From 5bcbf29fc633369409d2fc90628bc794a53d1507 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=88=98=E7=A5=A5=E8=B6=85?= Date: Thu, 4 Jan 2024 14:52:47 +0800 Subject: [PATCH] =?UTF-8?q?WAF=E6=93=8D=E4=BD=9C=E7=AC=A6=E5=A2=9E?= =?UTF-8?q?=E5=8A=A0=E2=80=9C=E5=8C=85=E5=90=ABXSS=E6=B3=A8=E5=85=A5-?= =?UTF-8?q?=E4=B8=A5=E6=A0=BC=E6=A8=A1=E5=BC=8F=E2=80=9D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../firewallconfigs/http_firewall_rule_operator.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go b/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go index f9160aa..5de8c94 100644 --- a/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go +++ b/pkg/serverconfigs/firewallconfigs/http_firewall_rule_operator.go @@ -27,6 +27,7 @@ const ( HTTPFirewallRuleOperatorContainsAll HTTPFirewallRuleOperator = "contains all" HTTPFirewallRuleOperatorContainsSQLInjection HTTPFirewallRuleOperator = "contains sql injection" HTTPFirewallRuleOperatorContainsXSS HTTPFirewallRuleOperator = "contains xss" + HTTPFirewallRuleOperatorContainsXSSStrictly HTTPFirewallRuleOperator = "contains xss strictly" HTTPFirewallRuleOperatorHasKey HTTPFirewallRuleOperator = "has key" // has key in slice or map HTTPFirewallRuleOperatorVersionGt HTTPFirewallRuleOperator = "version gt" HTTPFirewallRuleOperatorVersionLt HTTPFirewallRuleOperator = "version lt" @@ -182,6 +183,13 @@ var AllRuleOperators = []*RuleOperatorDefinition{ CaseInsensitive: HTTPFirewallRuleCaseInsensitiveNone, DataType: "none", }, + { + Name: "包含XSS注入-严格模式", + Code: HTTPFirewallRuleOperatorContainsXSSStrictly, + Description: "更加严格地检测字符串内容是否包含XSS注入,相对于非严格模式,此时xml、audio、video等标签也会被匹配。", + CaseInsensitive: HTTPFirewallRuleCaseInsensitiveNone, + DataType: "none", + }, { Name: "包含二进制数据", Code: HTTPFirewallRuleOperatorContainsBinary,