From 699ed00e40e13aa117cad5a8f2dd4a12376d003b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E7=A5=A5=E8=B6=85?= <iwind.liu@gmail.com>
Date: Fri, 10 Sep 2021 10:31:56 +0800
Subject: [PATCH] =?UTF-8?q?WAF=E4=B8=AD=E6=B7=BB=E5=8A=A0=E6=AD=A3?=
 =?UTF-8?q?=E5=88=99=E7=9B=B8=E5=85=B3=E8=A7=84=E5=88=99=E6=97=B6=E6=A0=A1?=
 =?UTF-8?q?=E9=AA=8C=E6=AD=A3=E5=88=99=E8=A1=A8=E8=BE=BE=E5=BC=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../firewallconfigs/http_firewall_rule.go         | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/pkg/serverconfigs/firewallconfigs/http_firewall_rule.go b/pkg/serverconfigs/firewallconfigs/http_firewall_rule.go
index 1314a96..f76da2d 100644
--- a/pkg/serverconfigs/firewallconfigs/http_firewall_rule.go
+++ b/pkg/serverconfigs/firewallconfigs/http_firewall_rule.go
@@ -1,6 +1,7 @@
 package firewallconfigs
 
 import (
+	"errors"
 	"regexp"
 	"strings"
 )
@@ -21,6 +22,20 @@ type HTTPFirewallRule struct {
 
 func (this *HTTPFirewallRule) Init() error {
 	// TODO 执行更严谨的校验
+
+	switch this.Operator {
+	case HTTPFirewallRuleOperatorMatch:
+		_, err := regexp.Compile(this.Value)
+		if err != nil {
+			return errors.New("regexp validate failed: " + err.Error())
+		}
+	case HTTPFirewallRuleOperatorNotMatch:
+		_, err := regexp.Compile(this.Value)
+		if err != nil {
+			return errors.New("regexp validate failed: " + err.Error())
+		}
+	}
+
 	return nil
 }