TRKJ/EdgeAdmin
2
0
Fork 0
mirror of https://github.com/TeaOSLab/EdgeAdmin.git synced 2025-11-22 09:10:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

[waf]支持包含二进制、不支持二进制等操作符;支持对参数值编解码

Browse Source
This commit is contained in:
GoEdgeLab
2020-11-21 20:43:45 +08:00
parent 64e71fad5d
commit da795cfdd7
7 changed files with 120 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
internal/web/actions/default/servers/components/waf/createRulePopup.go
View File

@@ -28,7 +28,7 @@ func (this *CreateRulePopupAction) RunGet(params struct {
"name": checkpoint.Name, "name": checkpoint.Name,
"prefix": checkpoint.Prefix, "prefix": checkpoint.Prefix,
"description": checkpoint.Description, "description": checkpoint.Description,
"hasParams": len(checkpoint.Params) > 0, "hasParams": checkpoint.HasParams,
"params": checkpoint.Params, "params": checkpoint.Params,
"options": checkpoint.Options, "options": checkpoint.Options,
"isComposed": checkpoint.IsComposed, "isComposed": checkpoint.IsComposed,
@@ -53,13 +53,14 @@ func (this *CreateRulePopupAction) RunGet(params struct {
} }
func (this *CreateRulePopupAction) RunPost(params struct { func (this *CreateRulePopupAction) RunPost(params struct {
RuleId int64 RuleId int64
Prefix string Prefix string
Operator string Operator string
Param string Param string
OptionsJSON []byte ParamFiltersJSON []byte
Value string OptionsJSON []byte
Case bool Value string
Case bool
Must *actions.Must Must *actions.Must
}) { }) {
@@ -76,6 +77,17 @@ func (this *CreateRulePopupAction) RunPost(params struct {
} else { } else {
rule.Param = "${" + params.Prefix + "}" rule.Param = "${" + params.Prefix + "}"
} }
paramFilters := []*firewallconfigs.ParamFilter{}
if len(params.ParamFiltersJSON) > 0 {
err := json.Unmarshal(params.ParamFiltersJSON, &paramFilters)
if err != nil {
this.ErrorPage(err)
return
}
}
rule.ParamFilters = paramFilters
rule.Operator = params.Operator rule.Operator = params.Operator
rule.Value = params.Value rule.Value = params.Value
rule.IsCaseInsensitive = params.Case rule.IsCaseInsensitive = params.Case

1
internal/web/actions/default/servers/components/waf/group.go
View File

@@ -88,6 +88,7 @@ func (this *GroupAction) RunGet(params struct {
rule := v.(*firewallconfigs.HTTPFirewallRule) rule := v.(*firewallconfigs.HTTPFirewallRule)
return maps.Map{ return maps.Map{
"param": rule.Param, "param": rule.Param,
"paramFilters": rule.ParamFilters,
"operator": rule.Operator, "operator": rule.Operator,
"value": rule.Value, "value": rule.Value,
"isCaseInsensitive": rule.IsCaseInsensitive, "isCaseInsensitive": rule.IsCaseInsensitive,

72
web/public/js/components/server/http-firewall-param-filters-box.js Normal file
View File

@@ -0,0 +1,72 @@
Vue.component("http-firewall-param-filters-box", {
props: ["v-filters"],
data: function () {
let filters = this.vFilters
if (filters == null) {
filters = []
}
return {
filters: filters,
isAdding: false,
options: [
{name: "MD5", code: "md5"},
{name: "URLEncode", code: "urlEncode"},
{name: "URLDecode", code: "urlDecode"},
{name: "BASE64Encode", code: "base64Encode"},
{name: "BASE64Decode", code: "base64Decode"},
{name: "计算长度", code: "length"}
],
addingCode: ""
}
},
methods: {
add: function () {
this.isAdding = true
this.addingCode = ""
},
confirm: function () {
if (this.addingCode.length == 0) {
return
}
let that = this
this.filters.push(this.options.$find(function (k, v) {
return (v.code == that.addingCode)
}))
this.isAdding = false
},
cancel: function () {
this.isAdding = false
},
remove: function (index) {
this.filters.$remove(index)
}
},
template: `<div>
<input type="hidden" name="paramFiltersJSON" :value="JSON.stringify(filters)" />
<div v-if="filters.length > 0">
<div v-for="(filter, index) in filters" class="ui label small basic">
{{filter.name}} <a href="" title="删除" @click.prevent="remove(index)"><i class="icon remove"></i></a>
</div>
<div class="ui divider"></div>
</div>
<div v-if="isAdding">
<div class="ui fields inline">
<div class="ui field">
<select class="ui dropdown auto-width" v-model="addingCode">
<option value="">[请选择]</option>
<option v-for="option in options" :value="option.code">{{option.name}}</option>
</select>
</div>
<div class="ui field">
<button class="ui button tiny" type="button" @click.prevent="confirm()">确定</button>
&nbsp; <a href="" @click.prevent="cancel()" title="取消"><i class="icon remove"></i></a>
</div>
</div>
</div>
<div v-if="!isAdding">
<button class="ui button tiny" type="button" @click.prevent="add">+</button>
</div>
<p class="comment">可以对参数值进行特定的编解码处理。</p>
</div>`
})

4
web/public/js/components/server/http-firewall-rules-box.js
View File

@@ -38,8 +38,8 @@ Vue.component("http-firewall-rules-box", {
template: `<div> template: `<div>
<input type="hidden" name="rulesJSON" :value="JSON.stringify(rules)"/> <input type="hidden" name="rulesJSON" :value="JSON.stringify(rules)"/>
<div v-if="rules.length > 0"> <div v-if="rules.length > 0">
<div v-for="(rule, index) in rules" class="ui label tiny" style="margin-bottom: 0.5em"> <div v-for="(rule, index) in rules" class="ui label small basic" style="margin-bottom: 0.5em">
<span>{{rule.param}} <var v-if="rule.value.length > 0">{{rule.operator}}</var> {{rule.value}}</span> <span>{{rule.param}}<span v-if="rule.paramFilters != null && rule.paramFilters.length > 0" v-for="paramFilter in rule.paramFilters"> | {{paramFilter.code}}</span> <var v-if="rule.value.length > 0">{{rule.operator}}</var> {{rule.value}}</span>
<a href="" title="修改" @click.prevent="updateRule(index, rule)"><i class="icon pencil small"></i></a> <a href="" title="修改" @click.prevent="updateRule(index, rule)"><i class="icon pencil small"></i></a>
<a href="" title="删除" @click.prevent="removeRule(index)"><i class="icon remove"></i></a> <a href="" title="删除" @click.prevent="removeRule(index)"><i class="icon remove"></i></a>
</div> </div>

25
web/views/@default/servers/components/waf/createRulePopup.html
View File

@@ -20,13 +20,15 @@
<p class="comment" v-if="checkpoint != null"><span class="ui label tiny">${<em style="font-style: normal;">{{checkpoint.prefix}}</em>}</span>{{checkpoint.description}}</p> <p class="comment" v-if="checkpoint != null"><span class="ui label tiny">${<em style="font-style: normal;">{{checkpoint.prefix}}</em>}</span>{{checkpoint.description}}</p>
</td> </td>
</tr> </tr>
<!-- 参数名 -->
<tr v-if="checkpoint != null && checkpoint.hasParams"> <tr v-if="checkpoint != null && checkpoint.hasParams">
<td>参数名</td> <td>参数名</td>
<td> <td>
<select name="param" v-model="rule.checkpointParam" class="ui dropdown auto-width" v-if="checkpoint.params != null"> <select name="param" v-model="rule.checkpointParam" class="ui dropdown auto-width" v-if="checkpoint.params != null">
<option v-for="o in checkpoint.params" :value="o.value">{{o.name}}</option> <option v-for="o in checkpoint.params" :value="o.value">{{o.name}}</option>
</select> </select>
<input type="text" maxlength="100" v-model="rule.checkpointParam" v-if="checkpoint.params == null"/> <input type="text" name="param" maxlength="100" v-model="rule.checkpointParam" v-if="checkpoint.params == null"/>
</td> </td>
</tr> </tr>
@@ -40,6 +42,14 @@
</tr> </tr>
</tbody> </tbody>
<!-- 参数过滤器 -->
<tr v-if="checkpoint != null && !checkpoint.isComposed">
<td>编解码</td>
<td>
<http-firewall-param-filters-box :v-filters="rule.paramFilters"></http-firewall-param-filters-box>
</td>
</tr>
<!-- 选项 --> <!-- 选项 -->
<tbody v-if="checkpoint != null && !checkpoint.isComposed && checkpoint.options != null && checkpoint.options.length > 0"> <tbody v-if="checkpoint != null && !checkpoint.isComposed && checkpoint.options != null && checkpoint.options.length > 0">
<tr v-for="option in checkpoint.options"> <tr v-for="option in checkpoint.options">
@@ -91,7 +101,18 @@
<tr> <tr>
<td>对比值</td> <td>对比值</td>
<td> <td>
<textarea rows="3" maxlength="4096" name="value" v-model="rule.value"></textarea> <!-- 二进制数据 -->
<div v-if="rule.operator != 'contains binary'">
<textarea rows="3" maxlength="4096" name="value" v-model="rule.value"></textarea>
<p class="comment">将二进制进行Base64Encode后放在这里比如<code-label>Hello</code-label>对应<code-label>SGVsbG8=</code-label></p>
</div>
<div v-else-if="rule.operator != 'not contains binary'">
<textarea rows="3" maxlength="4096" name="value" v-model="rule.value"></textarea>
<p class="comment">将二进制进行Base64Encode后放在这里比如<code-label>Hello</code-label>对应<code-label>SGVsbG8=</code-label></p>
</div>
<!-- 其余数据 -->
<textarea rows="3" maxlength="4096" name="value" v-model="rule.value" v-else></textarea>
</td> </td>
</tr> </tr>
</tbody> </tbody>

1
web/views/@default/servers/components/waf/createRulePopup.js
View File

@@ -5,6 +5,7 @@ Tea.context(function () {
this.rule = { this.rule = {
id: 0, id: 0,
param: "", param: "",
paramFilters: [],
checkpointPrefix: "", checkpointPrefix: "",
checkpointParam: "", checkpointParam: "",
value: "", value: "",

2
web/views/@default/servers/components/waf/group.html
View File

@@ -48,7 +48,7 @@
</td> </td>
<td class="rules-box"> <td class="rules-box">
<div v-for="rule in set.rules" style="margin-top: 0.4em;margin-bottom:0.4em"> <div v-for="rule in set.rules" style="margin-top: 0.4em;margin-bottom:0.4em">
<span class="ui label tiny basic">{{rule.name}}[{{rule.param}}] <var :class="{dash:rule.isCaseInsensitive}" :title="rule.isCaseInsensitive ? '大小写不敏感':''" v-if="!rule.isComposed">{{rule.operator}}</var> {{rule.value}}</span> <span class="ui label tiny basic">{{rule.name}}[{{rule.param}}] <span v-if="rule.paramFilters != null && rule.paramFilters.length > 0" v-for="paramFilter in rule.paramFilters"> | {{paramFilter.code}}</span> <var :class="{dash:rule.isCaseInsensitive}" :title="rule.isCaseInsensitive ? '大小写不敏感':''" v-if="!rule.isComposed">{{rule.operator}}</var> {{rule.value}}</span>
</div> </div>
<span class="ui disabled" v-if="set.rules.length == 0">暂时还没有规则</span> <span class="ui disabled" v-if="set.rules.length == 0">暂时还没有规则</span>
</td> </td>