 		}
 	}
 })