TRKJ/EdgeAdmin
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAdmin.git synced 2025-11-04 13:10:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

修复非gcc下编译错误

Browse Source
This commit is contained in:
刘祥超
2024-03-21 17:38:24 +08:00
parent 4edec8b20b
commit b4dace1253
4 changed files with 29 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/web/helpers/user_must_auth.go
View File

@@ -7,7 +7,6 @@ import (
"github.com/TeaOSLab/EdgeAdmin/internal/goman" "github.com/TeaOSLab/EdgeAdmin/internal/goman"
"github.com/TeaOSLab/EdgeAdmin/internal/rpc" "github.com/TeaOSLab/EdgeAdmin/internal/rpc"
"github.com/TeaOSLab/EdgeAdmin/internal/setup" "github.com/TeaOSLab/EdgeAdmin/internal/setup"
"github.com/TeaOSLab/EdgeAdmin/internal/waf/injectionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/index/loginutils" "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/index/loginutils"
"github.com/TeaOSLab/EdgeCommon/pkg/langs" "github.com/TeaOSLab/EdgeCommon/pkg/langs"
"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs" "github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
@@ -117,7 +116,7 @@ func (this *userMustAuth) BeforeAction(actionPtr actions.ActionWrapper, paramNam
} }
// 检测注入 // 检测注入
if injectionutils.DetectXSS(action.Request.RequestURI, false) || injectionutils.DetectSQLInjection(action.Request.RequestURI, false) { if !safeFilterRequest(action.Request) {
action.ResponseWriter.WriteHeader(http.StatusForbidden) action.ResponseWriter.WriteHeader(http.StatusForbidden)
_, _ = action.ResponseWriter.Write([]byte("Denied By WAF")) _, _ = action.ResponseWriter.Write([]byte("Denied By WAF"))
return false return false

3
internal/web/helpers/user_should_auth.go
View File

@@ -4,7 +4,6 @@ import (
"github.com/TeaOSLab/EdgeAdmin/internal/configloaders" "github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const" teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
"github.com/TeaOSLab/EdgeAdmin/internal/utils/numberutils" "github.com/TeaOSLab/EdgeAdmin/internal/utils/numberutils"
"github.com/TeaOSLab/EdgeAdmin/internal/waf/injectionutils"
"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/index/loginutils" "github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/index/loginutils"
"github.com/iwind/TeaGo/actions" "github.com/iwind/TeaGo/actions"
"net/http" "net/http"
@@ -29,7 +28,7 @@ func (this *UserShouldAuth) BeforeAction(actionPtr actions.ActionWrapper, paramN
} }
// 检测注入 // 检测注入
if injectionutils.DetectXSS(this.action.Request.RequestURI, false) || injectionutils.DetectSQLInjection(this.action.Request.RequestURI, false) { if !safeFilterRequest(this.action.Request) {
this.action.ResponseWriter.WriteHeader(http.StatusForbidden) this.action.ResponseWriter.WriteHeader(http.StatusForbidden)
_, _ = this.action.ResponseWriter.Write([]byte("Denied By WAF")) _, _ = this.action.ResponseWriter.Write([]byte("Denied By WAF"))
return false return false

14
internal/web/helpers/utils_gcc.go Normal file
View File

@@ -0,0 +1,14 @@
// Copyright 2024 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
//go:build gcc
package helpers
import (
"github.com/TeaOSLab/EdgeAdmin/internal/waf/injectionutils"
"net/http"
)
// filter request
func safeFilterRequest(req *http.Request) bool {
return !injectionutils.DetectXSS(req.RequestURI, false) && !injectionutils.DetectSQLInjection(req.RequestURI, false)
}

13
internal/web/helpers/utils_none_gcc.go Normal file
View File

@@ -0,0 +1,13 @@
// Copyright 2024 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
//go:build !gcc
package helpers
import (
"net/http"
)
// filter request
func safeFilterRequest(req *http.Request) bool {
return true
}